FORUMS
Remove All Ads from XDA

Android OpenVPN

6 posts
Thanks Meter: 0
 
By cvandeplas, Junior Member on 23rd August 2009, 06:38 PM
Post Reply Email Thread
26th October 2010, 06:34 AM |#111  
Junior Member
Thanks Meter: 0
 
More
Get OpenVPN work on Moto ME501(Cliq XT or Quench)
After several hours work, I get OpenVPN work on my ME501. lamaz 's post help me lot when I working on it. Thanks! lamaz.

Following are operations I've done excepted those mentioned by lamaz.

1. create the link to "busybox cp" in bin folder. ME501 doesn't have the cp command there. It is needed by the OpenVPN installer.


2. change the link destination of "ifconfig" and "route". On ME501, they are linked to "toolbox" instead of "busybox". The ifconfig came with phone is can't assign IP to tun0 interface properly.
13th January 2011, 10:20 AM |#112  
Member
Thanks Meter: 0
 
More
Hi,
New to android and would like to know if you can get a VPN client solution for android? Tried to search the forum and this thread is the closest I get.
What I want is to use a HTC Desire Z and get access to a server through a VPNtunnel.
13th January 2011, 03:51 PM |#113  
Junior Member
Thanks Meter: 2
 
More
cyanogenmod has built-in support for openvpn.
2nd February 2011, 06:25 AM |#114  
Junior Member
Thanks Meter: 0
 
More
Question TCP working always, UDP working rarely...
Working flawlessly when using tcp, over 3g or wifi.

but when changing proto to udp, it works once, but 50 times it doesn't "reset, reboot, re-install, restart server daemon, change network connection...etc", the thing is, it works sometimes!! so my config should be right, right? especially it *always* works if TCP.

The status just stops at "Wait" .... forever, tried 3g and wifi "two different networks".

Please help, since tcp is S..L..O..W.
Thanks for the tool by the way.

Galaxy tab
openvpn 2.1.1
busybox 1.17.1
working fine with TCP!


---------client.conf---------
client
dev tun
proto udp
remote 123.123.123.123 1194
nobind
persist-key
persist-tun
mute-replay-warnings
ca /sdcard/openvpn/ca.crt
cert /sdcard/openvpn/wolf.crt
key /sdcard/openvpn/wolf.key
ns-cert-type rnicrosoft
tls-auth /sdcard/openvpn/ta.key 1
cipher AES-128-CBC
comp-lzo
verb 0

----------openvpn.log "failed UDP connection"-------------

Wed Feb 2 06:00:16 2011 us=498083 11.11.11.11:51035 Re-using SSL/TLS context
Wed Feb 2 06:00:16 2011 us=498136 11.11.11.11:51035 LZO compression initialized
Wed Feb 2 06:00:16 2011 us=498416 11.11.11.11:51035 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Feb 2 06:00:16 2011 us=498441 11.11.11.11:51035 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 2 06:00:16 2011 us=498523 11.11.11.11:51035 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Feb 2 06:00:16 2011 us=498539 11.11.11.11:51035 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Feb 2 06:00:16 2011 us=498575 11.11.11.11:51035 Local Options hash (VER=V4): 'a2e63101'
Wed Feb 2 06:00:16 2011 us=498596 11.11.11.11:51035 Expected Remote Options hash (VER=V4): '272f1b58'
RWed Feb 2 06:00:16 2011 us=498684 11.11.11.11:51035 TLS: Initial packet from 11.11.11.11:51035, sid=63543461 c093b2b6
WRWWRWRWWWRWWRWWRWWRWWRWRWWRWWRWWRWWRWWRWWRWWRWWRW WRWWRWRWWWRWWRWWRWWRWRWWRWWRWWRWWWed Feb 2 06:01:16 2011 us=954631 11.11.11.11:51035 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Feb 2 06:01:16 2011 us=954687 11.11.11.11:51035 TLS Error: TLS handshake failed
Wed Feb 2 06:01:16 2011 us=954781 11.11.11.11:51035 SIGUSR1[soft,tls-error] received, client-instance restarting
Wed Feb 2 06:01:17 2011 us=987640 MULTI: multi_create_instance called
Wed Feb 2 06:01:17 2011 us=987708 11.11.11.11:51045 Re-using SSL/TLS context
Wed Feb 2 06:01:17 2011 us=987739 11.11.11.11:51045 LZO compression initialized
Wed Feb 2 06:01:17 2011 us=987817 11.11.11.11:51045 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ]
Wed Feb 2 06:01:17 2011 us=987833 11.11.11.11:51045 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 2 06:01:17 2011 us=987872 11.11.11.11:51045 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Feb 2 06:01:17 2011 us=987901 11.11.11.11:51045 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Feb 2 06:01:17 2011 us=987926 11.11.11.11:51045 Local Options hash (VER=V4): 'a2e63101'
Wed Feb 2 06:01:17 2011 us=987952 11.11.11.11:51045 Expected Remote Options hash (VER=V4): '272f1b58'
RWed Feb 2 06:01:17 2011 us=988005 11.11.11.11:51045 TLS: Initial packet from 11.11.11.11:51045, sid=356e5456 1f824040
WWRWWRWWRWWRWWRWWRWWRWWRWWRW

----------openvpn.log "successful TCP connection"-------------
Wed Feb 2 06:13:29 2011 us=101201 Re-using SSL/TLS context
Wed Feb 2 06:13:29 2011 us=101305 LZO compression initialized
Wed Feb 2 06:13:29 2011 us=101631 Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ]
Wed Feb 2 06:13:29 2011 us=101682 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Feb 2 06:13:29 2011 us=101771 Local Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Wed Feb 2 06:13:29 2011 us=101786 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-128-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Wed Feb 2 06:13:29 2011 us=101825 Local Options hash (VER=V4): 'a642654b'
Wed Feb 2 06:13:29 2011 us=101846 Expected Remote Options hash (VER=V4): '0bdd0804'
Wed Feb 2 06:13:29 2011 us=101882 TCP connection established with 11.11.11.11:51268
Wed Feb 2 06:13:29 2011 us=101905 Socket Buffers: R=[131072->131072] S=[131072->131072]
Wed Feb 2 06:13:29 2011 us=101922 TCPv4_SERVER link local: [undef]
Wed Feb 2 06:13:29 2011 us=101938 TCPv4_SERVER link remote: 11.11.11.11:51268
RWed Feb 2 06:13:29 2011 us=938176 11.11.11.11:51268 TLS: Initial packet from 11.11.11.11:51268, sid=223d6876 14d07a22
WRRWWWWRWRWRWWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRR RRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWed Feb 2 06:13:35 2011 us=576045 11.11.11.11:51268 VERIFY OK: depth=1, /C=US/ST=NY/L=REDMOND/O=microsoft/CN=microsoft_CA/[email protected]
Wed Feb 2 06:13:35 2011 us=576367 11.11.11.11:51268 VERIFY OK: depth=0, /C=US/ST=NY/L=REDMOND/O=microsoft/CN=billgates/[email protected]
WRWRWRWRWRWRWRWed Feb 2 06:13:36 2011 us=442620 11.11.11.11:51268 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Feb 2 06:13:36 2011 us=442653 11.11.11.11:51268 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Feb 2 06:13:36 2011 us=442666 11.11.11.11:51268 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Wed Feb 2 06:13:36 2011 us=442697 11.11.11.11:51268 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
WWWRRWed Feb 2 06:13:37 2011 us=20535 11.11.11.11:51268 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Feb 2 06:13:37 2011 us=20596 11.11.11.11:51268 [billgates] Peer Connection Initiated with 11.11.11.11:51268
Wed Feb 2 06:13:37 2011 us=20664 billgates/11.11.11.11:51268 MULTI: Learn: 10.8.0.2 -> billgates/11.11.11.11:51268
Wed Feb 2 06:13:37 2011 us=20678 billgates/11.11.11.11:51268 MULTI: primary virtual IP for billgates/11.11.11.11:51268: 10.8.0.2
RWed Feb 2 06:13:39 2011 us=348364 billgates/11.11.11.11:51268 PUSH: Received control message: 'PUSH_REQUEST'
Wed Feb 2 06:13:39 2011 us=348430 billgates/11.11.11.11:51268 SENT CONTROL [billgates]: 'PUSH_REPLY,route-gateway 123.123.123.123,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.2 255.255.255.0' (status=1)
WWWWRRRwrWRwrWRwrWR



---------iptables-save--------
[email protected]:/etc/openvpn# iptables-save | grep -v # | grep -v :
*raw
COMMIT
*nat
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
*mangle
COMMIT
*filter
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
COMMIT
3rd February 2011, 08:35 AM |#115  
Member
Flag Novosibirsk
Thanks Meter: 7
 
More
It seems that it could be a MTU problem with UDP configuration. Try to make --udp-mtu larger or smaller than the default, and test again.
10th March 2011, 11:09 AM |#116  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by lamaz

Glad to see it worked for you. I tried using the openvpn-installer with no success. I tried installing it in various locations. I'm glad to see there was an easier route.

The reason I had to delete a route is probably due to my server configuration file which will push DNS, dhcp and force all traffic through it. I noticed that my Mac and Linux Machines didn't have that route entry after connecting. If I leave the route I cannot connect anywhere.

The tun.ko is absolutely necessary for a tap device. You will get errors without it.

Glad to help out

-LamaZ


hi guys, i need to retrieve the dns settings pushed by the server into my android phone. Anyone has managed to do so?
10th May 2011, 04:34 AM |#117  
programatix's Avatar
Senior Member
Thanks Meter: 112
 
More
Hi,

I successfully connected to the VPN server. However the tap doesn't seems to retrieve the IP address from the DHCP at the server. So, every time I connect to the VPN, I'll need to manually refresh the tap device ip manually by running "netcfg tap0 dhcp" using Terminal.

I tried putting in this line in the conf file,
Code:
up "netcfg tap0 dhcp"
but it doesn't run.

Any help would be greatly appreciated.
The Following User Says Thank You to programatix For This Useful Post: [ View ] Gift programatix Ad-Free
16th June 2011, 07:42 PM |#118  
Senior Member
Thanks Meter: 38
 
More
so i had another random question. i am using my htc thunderbolt in a 4G area and when connected to my vpn using vpn settings the data is a lot slower than usual. I also then tested it by wifi tethering to the computer and using my computer to connect to the same vpn server and saw much higher speed results. BTW the server is on a 1Gbps up/down line. any ideas why the openvpn software on the phone is limiting the speeds. with it on i get 4-5mbps without it close to 15
19th December 2011, 08:46 PM |#119  
bombadier's Avatar
Senior Member
Flag The Burgh
Thanks Meter: 3,011
 
Donate to Me
More
Hope this is the right thread,dont shoot
Have a open vpn account and have the client.ovpn file on my phone (desire Z running ILWT CM 7) and the openvpn installer app,it says no tap/tun module installed,how to install this as I thought CM 7 had support built in,and what are the settings if I wanted to enter them manually,already searched,albeit not thorough ly,Thanks for any help with this matter
21st December 2011, 11:37 PM |#120  
bombadier's Avatar
Senior Member
Flag The Burgh
Thanks Meter: 3,011
 
Donate to Me
More
Any help chaps?
30th December 2011, 01:49 AM |#121  
Member
Thanks Meter: 3
 
More
AT&T
Just curious. Has anyone been able to consistently use an openvpn connection over AT&T 3G networks?

I ask because I've been experimenting a lot lately and discovered that some networks work well for VPN (wap.cingular) while others do not allow DNS resolving (pta APN).

How have you experiences been?
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes