FORUMS
Remove All Ads from XDA

Android OpenVPN

6 posts
Thanks Meter: 0
 
By cvandeplas, Junior Member on 23rd August 2009, 06:38 PM
Post Reply Email Thread
30th December 2011, 01:49 AM |#121  
Member
Thanks Meter: 3
 
More
AT&T
Just curious. Has anyone been able to consistently use an openvpn connection over AT&T 3G networks?

I ask because I've been experimenting a lot lately and discovered that some networks work well for VPN (wap.cingular) while others do not allow DNS resolving (pta APN).

How have you experiences been?
26th January 2012, 12:25 AM |#122  
Senior Member
Thanks Meter: 7
 
More
does any one know...how to save the Username and password in OpenVPN ?..
Am using OpenVPN in CM7 nightly
8th February 2012, 08:09 PM |#123  
Junior Member
Flag jakarta
Thanks Meter: 4
 
More
Quote:
Originally Posted by harisit2005

does any one know...how to save the Username and password in OpenVPN ?..
Am using OpenVPN in CM7 nightly

just create a file named 'pass.txt' then enter your username and password like this:

Quote:

John
1234

place the file inside the same folder with config

then on your config, add this line:

Quote:

auth-user-pass pass.txt

I hope that might help
The Following User Says Thank You to randrew2 For This Useful Post: [ View ] Gift randrew2 Ad-Free
11th February 2012, 01:14 PM |#124  
Senior Member
Thanks Meter: 27
 
More
I'm trying to connect to an openvpn connection via the openvpn app available on the market. I'm running an Archos 70IT rooted with churli's root. When I try using a tcp connection, the status in the app switches to unknown and stays that way until timeout. If I try using a udp connection, I get "error: Cannot allocate TUN/TAP dynamically".

According to the installer app I have tun.ko installed, and I know that I have busy box installed. I've looked all over the place trying to find an answer to this and i'm stumped. Can anyone help me out?
11th February 2012, 06:39 PM |#125  
Junior Member
Flag jakarta
Thanks Meter: 4
 
More
Quote:
Originally Posted by Guanfy

I'm trying to connect to an openvpn connection via the openvpn app available on the market. I'm running an Archos 70IT rooted with churli's root. When I try using a tcp connection, the status in the app switches to unknown and stays that way until timeout. If I try using a udp connection, I get "error: Cannot allocate TUN/TAP dynamically".

According to the installer app I have tun.ko installed, and I know that I have busy box installed. I've looked all over the place trying to find an answer to this and i'm stumped. Can anyone help me out?


have you tried to check "load the tunko modules" and choose "load tun.ko modules" -> insmod

and set the tun.ko location to "tun" (default)

if you have tried that but this's still not working, I guess the problem's because ifconfig and route didn't symlinked with busybox

try this:

- mount your /system/xbin (using root explorer)

- then, try to execute this command on terminal emulator:


Quote:

mkdir /system/xbin/bb
ln -s /system/xbin/busybox /system/xbin/bb/ifconfig
ln -s /system/xbin/busybox /system/xbin/bb/route

- then unmount your /system/xbin

hope this helps
12th February 2012, 04:07 AM |#126  
Senior Member
Thanks Meter: 27
 
More
I did as you instructed, and saw a few different things

1. When I tried the module instructions, end result was an error message saying it couldn't load the module. Despite this error the connection process seemed to continue.

2. I setup the linkages that you typed out and it seemed to help somewhat. Now with both TCP and UDP connections I get a "reconnecting due to tls-error" which I wasn't getting before.

3. The handshake thus far goes like this now Startup--->User/Pass--->Unknown(sometimes)--->Wait--->Auth--->tls error or Unknown again--->Wait--->Auth. Then the cycle loops.

Thank you for your help thus far, still stumped though.
12th February 2012, 10:48 AM |#127  
Junior Member
Flag jakarta
Thanks Meter: 4
 
More
Quote:
Originally Posted by Guanfy

I did as you instructed, and saw a few different things

1. When I tried the module instructions, end result was an error message saying it couldn't load the module. Despite this error the connection process seemed to continue.

2. I setup the linkages that you typed out and it seemed to help somewhat. Now with both TCP and UDP connections I get a "reconnecting due to tls-error" which I wasn't getting before.

3. The handshake thus far goes like this now Startup--->User/Pass--->Unknown(sometimes)--->Wait--->Auth--->tls error or Unknown again--->Wait--->Auth. Then the cycle loops.

Thank you for your help thus far, still stumped though.


hmm.. I think "tls" error caused by your config (maybe).. could you post your config here?

before that, try to uncheck "load tun modules" that should load tun.ko which's device's preloaded tun.ko
12th February 2012, 11:09 AM |#128  
Senior Member
Thanks Meter: 27
 
More
What config info do you want exactly?
12th February 2012, 01:14 PM |#129  
Junior Member
Flag jakarta
Thanks Meter: 4
 
More
Quote:
Originally Posted by Guanfy

What config info do you want exactly?

entire field inside the config that you use to connect to openvpn

example: servername.ovpn
12th February 2012, 02:21 PM |#130  
Senior Member
Thanks Meter: 27
 
More
Ok, here's an example of the TCP config file I use


##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

auth-user-pass
#management-query-passwords
#management-hold

# Disable management port for debugging port issues
#management 127.0.0.1 13010

ping 5
ping-exit 30

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
#;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
proto tcp
;proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
# All VPN Servers are added at the very end
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
# We order the hosts according to number of connections.
# So no need to randomize the list
# remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
#comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

# Detect proxy auto matically
#auto-proxy

# Need this for Vista connection issue
route-metric 1

# Get rid of the cached password warning
#auth-nocache

#show-net-up
#dhcp-renew
#dhcp-release
#route-delay 0 120

# added to prevent MITM attack
ns-cert-type server

#
# Remote servers added dynamically by the master server
# DO NOT CHANGE below this line
#
remote 180.189.157.78:443 443 # 0


And here's an example of a UDP file that I use

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

auth-user-pass
#management-query-passwords
#management-hold

# Disable management port for debugging port issues
#management 127.0.0.1 13010

ping 5
ping-exit 30

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
#;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
# All VPN Servers are added at the very end
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
# We order the hosts according to number of connections.
# So no need to randomize the list
# remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert hmauser.crt
key hmauser.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
#comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

# Detect proxy auto matically
#auto-proxy

# Need this for Vista connection issue
route-metric 1

# Get rid of the cached password warning
#auth-nocache

#
# Remote servers added dynamically by the master server
# DO NOT CHANGE below this line
#
remote 72.55.153.75 53 # 0
12th February 2012, 08:53 PM |#131  
Junior Member
Flag jakarta
Thanks Meter: 4
 
More
^ thats not what I mean. the config you attached was a config that comes with the installer. that absolutely won't work even you've tried to connect 1000 times

here I give you an example on the attachment..
read inside the config carefully, and place them on /sdcard/openvpn
dont forget to add ca.crt on the same folder..
Attached Files
File Type: rar cfg.rar - [Click for QR Code] (379 Bytes, 129 views)
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes