I'll see if I can give it a quick test on a Mac sometime tomorrow.
EDIT: I managed to get it working, although T-Mobile's so-called "transparent" web proxy is barely working today so I was having trouble accessing websites without getting errors. SSH was working fine, though. Anyway, here's what I did:
1- Installed a MacOS port of OpenVPN called Tunnelblick (didn't have XCode handy to compile my own and it's got a pretty GUI)
2- Copied azilink.ovpn to /users/azi/library/openvpn or whatever it is
3- Click the Tunnelblick icon in the upper-right, go to details, click "set nameserver"
4- Remove the TCP_NODELAY line because it was complaining that my kernel didn't support it (and would cause my connection to timeout after about 30 seconds).
5- Clicked connect
If you want to see what traffic's going over openvpn, you can just run "sudo tcpdump -n -i tun0"
Hi,
I found this very useful when used with Ubuntu. The openvpn is stable with repeated connection and disconnections of the USB cable and the link comes back up almost always. Wifi speeds through the G1 were around 2Mbps which is the wire speed for my broadband link. 3G is pretty good also and I could run IPSec and VoIP over the link making it very useful.
There were a couple of things that tripped me up:
1) If I connect Ubuntu to G1 the openvpn link comes up as expected. If I then disconnect the USB cable and reconnect within 10s or so the openvpn link comes up momentarily. However in adb logcat I then see a message from azilink indicating it is closing the connection because it didn't see a keepalive in the previous 30s. This is odd because data is being sent/received after the reconnection. Either openvpn on Ubuntu has stopped sending keepalives or azilink has stopped receiving. Longer disconnect times do not exhibit this behaviour.
2) Change of WAN link from Wifi<->3G
During an active connection if I change from Wifi to 3G or vice versa I need to restart the azilink service to complete the switchover. From the azilink byte counter the send count continues to rise but the receive stays on zero until I restart the service.
Thought aziwoqpd may find the feedback useful.
Regards,
Frank
Tue Jul 07 01:09:57 2009 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
After wresting with this a bit today, I think I've got this working on OS X. Making the vpn connection worked fine with both the openvpn2 client from MacPorts and Tunnelblick, but getting proper DNS resolution setup was the only tricky part.
Setting your DNS resolver on OS X Leopard is a bit trickier than just adding an entry in /etc/resolv.conf, since that file is auto generated by the networking system, and really only exists for backwards compatibility with older tools like 'host' and 'dig'. Properly setting up DNS requires messing with some entries in the 'scutil' command line tool.
I didn't have much luck with Tunnelblick's supposed "Set nameserver" feature, as it only seemed to work when I had an existing wired, wireless, or some other kind of primary connection. So I dug around in the Tunnelblick.app to see if there was anything worth looking at, and came across /Applications/Tunnelblick.app/Contents/Resources/client.up.osx.sh. Tunnelblick calls this script after setting up the vpn connection to apply and DNS settings from your openvpn config to the existing primary adapter (e.g. wired, wireless). Since I'm using this to tether to the phone and don't have an existing primary connection, I think the the client.up.osx.sh script fails when it's unable to find an existing connection.
So, you could modify Tunnelblick's client.up script to do something a little different, but I actually just decided to whip up a custom script that uses the openvpn2 from MacPorts so I could just run one command on a terminal to set the whole thing up for me (including adb port forwarding), and tear it down when I ctrl+c it.
Have a looksie if interested:
http://pastie.org/405289
Hi,
nice work.
I wonder if it is possible to do it in the other direction?
Android using the internet connection over usb of a laptop/pc connected over ethernet.
This will help to save some mobile data traffic.
fanaticsurf
Mon Sep 28 12:53:04 2009 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2
006
Mon Sep 28 12:53:04 2009 IMPORTANT: OpenVPN's default port number is now 1194, b
ased on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earl
ier used 5000 as the default port.
Mon Sep 28 12:53:04 2009 WARNING: --ping should normally be used with --ping-res
tart or --ping-exit
Mon Sep 28 12:53:04 2009 ******* WARNING *******: all encryption and authenticat
ion features disabled -- all data will be tunnelled as cleartext
Mon Sep 28 12:53:04 2009 TAP-WIN32 device [Connessione alla rete locale (LAN) 5]
opened: \\.\Global\{545116FE-5567-40C3-8325-D659C7E7D665}.tap
Mon Sep 28 12:53:04 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 1
92.168.56.2/255.255.255.252 on interface {545116FE-5567-40C3-8325-D659C7E7D665}
[DHCP-serv: 192.168.56.1, lease-time: 31536000]
Mon Sep 28 12:53:04 2009 Successful ARP Flush on interface [131076] {545116FE-55
67-40C3-8325-D659C7E7D665}
Mon Sep 28 12:53:04 2009 UDPv4 link local (bound): [undef]:1194
Mon Sep 28 12:53:04 2009 UDPv4 link remote: 127.0.0.1:41927
Mon Sep 28 12:53:04 2009 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Sep 28 12:53:04 2009 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Sep 28 12:53:04 2009 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Mon Sep 28 12:53:04 2009 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
So, you could modify Tunnelblick's client.up script to do something a little different, but I actually just decided to whip up a custom script that uses the openvpn2 from MacPorts so I could just run one command on a terminal to set the whole thing up for me (including adb port forwarding), and tear it down when I ctrl+c it.
Have a looksie if interested:
http://pastie.org/405289