I have a rooted N1 with cyanogen 5.0.4.1 on it.
I'm studying abroad this semester, and the university I'm at seems to have done everything they could to prevent me from connecting my phone to the internet on their network.
There is a wireless network, but it doesn't reach my room, and there's a proxy; I haven't been able to get any of the various proxy apps to work with it, at all. On a somewhat related note, since moving to cyanogen I'm not able to connect to that network anymore (wpa enterprise, tls/pap/user+pass). No real loss, since it didn't work as I couldn't get the proxy going.
The rooms have ethernet, with a static IP and mac filtering, and of course the same proxy. In addition, on the wired network in the rooms you have to connect to a vpn in order get anything other than the school's intranet
With cyanogen's rom, I have been able to connect my phone to my computer's ad-hoc network by giving it the parameters (IP, gateway, netmask, dns), that were provided to me, but I can't download anything. My only guess as to why that's not working is their static IP/mac filtering combo is not playing nicely.
I haven't ever delved very deeply into networking type stuff such as proxies, ssh tunnels, etc, so these two ideas of mine could be completely unworkable, but what I've been able to come up with is:
1. Is there a way to have my laptop keep handling all the proxy/ip/vpn nonsense, and just route http data to and from my phone? I've never dealt with ssh or anything of that sort, but I run linux so it should be pretty trivial to get it set up on the laptop's side of the equation.
2. Failing that, I'm allowed to have 3 devices with 3 different mac addresses, each of which is given a separate IP address, so I give the people in charge of the network the mac address for my phone and get an IP address for it. Then, connect to my laptop's ad-hoc network, which is on IP #1, and go to the advanced wifi settings on my N1 and set up a static IP with IP #2. Does that work, at all? This of course doesn't account for the vpn at all, but if it does in fact work I'd then move on to that.
What a ****ing brain-buster. Goodluck!
As an update, I can use cyanogen's included tethering ability, in conjunction with ConnectBot, to ssh from my phone to my computer (got that working after a bit of work, and learned something new). However, when I try to set up port forwarding in ConnectBot, it doesn't work; I don't know which ones to forward, whether to choose local or remote, and if I try to forward something below 1024 it gives me an error because of that. Does anybody know what ports I need to forward, and how to do that properly with ConnectBot?
Related
I've been struggling with OpenVPN on my Vario III on T-Mobile and hope someone can throw me a bit of a lifeline.
I can connect to my OpenVPN (running on my WRT54GS router) via wifi but the problem is when I try over 3G. Even when I've specified the provider and ticked "exclusive", it manages to connect to my OpenVPN server but I get no further connectivity (to webpages etc).
As said, via wifi this config on my Kaiser works perfectly...
Code:
remote xxxxxx.homeip.net
port 22
dev tap
secret "\\Program files\\OpenVPN\\config\\secret.key"
proto tcp-client
resolv-retry infinite
nobind
comp-lzo
cipher AES-256-CBC
route gateway 192.168.xxx.xxx
redirect-gateway
dhcp-option DNS 192.168.xxx.xxx
but when tried via 3G it seems to have a problem with setting the routing..
Code:
Mon Oct 22 21:58:00 2007 ROUTE: route addition failed using CreateIpForwardEntry: The parameter is incorrect.
Just wondering if there is something either with the T-Mobile network or the Vario III which is specifically stopping me from using OpenVPN
Or are my settings misconfigured?
I've also attached a full copy of the log.
Thanks for any help you can give (Give generously)
CP
Sounds suspiciously like a NAT traversal or proxy issue to me. On the HSDPA network, there's a proxy in the picture. I don't believe that's the case for the Edge network. That could easily be the cause of the problem.
Surely once the connection has been established the NAT issue shouldn't be a problem?
TBH I thought the route addition problem was due to the software being unable to update the local routing table?
NAT traversal issues often manifest themselves as connections that look like they're established, then die immediately. The VPN participants have to know the actual IP addresses of the devices involved, and understand that NAT is happening. Proxies also need to play a role in that process since they're effectively "standing in" for your device. And they may be configured not to permit IPSec traffic at all.
