FORUMS
Remove All Ads from XDA

[APP][root][5.0+] VPN Hotspot: VPN tethering/Wi-Fi repeater (open source)

302 posts
Thanks Meter: 104
 
Post Reply Email Thread
13th May 2018, 04:15 PM |#21  
Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by blambo

Long version:

  • In primary device WiFi settings, set up the native hotspot, (SSID & pass). Keep hotspot off, exit settings. Bring up the 'VPN Hotspot' app, click on, and activate 'Tethering', then 'wlan0'.
  • NOW connect all of your secondary external devices to the primary tether and receive an IP address.
    THEN connect to your VPN on the primary . All secondary connected devices will be tunneled through the primary's VPN.
  • If you disconnect a secondary, then want to reconnect the secondary to the primary's hotspot, you will have to disable the VPN on primary, then connect secondary, then reactivate the VPN on the primary.

Short version:

Connect secondary devices, including Windows machines, to primary hotspot, receive IP address before you activate the VPN. (AFAIK this is true of all VPN tethering apps.)

It may sound tedious, but really it's not. After you do it once, you'll get it. Super easy.

Note: Same drill in 'Repeater' mode.

Thank you! Here is what I've found out.

My VPN server has an IPv4 address. Following your instructions, after being connected successfully, whatismyip.com shows that my secondary device's IPv4 addr is the same as my VPN server (great!), however its IPv6 addr is from Sprint. If I visit whatismyip.com directly on the primary device, it shows an IPv4 addr same as VPN server but no IPv6 addr detected. Maybe IPv6 traffic isn't re-routed properly like IPv4 traffic through VPN tethering?
 
 
13th May 2018, 07:33 PM |#22  
blambo's Avatar
Senior Member
Thanks Meter: 70
 
More
Quote:
Originally Posted by TopGun2000

Thank you! Here is what I've found out.
IPv6 traffic isn't re-routed properly like IPv4 traffic through VPN tethering?

A lot of variables with IPv6, and a different strategy required to basically connect. (Sprint has IPv6 native support, but many VPNs do not... (DNS leaks).
The following method is less than 50/50 for connecting in a pure IPv6 VPN environment, but VPN tethering does work.

Go to your primary's APN settings, make sure that only IPv6 is enabled.
Connect to your VPN. If it connects successfully and you have an IPv6 remote IP address, you now know that the VPN IPv6 does in fact work at some basic level,
Keep the VPN active, do not turn it off.

Activate 'VPN Hotspot' "Tethering" mode, (Wi-Fi hotspot then wlan0).
Now connect secondary devices, including windows machines, they should all have some sort of connectivity with primary's VPN tunnel address.

-FYI: You can run an OpenVPN server on a cheap VPS and set it to be IPv6 persistent, (but of course that is for another time & place).
Also, AnyConnect/OpenConnect VPN shared tether access with IPv6 can very slow to connect, settings problematic, and even then more than somewhat flaky.
14th May 2018, 12:11 AM |#23  
Member
Thanks Meter: 7
 
More
This app is just awesome!
Now, i´m able to share my VPN connection without drops on hammerhead running DU 12.2
14th May 2018, 12:25 AM |#24  
Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by blambo

A lot of variables with IPv6, and a different strategy required to basically connect. (Sprint has IPv6 native support, but many VPNs do not... (DNS leaks).
The following method is less than 50/50 for connecting in a pure IPv6 VPN environment, but VPN tethering does work.

Go to your primary's APN settings, make sure that only IPv6 is enabled.
Connect to your VPN. If it connects successfully and you have an IPv6 remote IP address, you now know that the VPN IPv6 does in fact work at some basic level,
Keep the VPN active, do not turn it off.

Activate 'VPN Hotspot' "Tethering" mode, (Wi-Fi hotspot then wlan0).
Now connect secondary devices, including windows machines, they should all have some sort of connectivity with primary's VPN tunnel address.

-FYI: You can run an OpenVPN server on a cheap VPS and set it to be IPv6 persistent, (but of course that is for another time & place).
Also, AnyConnect/OpenConnect VPN shared tether access with IPv6 can very slow to connect, settings problematic, and even then more than somewhat flaky.

