VPNC on android

[Ungamedplayer]

Introduction

This is the first release of an installable package to allow google android phones to connect to Cisco like VPN concentrators.
Details

The installing phone will require:

* Root user privileges on the phone.
* /dev/tun file
* Kernel with tun support (or tun module). (cyanogen should be good)
* A cisco, nortel or freeswan ipsec server to connect to.

How To
Installing this version

This is available in the android market as a free application. It should be called VPN Connections. (Not sure where it will be listed as yet).

The latest version of the application can also be downloaded from here and installed using adb.
Reporting bugs

Please inform us which ROM and version that you are using, if the /dev/tun exists, its permissions, and the output of logcat from a boot, also the version of this application that you are running.

If your ROM and version are already reported in the issue list, please comment in the thread as there has been some inconsistencies in reports.

Please be very careful when lodging a bug as it may contain company confidential information. Be sure to strip any secrets or passwords from the configuration files or debugging information.

http://code.google.com/p/get-a-robot-vpnc/issues/list
Known issues

May need to load the tun module manually first.
Usernames can not contain the @ symbol.
Does not currently work with one time pass devices (Rsa keys).

 

[Ungamedplayer]

Reserved for changelog.

 

[Ungamedplayer]

no longer needed.

 

[Ungamedplayer]

I'm not trying to ping via DNS name, so dont be worred about that. I know the other hosts are up, reachable and pingable.

Tried TCP and ICMP connections.

 

[Saiboogu]

Unfortunately I don't have any ideas for you.. I'd like to play with it some myself though, would love to have VPN working. Could you send me / post the compiled binaries? saiboogu [at] g mail

Thanks and good luck

 

[Ungamedplayer]

Sent to said address.

 

[Ungamedplayer]

A little more information.

When tcpdumping the connection, packets originating from the phone go out through the device.
When tcpdumping the connnection with packets originating from the internal network through the vpn, i can tell they make it to the rmnet0 device, but never make it to tun0 device.

 

[Ungamedplayer]

Ok, so I have it working now ! Wahoo.

So.. going to tidy the code up, Clean up the shell script to be android specific (and set the DNS servers).

 

[P3TR]

Great. Would be awesome if you could share your binaries. What about joining this project and submitting what you did?

 

[Ungamedplayer]

Tried mailing the owner of the project, many weeks ago. No response. Guess its dead.

 

[Ungamedplayer]

I'm going to try to get a build environment setup for the major releases. Please PM me within the next 7 days if you are interested.

I plan to not only release the binaries, but the source code and build environment also. Hopefully the upstream developers will also take my patches.

 

[N23]

Is it possible to connect with this vpnc to a cisco concentrator 3000 vpn?

We use CiscoVPN at our University and it would be nice if Android will be able to connect to it.

 

[Saiboogu]

Is it possible to connect with this vpnc to a cisco concentrator 3000 vpn?

We use CiscoVPN at our University and it would be nice if Android will be able to connect to it.

I got a copy of this a few days ago from ungamed.. At first I couldn't connect to our 3000 because I was lead to believe our concentrator only supported TCP NAT traversal (which isn't supported by vpnc), but after talking to someone who knew his stuff a little better, I connected via UDP and had no problems.

So, short answer -- as long as your concentrator is configured to accept some form of NAT traversal other than TCP, this should work.

Oh, and like ungamed said the DNS still needs some work. Not a problem for me, when I VPN to work I only need a single domain that I went ahead and put in my /etc/hosts

 

[kirankashalkar]

Awesome work

Hey guys,

Let me know if you can provide a package.
Would love trying this out.


Thanks,
Kiran.

 

[Ungamedplayer]

You can find out a first download here. http://code.google.com/p/get-a-robot-vpnc/downloads/list

This is the console part of the project, not the GUI, I'm still building that this week. Requires a rooted phone 1.5 or above.

 

[Ungamedplayer]

I think that the dns is fixed in this first download

 

[N23]

You can find out a first download here. http://code.google.com/p/get-a-robot-vpnc/downloads/list

This is the console part of the project, not the GUI, I'm still building that this week. Requires a rooted phone 1.5 or above.

It only works with Cupcake? That's bad because yet there's no (fully working) UK Cupecake out

But thank you very much! Maybe then the nice GUI is ready ;-)

 

[Ungamedplayer]

It only works with Cupcake? That's bad because yet there's no (fully working) UK Cupecake out

But thank you very much! Maybe then the nice GUI is ready ;-)

Working on the interface is slower than me doing the actual port.


Thumbnail::

Full Shot Preview

 

[Phlogiston]

I tried to use that package

I can get vpn connecting, but the apps do not use that tunnel afterwards.

# ./vpnc /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc.conf --debug 1 --no-detach

vpnc version ERSION
Script: not found
IKE: not found
Perfect: not found
IPSec: not found
IPSec: not found
IPSec: not found
Xauth: not found
Xauth: not found
IKE SA selected psk+xauth-aes128-sha1
NAT status: no NAT-T VID seen
got address *************
Script: not found
IKE: not found
Perfect: not found
IPSec: not found
IPSec: not found
IPSec: not found
Xauth: not found
Xauth: not found
IPSEC SA selected aes128-sha1
VPNC started in foreground...
vpnc[2366]: can't open pidfile /var/run/vpnc/pid for writing

Do I need to call something afterwards?

Btw it did not work to pass --script to /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-script so I copied that script to the default location /etc/vpnc/vpnc-script...
maybe its not executed properly?

 

[kwkard]

[deleted]