What you've described sounds exactly like NAT traversal issues - the negotiation appears to go just fine, but the actual connection dies on the vine. Since the end points don't have the right data from the negotiation (actual valid addresses to build the tunnel around), the route they try to build is invalid and fails.
In your log, it's impossible to tell since the IP addresses have been all translated to xxx.xxx.xxx.xxx. But I suspect that the ones up until the "TCP connection established with..." message are all displaying valid public IP addresses, and somewhere very shortly after that they start displaying private RFC 1918 addresses.
Proxies + NAT +IPSec = small nightmares. This is one of the reasons SSL VPNs have gained significantly in popularity.
Try Hamachi vpn
https://secure.logmein.com/products/hamachi/vpn.asp
Surur
PerfAlbion said:
In your log, it's impossible to tell since the IP addresses have been all translated to xxx.xxx.xxx.xxx. But I suspect that the ones up until the "TCP connection established with..." message are all displaying valid public IP addresses, and somewhere very shortly after that they start displaying private RFC 1918 addresses.
Click to expand...
Click to collapse
You have PM
Quick update:
I've just connected my Laptop to the internet via my Kaiser using 3G.
Ran OpenVPN and it connected without a problem.
Technically this would suggest that I should be able to connect with my kaiser but theres either a problem with my config or a bug in the PPC openvpn software :S
I haven't tried on UDP yet which will be my next test....
Any ideas?
Blimey, I didn't know there was a PPC client! I'll try it to see if it works with my setup.
Well I can't even get it to talk to my server so won't be able to help !
Fire up the card in your laptop and take a look at the IP address assigned to your machine. Since it's a different service, they may not be passing you through the proxy that's in place for the Kaiser. If you've received a public address, then you're on a "different network" even though both are 3G services.
PerfAlbion said:
Fire up the card in your laptop and take a look at the IP address assigned to your machine. Since it's a different service, they may not be passing you through the proxy that's in place for the Kaiser. If you've received a public address, then you're on a "different network" even though both are 3G services.
Click to expand...
Click to collapse
?? When you connect a laptop via BT to the kaiser, (using internet sharing) it creates a NAT which the traffic is passed over through the 3G service. Essentially using the same service..
Unless you mean the "service" between the windows software & the PPC/WM software is different?
Plus how'd you mean fire up the card in my laptop?
Cheers for your help on this btw.
I'm assuming that the Laptop data service and the PDA data service are treated differently within the AT&T network. While the PDA passes through a proxy, I suspect the laptop does not.
When I say "fire up the laptop card," I mean establish a connection and look at your IP address (ipconfig from a command prompt will show it). It may be a different IP address range than the PDA receives (which you could see using VxIPConfig or VxUtils). Even if it's within the same range, it may be bypassing the proxy.
So while you're using essentially the same technology, I suspect the services are implemented very differently, and that's what we're trying to sort out.
I dont believe it!!!
I downloaded VM Net Brower checked what IP addresses were being assigned and connected successfully! Loaded up www.whatismyip.org and it came up with the proxy of my PC at home.
Unfortunately, my phone was running incredibly slow and thought it best to do a soft reset... afterwards no matter what I do, I can't connect. I just cant figure out why or replicate what I did
Argh.. this is getting to me now... next on the agenda is to try changing the port number from 22 to 8080 or 80 and see what happens.
Hey all.
I've tried searching Google and the XDA, but I still can't seem to get my remote desktop to work.
I'm using the AT&T version (Fuze) and Windows XP Media Center Edition. I went through the steps on my PC to enable and allow RD in the system and firewall sections, and still keep getting the "Cannot connect" error message when I try and use RD on my Diamond. Any advice?
All stock ROM, progs, etc.
Thanks!
If it's anything like T-Mobile in the UK, Remote Desktop may be something blocked at the carrier.
I managed to get around it using an SSH tunnel. It's not actually as difficult as it sounds I describe what I did in this post:
http://forum.xda-developers.com/showthread.php?t=357009&page=2
Before that I'd try connecting to remote desktop through a wifi connection which you know allows RDP, just to make sure your cellular network is at fault. If it is, you could try complaining - some people on T-Mobile UK have had RDP enabled on their "standard" data contracts which aren't technically supposed to have it from what I have heard.
Hey, thanks for the tips.
I actually tried it on a WiFi connection and got the same result.
I'll try looking into your other suggestion, but aside from that, are there any other troubleshooting options? Thanks all!
See if another computer can remote into your computer. It might not be an issue with your phone.
I was able to connect using another computer in the house...they're not networked but using the same internet connection. Gonna try and have my cousin connect to my comp from his house when he gets home...but so far it doesn't seem like it's my computer...
Still need assistance.
Thanks!
try it without the router. u probably need port fordwarding.
You will also need either a static ip address from your isp or setup dynamic dns resolution (i.e dyndns.org). If you have a dynamic ip address the ip address of your router is issued by your isp every time you connect(not neccessarily a different ip every time, but it might be). As mentioned above you will aslo need to setup port forwarding on your router for port 3389 (default rdp port) to the ip address of the machine you want to remote onto.
Forgive me but...how do you set all that up?
I appreciate all the assistance thus far!
I couldnt get mine to work, so I forward port 5900 on my PC and use RealVNC (free/shareware)
Hello:
I'm also having problems getting my remote desktop to work. Been trying to connect since I picked up my Fuze on the 11th.
I have three different computers that I can successfully administer via my desktop. I've tried using 3G to connect, no success. I've tried using Wi-fi to connect, no success. I've used local computer names, IP addresses, properly forwarded ports --
It has to be a setting I'm missing on the phone. Any ideas? TIA
(and yes, I'm sorry, I know this is the Diamond forum, it's just the only thread I've found)
It worked yesterday but now won't. If I enter proxy settings into orangeinternet acp the same as orangewap then it works for http traffic but not email.
I have done a lot of setting up on the phone since it arrived yesterday but I can't think what I can have altered in the gprs settings.
I had the same issue with my Touch Cruise on the newer ROMs and it went away when I reverted to the official HTC Cruise 6.1 ROM.
Any ideas anyone?
You could always try running the network setup wizard again?
You could always try running the network setup wizard again?
Click to expand...
Click to collapse
I tried that several times - it doesn't work. I think it must be a screwed setting from setting up something like exchange server in activesync.
Everything works under wifi.
I am really hoping I don't have to do a hard reset and start all over again.
Try putting a different operator's sim in and let it set everything up for it, then put your orange sim back in and go through the auto setup again. If that doesn't work then a hardreset might be your only option. Going from your other posts in the themes, applications and software it looks like your phone is really playing up so a hardreset might be best all round, only install one thing at a time and test everything after every install and customisation until you find out what you're doing to break it, then don't do that step again.
Have you messed around at all under the network advanced options where you set things like HSDPA etc
Thanks for all the replies. I've ended up hard resetting and re-customising one thing at a time.
The thing that breaks it seems to be when I change the wifi settings. I have a non-standard wireless network at home and I have to specifiy the IP address and default gateway in the "network adaptors" settings for wifi. Once I access the network with these settings it breaks the cellular data connection!
Like I said earlier, my Cruise did this as well with the later ROM such as Udk's and C_Shekhar's. When I went back to the official HTC 6.1 ROM everything worked fine.
I have now reverted my wireless settings to standard (i.e. DHCP) and it has restored the cellular connection but, obviously the wifi doesn't work.
If I can't sort this I'll have to rethink my home network.
Sounds like you're using set IP addresses on your home network for port forwarding or something of that nature. Have another look in your router's settings as most decent ones will allow you to reserve IPs from the DHCP range for specific MAC addresses, that way when the computers or other devices ask for an IP they get given the same one every time. Things really do work much more smoothly as far as networking goes when DHCP is working. If you really do need to specify IP addresses manually then just let the router hand out addresses by DCHP from a restricted range, e.g. if you manually specify addresses from 192.168.1.2 to 192.168.1.10 then set the start address for DHCP to 192.168.1.11.