Yeah, IPv6 VPN sharing sounds problematic. Interesting part is that on the primary device, once VPN is active, remote IP check always shows my VPN server IPv4 addr. However, on the secondary device, remote IP check shows both my VPN IPv4 addr and one random Sprint IPv6 addr.

It would be great if all the clients behave consistently the same as the primary. Maybe there is an option on VPN Hotspot APP to disable IPv6 support?
14th May 2018, 09:24 AM |#25  
Mygod Studio's Avatar
OP Senior Member
Flag Suzhou
Thanks Meter: 104
 
Donate to Me
More
Quote:
Originally Posted by blambo

Long version:

In primary device WiFi settings, set up the native hotspot, (SSID & pass). Keep hotspot off, exit settings. Bring up the 'VPN Hotspot' app, click on, and activate 'Tethering', then 'wlan0'.

  • NOW connect all of your secondary external devices to the primary tether and receive an IP address.
    THEN connect to your VPN on the primary . All secondary connected devices will be tunneled through the primary's VPN.
  • If you disconnect a secondary, then want to reconnect the secondary to the primary's hotspot, you will have to disable the VPN on primary, then connect secondary, then reactivate the VPN on the primary.

Short version:

Connect secondary devices, including Windows machines, to primary hotspot, receive IP address before you activate the VPN. (AFAIK this is true of all VPN tethering apps.)

It may sound tedious, but really it's not. After you do it once, you'll get it. Super easy.

Note: Same drill in 'Repeater' mode.

Care to share your device model and Android version? I can't reproduce this on 2 of my devices.
14th May 2018, 09:26 AM |#26  
Mygod Studio's Avatar
OP Senior Member
Flag Suzhou
Thanks Meter: 104
 
Donate to Me
More
Quote:
Originally Posted by TopGun2000

Thank you! Here is what I've found out.

My VPN server has an IPv4 address. Following your instructions, after being connected successfully, whatismyip.com shows that my secondary device's IPv4 addr is the same as my VPN server (great!), however its IPv6 addr is from Sprint. If I visit whatismyip.com directly on the primary device, it shows an IPv4 addr same as VPN server but no IPv6 addr detected. Maybe IPv6 traffic isn't re-routed properly like IPv4 traffic through VPN tethering?

Correct. For now the app doesn't do anything for ipv6 and it will indeed cause DNS leak. I could consider adding a drop rule in the next release.
14th May 2018, 09:29 AM |#27  
Mygod Studio's Avatar
OP Senior Member
Flag Suzhou
Thanks Meter: 104
 
Donate to Me
More
Quote:
Originally Posted by TopGun2000

Yeah, IPv6 VPN sharing sounds problematic. Interesting part is that on the primary device, once VPN is active, remote IP check always shows my VPN server IPv4 addr. However, on the secondary device, remote IP check shows both my VPN IPv4 addr and one random Sprint IPv6 addr.

It would be great if all the clients behave consistently the same as the primary. Maybe there is an option on VPN Hotspot APP to disable IPv6 support?

It may appear random to you simply because that's how IPv6 tethering works - your carrier assigns you a subnet in which your device can assign other devices a unique global IPv6 address(es).
14th May 2018, 03:23 PM |#28  
blambo's Avatar
Senior Member
Thanks Meter: 70
 
More
Quote:
Originally Posted by Mygod Studio

Care to share your device model and Android version? I can't reproduce this on 2 of my devices.

I've done this with many devices, both with phones, and LTE tablets, mostly old including one with a terribly broken screen, and a couple fairly new. The old ones are now re purposed as standing OpenConnect VPN 'hotspots'. All are rooted, most with custom ROMs.:

LG Pad v410 (2 units) Marshmallow
Nexus 7 2013 LTE (3 units) Oreo
ASUS Fone4 (2 units) Lollipop
ASUS PadFone S Marshmallow
OnePlus One (3 units) Oreo
OnePlus 3T Oreo
Pixel 2XL Oreo

They all work as Repeater and Tether, with varying versions of tunnels. Shadowsocks, OpenVPN, OpenConnect, AnyConnect (all first tested on private VPS servers worldwide), then with several commercial VPN providers as well. Nord, Zoog, Winscribe, TorGuard etc.

