I just can't get OpenVPN to work on the Fascinate. I think I'm getting close. I finally found a tun.ko driver that works, and I can connect to my VPN at home, but it looks like the route is not being pushed because I can't access any IP on the VPN.. even though I am connected.
I've got Busybox, OpenVPN installer and OpenVPN Settings apps installed right from the market.
Is there any way to enable logging of OpenVPN on the phone? I can't seem to figure that out either. A log might at least give me a clue what is wrong.
Help is much appreciated.
Karl
Can you post a link to your tun.ko file?
Got OpenVPN working!
I believe I'm using the tun.ko posted here:
http://forum.xda-developers.com/showthread.php?t=871681
I had found this early on. But what really stumped me for a week was the inabilitly of OpenVPN to push routes properly to the phone. There are several suggestions out there about linking route and ifconfig in the system/xbin, playing with the busybox install paths, etc. None of that helped me. What did help was actually replacing the Market version of OpenVPN apk with the one found in this thread:
http://forum.xda-developers.com/showthread.php?t=820909
Apparently some gracious person has re-compiled OpenVPN to work properly on Galaxy phones and correctly push out the routes.
I'm posting this in case it helps others.
Karl
Related
Would make the GTab way more useful for me... The only problem I have is installing the TUN/TAP driver...
Since the kernel source hasn't been released, we can't compile the tunnel module... yet. It seems to be my luck that all the devices I have Android-wise haven't had their source released yet... GTab or Droid2. Ugh.
+100000000 I've gotten a taste for it by RDP'ing into my home computer and using OpenVPN to get into work so I can't wait for working TUN/TAP driver!!! Will complete my wishlist for this device
Thought I'd pop this back to the top - aren't the sources out now?
I for one would love to see this as well... makes life easier to get into my work server... Please someone... HELP..
Now if only I knew how....
I think rothnic was testing VPN support in the kernel when he compiled in CIFS and NTFS support, and it borked the Wifi. I am sure they'll get it sorted out soon.
Any word on OpenVPN support? I feel like I'm begging despite it being my first (er, second I mean) question about it, but it's really important to those who need it, despite being a small group.
OpenVPN Working
Hey folks I got OpenVPN working. I had to do a lot of little tricks on both ends but the thing that sealed the deal on the client side was to use gscript to enable the tap0 interface that is created when OpenVPN connects to my server.
Since I have the OpenVPN server on one side and I administer it I just set the IP statically on the GTablet.
I use tap0 based on my configuration
/system/xbin/ifconfig tap0 172.16.x.x netmask 255.255.0.0 mtu 1500 up
Just wish I understood OpenVPN better......
which rom?
Which rom are you running? I'm running TnT. I can't find a tun/tap for it.
-D
ROMS used
JungleGym69 said:
Which rom are you running? I'm running TnT. I can't find a tun/tap for it.
-D
Click to expand...
Click to collapse
Hey JungleGym I am currently using VeganTab 5.1 but I have gotten it to work on various ROMS (TNTLite and ZPad) Generally I end up using the kernel compiled by clemsyn but I am starting to question that it is needed. If I have a chance I might try to make this work with no kernel change. Usually use the two OpenVPN apps on the market, the installer and the settings app for the installer I use the xbin folder for the install and ifconfig location. Finally decked out the tablet so I am less prone to wipe and do whatever but with TNTLite with a new point revision out I am tempted to try it.
Since the TBH (thank you!!) NVRAM hack fixes the NAI that gets created for your MIP profile, there is no need for NAI manipulation at the application level with apps such as easytether.
My question is:
What is the suggested method for USB tether after removing the ".dun" from your NAI?
Ideally Im looking for RNDIS based tethering since its built into Windows 7 and most flavors of Linux. Its also simple to install a RNDIS driver on XP. It seems way less invasive to me then having to install a client application.
I have done some searching but have not found any USB RNDIS based tethering solution that works. Have working kernel modules been created (like the working tun.ko) that can be used to enable this?
Thanks
PleaseStirMe
Yes, search this forum for tun.ko as there is a post a few under yours where someone posted a working version of the tun.ko and a config.ko file as well.
Sent from my DROIDX using XDA App
Thanks SysAdmin but tun.ko is the not kernel module I am looking for. tun.ko is used to enable VPN. I am wondering if anyone has made a similar kernel module to enable RNDIS tether.
PleaseStirMe
All you need to do to enable USB tethering in Windows is edit the build.prop to get Phone as Modem to be included in the USB notification dropdown menu.
Simply edit the line ro.modem_available=0 to ro.modem_available=1.
Then reboot and connect the phone to the PC and select Phone as Modem from the drop menu.
You will get a notification that internal data will be disabled.
Open Network and Sharing Center and create a new DialUpNetworking connection and configure as follows:
User Name: [email protected] where the Xs are your 10 digit MDN.
Password: vzw
Number to Dial: #777
Save and hit connect and you're done.
cellzealot
Thanks for your reply. Pretty sure you have helped me in the past too.
That was not the exact solution I was looking for but it is a nice option since in windows can automatically open the connection when you launch your browser. I used to use that same DUN method with my e815.
PleaseStirMe
I realize that it's not RNDIS but it works fine and no client is required.
And yes, this hack dates back to the old days of e815 hacking and if you were hanging around the VZW Motorola forum on HoFo back then you might know me as kbman.
PleaseStirMe said:
Thanks SysAdmin but tun.ko is the not kernel module I am looking for. tun.ko is used to enable VPN. I am wondering if anyone has made a similar kernel module to enable RNDIS tether.
PleaseStirMe
Click to expand...
Click to collapse
You're right, my apologies! I believe that was for openVPN, and I had read something else similar earlier that day! Thnx to cellzealot for the info as well!
Sent from my DROIDX using XDA App
recently i installed the last eclair kernel from Dalingrin (2/25/11), which among other great things, implements netfilter/iptables
i was able to install both TransProxy and AsProxy, but since i need ntlm authentication to connect to the internet in my office, only AsProxy would be useful for me, but when i hit the start button, it says that the iptables were not found.
has anyone been able to connect to the internet thru a proxy server (in my case an ISA Server), with any of the above mentioned programs or another one?
Have you gotten your iptables to show up yet?
I havent gone the route of ROM yet but I probably will have too. I have asproxy and Orbot (TOR client) installed but without iptables they are useless.
wrenchneck said:
Have you gotten your iptables to show up yet?
I havent gone the route of ROM yet but I probably will have too. I have asproxy and Orbot (TOR client) installed but without iptables they are useless.
Click to expand...
Click to collapse
I have the same issue too. Peharps Dal could compile the Kernet to support iptables.
What I had to do for this is set up OpenVPN... Violates my work policy, but oh well. Couldn't figure out how to get it set up any other way.
Technically I did set up an access point on a CentOS box with a transparent proxy, but that doesn't handle syncing which I need at work as I use my tablet during meetings and need to have my schedule up to date etc..
Did you heard about Honeycomb 3.1? Now you can set up proxy and user/psw on the wifi configuration. Nice.. It should be very nice if CM7 got this too...
Ok... I have tried and tried to get this working.
Citrix opens up just fine for me and I am able to add applications that I want to connect to. I then click on a application and it tells me that I have not chosen to trust a register.com certificate.
Its not a self signed certificate so i dont see why its not trusting it and wont let it install on the device. This is super frustrating because we have clients that are going to the iPads because i cant seem to show them a working model using a android device. If anyone could please help that would be amazing. how in the world do i install a stinkin certificate on this device!? and why in the world would it work on iPad and not a android device.
Thank you for all your help in advance. I have found some solutions but they involve doing something in a text editor and uploading it or something... Something that just seems way to complicated to make this work. Thank you
Have you checked with your business with Citrix setup?
I know we had to modify a few things/settings to get the Citrix receiver working on android.
After doing so it works flawless for me on my Xoom.
Try this..
Go to Settings->Location & Security
Make sure "Use secure credentials" is enabled. I believe you have to set a password for the certificate store before you can enable it.
what would I need to enable on the citrix side of things. We run their it department and set up the citrix server. I just don't understand why if it is a trusted certificate from a trusted authority why it would not install itself.
I also went ahead and enabled the password for store for applications to use it. Now how do I if I need to install the certificate on the device. I click install from USB storage after moving the cert'to the internal storage and it says no certificate found.
anyone else been able to get this working? I am really struggling with this one. I have a .cer if i really need one but i have not a clue on how to convert it. One person said i need to modify citrix settings to get this to work but i dont know what to edit. please help...
I have it running... no certificates needed
Sent from my Xoom using XDA App
This is how I solved the geotrust cert issue on my droid2 which might help here:
http://jeftek.com/664/updated-geotrust-rootca-certificate-for-the-droid2-android-phone/
Sent from my Xoom using Tapatalk
This worked for me on a GTab and ATrix
http://forum.xda-developers.com/showthread.php?t=952041
B3ATTY said:
This worked for me on a GTab and ATrix
http://forum.xda-developers.com/showthread.php?t=952041
Click to expand...
Click to collapse
Does your device have to be rooted to do this? I think this might work
I read the module FAQ and the code page and tried out module & xposed code and I was not able to get around my problem. I'm not sure that it was supposed to get around my problem though, but I was hoping to get your take on things. I can't find much data, though I can find a few people asking the same questions as I.
I installed an android 4.3 ROM (http://forum.xda-developers.com/showthread.php?t=2121063) on my phone and tried to connect to an OpenVPN based VPN provider. I got an error and contacted their support. Part of that process was to try another app, so we tried the OpenVPN COnnect app, the official OpenVPN app. I got a different error with that app.
One says that "your android firmware does not support the VPNService API("
OpenVPN Connect says "Sorry, due to a known issue in this version of android, it is not possible to gain permission to open a VPN tunnel"
There seems to be a few problems popping up with OpenVPN based VPNs in various Android 4.x OSs, but none complaine about 4.3 specifically. Usually they complain about 4.4 or back when 4.0 and 4.1 were new. I found this article talking about it on OpenVPN, and they're just pointing the finger, but I can't find the actual bug referenced:
https://forums.openvpn.net/topic13772.html
I came across your code on this page:
https://code.google.com/p/ics-openvpn/wiki/FAQ
And decided to try loading xposed and your module after emailing OpenVPN Connect and receiving a response right away. The guy who replied seemed to think the error is related to the fact that the confirmation acknowledgement dialog is not able to be summoned. I figured maybe the ROM wasn't bypassing it properly or missing some part of it, so I tried your way of bypassing it.
After loading xposed and your module, and selecting the 2 VPN apps, I still get the same results.
What are your thoughts? Should I give up and find a new ROM?
What are you talking about? If you're asking about a specific module (looks to me that way,) you should do that in the appropriate thread.
After some more research and experimentation yesterday, it's looking more like those OpenVPN clients that "support" the VPNServiceAPI actually *require* it, and that annoying/nasty little dialog that google enabled to "protect" the user just serves to piss off advanced users like me. This is my hypothesis at this point, though I have not confirmed this. I suspect this because I just tested on Jelly Bomb, a 4.1 based ROM and see the same results so far.
As far as what I was talking about in my OP, I copy/pasted an email to the author of the xposed module here and tried to reformat it to fit the message board, and apparently I missed a few pronouns. By far not the most egregious use of the English language I've seen on these boards, so what's with the attitude? I don't see specific sub forums for each and every module, so I don't get what you're implying. I only saw the one xposed board, so where else was I supposed to post?
No attitude, I honestly didn't understand how your issue was related to the Xposed framework. I just searched the repo for "VPN" and now see what you're talking about.
The Auto VPN Dialog Confirm doesn't have a thread here on XDA. Reading your post again, you're trying to use Xposed to fix a bug with the app if I'm not mistaken? I'd first try checking the logcat and forwarding that to the author of the VPN app if you haven't already.
I can't answer the rest of your questions since that's up to the module's author. That being said, it looks like a module specific question/request, not a framework query.
My understanding of the issue described here is different, probably because I'm trying to solve the same problem On the other hand, I'm not on ICS anymore, but am using Sammy 4.1.2 stock with DorimanX Kernel 8.43 at the moment.
OpenVPN should be usable for establishing a connection on boot. Out of the box, this creates a dialog to trust this application. Even though I trust it and confirm, there is no way of saving that preference permanently. It seems to be kept for a while (disconnect / reconnect doesn't trigger it again at least ) Therefore, it always reappears each time I boot.
The only possible solution I could find was the Xposed Module "Auto VPN Dialog Confirm" - the same module mentioned by the OP.
I used it together with the OpenVPN Client by colucci.web.it (paid version in my case, because I also wanted TAP support and auto connect functionality as well as the option of controlling it via Tasker).
After installing "Auto VPN Dialog Confirm" it recognized the installed OpenVPN client and offered to allow VPN API connections from it without confirmation. The VPN client also has an option to automatically create connections when Wifi is up and allows to be triggered either when seeing a specific SSID or when connecting to a network which does not have a specific SSID. The latter one is the typical condition for untrusted networks.
Therefore, it achieves what I wanted - being able to route my traffic via OpenVPN in case I'm not connected to my home WiFi
Regarding the issue encountered on ICS - maybe getting in touch with the Developer of the Xposed module might be the best option, unless someone else has already found a solution for it. It could also be good to exactly specify the OpenVPN client used as clearing the Xposed logfile and having "AutoVPN Dialog confirm" run as the only Xposed app (and fail). Afterwards, the log hopefully contains useful feedback for the developer to investigate further (Support URL listed for the module)