Thanks, shuflie. It's actually to do with the default gateway. I have an orange livebox doing the adsl work so I can plug a telephone in to it to get free calls. However, the wireless is useless on the livebox so I have a netgear wireless router on the network as well. The trouble is, DHCP won't work that way so I have to set each wireless device up with a dedicated IP address and direct it to the livebox as the gateway.
For some unknown reason, this breaks cellular data on winmo devices.
Anyway, until I find a solution I have removed the orange livebox from my system. I'll just have to live without the broadband phonecalls which is no big deal tbh.
I actually run a non standard network here too, a SKY ADSL router to provide the broadband access and a Netgear router which all my computers attach to. Both router are set up as DCHP servers, but the SKY box only gives out an address to the Netgear router, the Netgear hands out the IP addresses for everything else. The only drawback I've seen so far is that it seems impossible to initiate a connection from the outside world to any of the computers on my network because of the dual NAT that is happening, but that isn't necessarily a bad thing as it makes it harder to hack in from outside. I don't have to point the computer and other devices to the SKY box as the gateway, I just let the Netgear router think that the connection it is getting from the SKY box is a direct connection to the outside world. Everything seems to work just fine, no problems with network gaming on the playstation network and torrents, skype, web etc. seem to work just fine. If you can't live without the broadband calls you could give it a go.
Should have said that the SKY and Netgear routers are on different subnets, 192.168.0.x for the SKY and 192.168.1.x for the netgear.
Ok, well basically my end need is to have my Google Calendar synced to my phone on which I have no service or access to WiFi internet. I'm in Iraq right now, and the only internet I have is via Ethernet.
I am hoping to, at the least, sync my calender over USB. But one thing I'd love to do is share my internet connection to my phone via USB like WinMo does. That way I can mess with new roms and the such while I'm out here. Thing is, it can't have it's own IP address because all IP's are assigned and I have to log in via my browser on my computer once I'm connected. It's a pain in the ass.
But, any help would be great. Thanks!
I am pretty sure there is not a way to do what you are asking. Without wifi or and kind of data signal, there is no way to connect the gmail servers to your phone. I am pretty sure that usb is out of the question, which seems to be your only option.
Sorry my friend.
This might help, all you need is linux. You could virtualize it, but idk if you can do that where you are at right now.
any possibility of getting a usb wifi device and setting up Internet Connection Sharing so your phone would have a local ip like 192.168. and share the connection on your computer with your phone???
I don't know exactly how the IP shiz works with ICS, but the ISP out here uses 192.168 IP's. All I know is that the phone would need to not have an IP, or something along those lines, for it to work. IDFK....
If you're in iraq, it might be hard to get your hands on one of these, BUT, in the interests of completeness,
Use of a regular cheap broadband router with integrated wifi WILL do what you are looking to do...
You might need to clone your computer's MAC address to the router's WAN device, then it'll connect to the DHCP server, then using EITHER the computer OR the phone, go to the browser and authenticate.
Note: I don't think that there is really any way to network the phone to the computer using USB, though bluetooth IS an option... it'll be a console-only operation though.
Final option is to get your hands on a wifi device for the computer (can be a USB device) and run it as a NAT, i.e. use iptables.
my95z34 said:
Ok, well basically my end need is to have my Google Calendar synced to my phone on which I have no service or access to WiFi internet. I'm in Iraq right now, and the only internet I have is via Ethernet.
I am hoping to, at the least, sync my calender over USB. But one thing I'd love to do is share my internet connection to my phone via USB like WinMo does. That way I can mess with new roms and the such while I'm out here. Thing is, it can't have it's own IP address because all IP's are assigned and I have to log in via my browser on my computer once I'm connected. It's a pain in the ass.
But, any help would be great. Thanks!
Click to expand...
Click to collapse
lbcoder said:
If you're in iraq, it might be hard to get your hands on one of these, BUT, in the interests of completeness,
Use of a regular cheap broadband router with integrated wifi WILL do what you are looking to do...
You might need to clone your computer's MAC address to the router's WAN device, then it'll connect to the DHCP server, then using EITHER the computer OR the phone, go to the browser and authenticate.
Note: I don't think that there is really any way to network the phone to the computer using USB, though bluetooth IS an option... it'll be a console-only operation though.
Final option is to get your hands on a wifi device for the computer (can be a USB device) and run it as a NAT, i.e. use iptables.
Click to expand...
Click to collapse
They don't care what the MAC is, just IP's. I can get a WiFi router if I need to. But, if I turn off DHCP on the router, does it still need it's own IP address? Or does it just act as a switch? All IP configuration is done on the device, there is no DHCP ran by the ISP.
my95z34 said:
They don't care what the MAC is, just IP's. I can get a WiFi router if I need to. But, if I turn off DHCP on the router, does it still need it's own IP address? Or does it just act as a switch? All IP configuration is done on the device, there is no DHCP ran by the ISP.
Click to expand...
Click to collapse
The cheap broadband router has TWO IP addresses. The public IP address assigned by the ISP's DHCP server (or manually if the ISP doesn't have DHCP), and the PRIVATE IP address used to communicate with the other devices that you hook up to it. It uses NETWORK ADDRESS TRANSLATION (see http://en.wikipedia.org/wiki/Network_address_translation ) to connect the client machines to the public network. To the public network, it appears that there is ONLY ONE machine connecting -- the NAT box (router) itself.
You will leave the DHCP *SERVER* (LAN SIDE) running on the router, you will disable the DHCP *CLIENT* (WAN SIDE) and configure the WAN IP/NETMASK/DNS/GATEWAY to the specifications required by the ISP. You will use the router's WAN port to connect to your ISP, you will use any LAN port to connect to your computer, and you will use the WiFi to connect to your phone. You will then have private IP addresses assigned to your computer and your phone, and these devices will be able to connect through your ISP's network via the router.
So doing that the ISP will see my router as my computer, then both my phone and computer can connect at the same time because they'll have their own private IP?
I need to be able to access my FTP server from the Internet but all ports are closed.
My Bionic is my only connection to the Internet for my home network. I am using the Verizon Hotspot app and from my home network I can do anything I want to. This connectivity is great.
However, when away from home I need to access my FTP server on ports 21, 8080, and 443. I am using CrushFTP as my server. I have configured no-ip and from within CrushFTP it passes the built-in no-ip connectivity test, Thus my FTP server is reaching no-ip just fine. I check my IP that Google says I have against a ping to mydomain.no-ip.biz and the both match. But when I do a Sheilds-Up port scan, ALL ports are in stealth mode.
Next I loaded Port Forwarder on the phone and tried every connection to my laptop but still no luck. BTW, I connected the laptop directly to the hotspot taking out all routers and switches of my home network. Same results. The firewall is OFF on the laptop.
Then I downloaded a port scanner onto the pone. When I scan the phone's public IP, 70.201.1.55 port 21, 8080 etc are closed. So i tried scanning port 21 on my laptop's IP, 192.168.44.149 and it said OPEN. This proves the problem is not the laptop rather the phone.
After long talks with Verizon they assure me that they are not blocking inbound ports. I believe them because my neighbor has both a Bionic and a 3G hotspot stick. When he tries to get to his IP camera with the Bionic it fails. But if he connects his 3G stick, he CAN get to his camera.
I am willing to pay someone to get the Bionic to work! Or, if you know of a different phone that can do what I need to do, PLEASE PLEASE tell me. I cannot stress how important this is to me.
Thank You for reading.
Well it turns out that although Verizon does not block ports, your 4G phone in NATed and thus easily connecting from the Internet back to your system is not possible. Apps like LovMeIn do work just fine. But if you are trying to connect back to an FTP server, IP camera, etc, you cannot.
However, I was able to get me needs met by signing up for one of those VPN solutions AND getting a public IP from them too. I choose PureVPN and it is costing me $74/year for the service. I have a Microsoft Server 2003 running under VMware where my FTP server runs. I loaded the VPN client on the MS server and I can not access my FTP server from the Internet. I did setup the firewall for added protection.
Please note that your system will be fully accessible to anyone unless you set up a good firewall and block all um-necessary open ports. I put this server under VMware and it only runs the FTP server program for additional protection.
Good Luck!