OT-The fun stuff is where I use little travel routers to connect to the primaries.
From super cheap $5 Chinese models... to fancy Netgear and GL.inets, even a really old ASUS 330NUL. They work so well that I giggle a little each time I connect to them. Rock stable.
The travel routers continue to stay connected to the primary, with VPN enabled, so I can then connect all secondary devices to the travel routers... and not have to mess with disconnecting the primary to do so.

The reason it isn't working for you may be in my poor explanation skills, and for that, I apologize.

You are able to connect to the hotspot. Then, what style, type, app for VPN access? We can start from there.
14th May 2018, 05:28 PM |#29  
Mygod Studio's Avatar
OP Senior Member
Flag Suzhou
Thanks Meter: 104
 
Donate to Me
More
Quote:
Originally Posted by blambo

I've done this with many devices, both with phones, and LTE tablets, mostly old including one with a terribly broken screen, and a couple fairly new. The old ones are now re purposed as standing OpenConnect VPN 'hotspots'. All are rooted, most with custom ROMs.:

LG Pad v410 (2 units) Marshmallow
Nexus 7 2013 LTE (3 units) Oreo
ASUS Fone4 (2 units) Lollipop
ASUS PadFone S Marshmallow
OnePlus One (3 units) Oreo
OnePlus 3T Oreo
Pixel 2XL Oreo

They all work as Repeater and Tether, with varying versions of tunnels. Shadowsocks, OpenVPN, OpenConnect, AnyConnect (all first tested on private VPS servers worldwide), then with several commercial VPN providers as well. Nord, Zoog, Winscribe, TorGuard etc.

OT-The fun stuff is where I use little travel routers to connect to the primaries.
From super cheap $5 Chinese models... to fancy Netgear and GL.inets, even a really old ASUS 330NUL. They work so well that I giggle a little each time I connect to them. Rock stable.
The travel routers continue to stay connected to the primary, with VPN enabled, so I can then connect all secondary devices to the travel routers... and not have to mess with disconnecting the primary to do so.

The reason it isn't working for you may be in my poor explanation skills, and for that, I apologize.

You are able to connect to the hotspot. Then, what style, type, app for VPN access? We can start from there.

Oh, sorry. I meant that there shouldn't be a particular order in which you connect the clients to host and connect host to VPN. This app is designed to work either way. Are you sure doing this is absolutely necessary on all or just some of your devices?
14th May 2018, 06:58 PM |#30  
Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by Mygod Studio

Correct. For now the app doesn't do anything for ipv6 and it will indeed cause DNS leak. I could consider adding a drop rule in the next release.

That's great. I am worried that some web servers prefer IPv6 addr over IPv4 addr, so they may communicate directly with my secondary device through a pair of IPv6 addresses. That may defeat the whole purpose of the VPN tethering on the primary device.

Quote:
Originally Posted by Mygod Studio

It may appear random to you simply because that's how IPv6 tethering works - your carrier assigns you a subnet in which your device can assign other devices a unique global IPv6 address(es).

Good to know. Now I understand this better.
14th May 2018, 07:31 PM |#31  
Mygod Studio's Avatar
OP Senior Member
Flag Suzhou
Thanks Meter: 104
 
Donate to Me
More
Quote:
Originally Posted by TopGun2000

That's great. I am worried that some web servers prefer IPv6 addr over IPv4 addr, so they may communicate directly with my secondary device through a pair of IPv6 addresses. That may defeat the whole purpose of the VPN tethering on the primary device.



Good to know. Now I understand this better.

For now you can use temporary hotspot (for Oreo) or repeater to prevent ipv6 leaks.
Post Reply Subscribe to Thread

Tags
hotspot, tethering, vpn, wifi-direct

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes