Hi guys!
I´ve got problems to establish a connection to the university wlan network with my phone.
We´ve got a Cisco Router, so I need Cisco VPN support.
Any helpful suggestions for me?
Greetings, DaXmYsT
I asked SE, they sad they are not sure if they are intended to implement Cisco PPTP VPN support.
It is possible, but not easy at the moment... If you know linux well, look at the tun.ko module i compiled for the x10 mini and look for get-a-robot-vpnc packages and how to's. You'll have to fix the vpnc scripts but it works. Sorry i'm not at home and won't be able to share more than the kernel module i posted in the x10 mini forum...
Sent from my U20i using XDA App
I too am battling with this.
The vpnc-script as is stands does't work very well and is throwing up loads of errors. I had to install busybox on the device and set PATH so it used those commands so it could find things commands like "which" and "grep" etc. However simple lines in the script to set up variables such as
IPROUTE="`which ip | grep '^/' 2> /dev/null`"
Which is simply trying to set variable IPROUTE to the path where the command "ip" is found is failing, so I've set had to set up all the variable paths manually. I do not know why this is failing, but I suspect it's using "grep" is a slightly different manner to the busybox grep I have. grep didn't exist in /system/bin by default on my phone. (Debranded x10 on Voda)
However the big problem I've now discovered is the "route" command. The default in /system/bin fails miserably with the commands in the script and the busybox route command doesn't support all the options either.
So I'm now working out what the script is trying to do with the routing table so I can set all this manually...
...but appreciate any help!
UPDATE: Well I got vpnc working - turned out my version of busybox was waaay out of date. Installed the latest and it works just fine. Of course now I can connect via RDP to my work machine over my VPN I very much doubt I'll ever want or need to!
Which busybox version are you using?
Also which app from the market?
Thanks!
I am using busybox 1.16.1 downloaded from busybox - I then had to copy the binary over to my phone and installed it in /system/sbin
this caused me a few issues as in init.rc it sets up the path /system/sbin before /system/bin so applets from busybox took priority over /system/bin.
So I had to remove the "ps" and the "su" commands IIRC.
However doing it the other way would have also caused issues, as "route" only worked when I used the busybox 1.16.1 and not the one currently in my /system/sbin
Other strange oddities also included the fact that rmmod from busybox didn't work but it did from the original /system/bin.
meh
I then also got the latest get-a-robot-vpnc.
I also needed the tun module, which I placed into /system/lib/modules
get-a-robot-vpnc didn't automatically install this module correctly though so I modified the scrip to ensure that when I used it the tun.ko module was loaded....
Code:
TUNTEST="`lsmod | grep 'tun'`"
if [ -z "$TUNTEST" ]; then
echo "tun not found try to install"
insmod -f /system/lib/modules/tun.ko
else
echo "tun module installed"
fi
Which seemed to do the trick.
I also had to put in my appropriate flags for vpnc.
Essentially I got it working first just using the shell and typing the commands manually and then got it working with the GUI.
I do not understand you mean that the included VPN client in Mini does not work with cisco VPN (pptp)?
Because for me it worked with a cisco vpn 3000.You say that you do pptp but which one (it could be pptp over ipsec?)
However, there is a free client on the market called "vpn connection", which work very vell with cisco equipement, it worked like a charm on my dream, but only on wifi as my phone provider do not let pass ipsec or pptp/ipsec.
Bye
Herc.
Related
Hi!
For the ones interested in openvpn or vpnc I attach the tun.ko module.
Have fun.
Here is the tun driver package. Think you should have a rooted device to make use of it.
To install:
1. copy it to your <sdk>/tools folder
2. adb push hero-tun-module-signed.zip /sdcard/update.zip
3. Type 'adb shell reboot bootloader' to enter the bootloader.(or turn it off and then, holding back button, turn it on)
4. Type 'fastboot boot cm-hero-recovery.img' - the device will now boot into the recovery image.
5. Select the option to 'apply update.zip from SD card'. Let it complete.
6. select reboot
Hi!
Good idea and thanks for packaging it. I just made a quick shot ;-)
Will add this to 1.2.
P
get-a-robot-vpnc does not work using the tun driver included in
2.0-update-hero-modacocustomrom-enhanced-signed.zip
The message appears after entering the pasword for sign on.
The application VPN Connections (process org.codeandroid.vpnc_frontend) has stopped unexpectedly.
# insmod /system/lib/modules/tun.ko
insmod /system/lib/modules/tun.ko
insmod: can't insert '/system/lib/modules/tun.ko': invalid module format
whether tun.ko is fron the 2.0 zero,
or installed via update.zip from hero-tun-module-signed.zip - above.
dmesg says
tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6 ' should be '2.6.27-8dd6deee preempt mod_unload ARMv6 '
the /etc/net folder does not exist, neither does /etc/tun
tun for 2.6.27-8dd6deee
See attachment for tun driver kernel version: 2.6.27-8dd6deee
(MoDaCo 2.0)
Thanks gogh57,
insmod ran OK.
installed to /dev/tun
vpn is now Trying to connect...
I'll have to check the VPN parameters.
Will let you know.
Brilliant work, many thanks.
I've check and verified my vpn parameters, but get a failed to connect. I'll keep reading and trying and will let you all know.
For info, all I have done - just in case I have missed a fundamental step...
1. Installed VPN connections from the market
2. Configured a network to connect to
3. copied tun.ko to SD card
4. ran adb shell to get on phone then insmod tun.ko - no errors, and shows with lsmod
5. tried to connect.
Getting closer....!
Bryan
How to install it on my Hero?
Hi all,
I have the same problem. Currently using Modaco's 1.5.1 and I do not want to move to 2.0 as it seems that it does not offer any advantage and I am happy until now with 1.5.1.
I am trying to install tun.ko which exists in system/lib/modules (installed with Modaco's ROM). When installing the tun.ko, I get "Exec format error" with dmesg:
# dmesg | grep tun
<3>[152396.817749] tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6
' should be '2.6.27-44690c1a preempt mod_unload ARMv6 '
How can I find the 2.6.27-44690c1a version ?
Or else I will wait for Bryan's tests and if successful, I will move to 2.0
Thanks for any help
Yiannis
<EDIT> - Moved to Modaco 2.1, Insmod runs OK, VPN-Connect does not connect. I'll dig more and let u know
Newby question, but what can you do with it?
YiannisM said:
Hi all,
I have the same problem. Currently using Modaco's 1.5.1 and I do not want to move to 2.0 as it seems that it does not offer any advantage and I am happy until now with 1.5.1.
I am trying to install tun.ko which exists in system/lib/modules (installed with Modaco's ROM). When installing the tun.ko, I get "Exec format error" with dmesg:
# dmesg | grep tun
<3>[152396.817749] tun: version magic '2.6.27-a5504199 preempt mod_unload ARMv6
' should be '2.6.27-44690c1a preempt mod_unload ARMv6 '
How can I find the 2.6.27-44690c1a version ?
Or else I will wait for Bryan's tests and if successful, I will move to 2.0
Thanks for any help
Yiannis
<EDIT> - Moved to Modaco 2.1, Insmod runs OK, VPN-Connect does not connect. I'll dig more and let u know
Click to expand...
Click to collapse
I'm getting nowhere with this. I'll have to look on the phone to see if it logs anywhere to help diagnose
Let use know YiannisM if you get anywhere?!
Bryan
On my HTC Hero
Using Modaco 2.2
tun.zip included in above
VPN Connections installed
and modified scripts described here:
http://techha.us/2009/06/android-vpn-vpnc/
VPN works now,
stared via an adapted 'go' script. (but not using VPN Connections UI)
I use ConnectBot for terminal.
I'll post exact details tonight.
pvlagsma said:
I'll post exact details tonight.
Click to expand...
Click to collapse
Look forward to it, I had a quick go following the link you gave, but it *****ed (unsurprisingly) at the location of the tun device.
Well done for cracking it
So close now!
J-Zeus said:
Newby question, but what can you do with it?
Click to expand...
Click to collapse
From Wiki....
A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger networks (such as the Internet), as opposed to running across a single private network. The Link Layer protocols of the virtual network are said to be tunneled through the transport network. One common application is to secure communications through the public Internet, but a VPN does not need to have explicit security features such as authentication or content encryption. For example, VPNs can also be used to separate the traffic of different user communities over an underlying network with strong security features, or to provide access to a network via customized or private routing mechanisms.
Simply put, for most people I imagine, it allows us to connect to work.
Bryan
pvlagsma said:
On my HTC Hero
Using Modaco 2.2
tun.zip included in above
VPN Connections installed
and modified scripts described here:
http://techha.us/2009/06/android-vpn-vpnc/
VPN works now,
stared via an adapted 'go' script. (but not using VPN Connections UI)
I use ConnectBot for terminal.
I'll post exact details tonight.
Click to expand...
Click to collapse
Also looking forward to this.
Installing VPN on the HTC Hero.
References:
----------
A: This thread - http://forum.xda-developers.com/showthread.php?p=4503502
B: vpnc details - http://techha.us/2009/06/android-vpn-vpnc/
C: ROM 2.2 - http://android.modaco.com/content/h...m-is-here-2-versions-based-on-the-new-update/
D: VPN_Connections: - http://code.google.com/p/get-a-robot-vpnc/downloads/list
E: ConnectBot - android market - the terminal app I use on my Hero. You can do all this from an 'adb shell' on your PC.
1. Flash the 2.2 ROM (others probably work, but the correct tun.ko for the linux build is included in the ROM) from Ref C.
2. Download the latest version (VPN_Connections_v09.apk at time of writing) from get-a-robot-vpnc (Ref D), and install on your Hero.
This provides the vpn modules that are needed.
However I could not get this UI to work on the Hero. It kept hanging, sometimes asking for the password, sometimes not.
Note: the android market version is still 0.6
3. Install the tun.ko module with a script, or manually. This needs to be done each time you boot the Hero.
The script is:
'prep' script ( the following 3 lines: )
-----------
insmod /system/lib/modules/tun.ko
mkdir /dev/net
ln -s /dev/tun /dev/net/tun
Install tun by typing:
sh /sdcard/prep
or typing the 3 commands. (you need to be root, to do this)
(I placed my script on the microSD card, /sdcard/prep)
You can call this script anything you like.
4. Make an 'vpn.conf' file .
IPSec gateway vpn.aa.bb.com
IPSec ID youroffice
IPSec secret yourofficepassword
Xauth username youruid
Place it on /sdcard/vpn.conf
See Ref B for details.
You can call this configuration file anything you like.
5. Make a 'go' script, like this (one long line)
/data/data/org.codeandroid.vpnc_frontend/files/vpnc /sdcard/vpn.conf --script /data/data/org.codeandroid.vpnc_frontend/files/vpnc-script --pid-file /sdcard/vpnc-pid --no-detach --debug 1
Put it in a file /sdcard/go .
N.B. The 'go' script refers to the 'vpn.conf' file which you created earlier.
See Ref B for details.
You can call this script anything you like.
(Note: VPN Connections (Ref D) installs its files to /data/data/org.codeandroid.vpnc_frontend )
6. Start VPN by typing:
sh /sdcard/go
hopefully you will see
# sh /sdcard/go
sh /sdcard/go
Enter password for [email protected]: <this is where you type in your password>
vpnc version ERSION
IKE SA selected psk+xauth-3des-sha1
NAT status: no NAT-T VID seen
got address 33.333.333.333
RTNETLINK answers: File exists
backing up dns and resolve.conf
cp: cannot stat '/etc/resolv.conf': No such file or directory
vpnc-script ran to completion
IPSEC SA selected 3des-sha1
VPNC started in foreground...
&. Start an ssh connection, or a browser to an internal website, or whatever
Brilliant, many thanks!!
couldn't find a /etc/resolv.conf have put a couple of address' into /etc/hosts so I can browse my intranet.
How are you doing DNS??
Bryan
Is it possible to configure for IPSec over tcp?
Just an update from me, the VPN Connect frontend does not work, I have used pvlagsm's instructions and worked for me.
Thanks
I have compiled tun.ko for the Nook color.
Here are the instructions to get OpenVPN up and running.
I dont have a fully working OpenVPN server to test this completely but I was able to connect and get authenticated. If someone can test this out and report whether this works that would be useful.
Download tun.ko module from here
http://dl.dropbox.com/u/16190398/tun.ko
Type the following from your windows or linux console
adb shell
#mount -o remount,rw /dev/block/mmcblk0p5 /system
#su
#cd /system/lib
#mkdir modules (if it doesnt exist)
#exit
#exit
Now you are back at your windows or linux prompt
adb push tun.ko /system/lib/modules
adb shell
#su
#insmod /system/lib/modules/tun.ko
If everything works fine you should see no errors
#lsmod
You should see something like this
tun 11416 0 - Live 0xbf153000
#exit
#exit
So far so good.
Now go to the Android Market and download
1. busybox (if not already installed)
2. OpenVPN Installer
3. OpenVPN Settings
Run the OpenVPN Installer first. It will detect that OpenVPN binary is not installed and ask permission to install. You can choose to install it in /system/xbin or /system/bin (I installed it under /system/bin).
OpenVPN also needs the path to ifconfig and route which is provided by busybox. It will ask for the path and create symlinks. I created mine under /system/xbin/bb.
Next copy your openvpn config files and .crt files under /sdcard/openvpn.
Finally, run OpenVPN settings. If you have a valid config file under /sdcard/openvpn you should see those connections listed.
From the advanced menu you can set the path to your tunnel module as /system/lib/modules/tun.ko and load the module using modprobe.
Set the path to your configuration files (default is /sdcard/openvpn).
If everything looks fine then go back to main screen and click the checkbox next to your listed connection.
You should get a login icon in the notification bar if your connection requires username/password.
Thats it. Browse your internal network to check if everything is working as desired.
I just had a baby a few weeks ago and dont have time to troubleshoot this.
If someone can take over and post better/detailed instructions on making this work that would be great.
---------- 05/06/2011 Update -------------
Updated version of tun.ko for the 1.2 update. This for for kernel version 2.6.32.9.
In order to connect to Cisco/Freeswan VPN concentrators you can download VPNconnections from here. The instructions are quite straightforward and listed on the project page. http://code.google.com/p/get-a-robot-vpnc/
You will need to load tun.ko for both openvpn and VPNConnections.
http://dl.dropbox.com/u/16190398/Nook Color 1.2/tun.ko
Thanks for the step-by-step guide on this, I can confirm that it does work as expected. I was able to connect to an OpenVPN server and route traffic properly over it. One more damn device that ties me to work now, wooh!
At my work we use a Cisco VPN. On my phone I use an app called VPN Connections. I loaded the module and instead of using the open vpn I used the apk mentioned above. But it didn't work. Does the OpenVPN support Cisco vpns?
has anyone gotten this to work with alwaysVPN??
after i enter my username and password
I get
connecting
Auth
get config
then a popup window saying
fatal: cannot allocate Tun/Tap dev dynamically
iandixo said:
has anyone gotten this to work with alwaysVPN??
after i enter my username and password
I get
connecting
Auth
get config
then a popup window saying
fatal: cannot allocate Tun/Tap dev dynamically
Click to expand...
Click to collapse
Probably your tun.ko module is not loaded.
Did you set the path to tun.ko from OpenVPN settings ?
Can you use adb shell and
type
#insmod /system/lib/modules/tun.ko
then
#lsmod
and report what you see.
likearaptor said:
At my work we use a Cisco VPN. On my phone I use an app called VPN Connections. I loaded the module and instead of using the open vpn I used the apk mentioned above. But it didn't work. Does the OpenVPN support Cisco vpns?
Click to expand...
Click to collapse
OpenVPN client wont work with Cisco's VPN. They use different protocols.
However, VPN Connections is supposed to be compatible with Cisco/FreeSwan and other IPSec VPNs.
I havent used VPNConnections but if there is any option to load the tun module then you can try setting the path and loading the module.
I would suggest that you first try loading the tun.ko module manually using adb shell. Then run VPN Connections and maybe it will work
dascud said:
Probably your tun.ko module is not loaded.
Did you set the path to tun.ko from OpenVPN settings ?
Can you use adb shell and
type
#insmod /system/lib/modules/tun.ko
then
#lsmod
and report what you see.
Click to expand...
Click to collapse
I get
tun 11416 0 - Live 0xbf113000
tiwlan_drv 862084 0 - Live 0xbf03b000
bc_example 6460 0 - Live 0xbf034000
omaplfb 16584 0 - Live 0xbf02a000
pvrsrvkm 150196 56 bc_example,omaplfb, Live 0xbf000000
and the path is set in settings
what should I see in /system/xbin/bb ?? as there is nothing there at all. Reason I asked is for some unknown reason and without me changing anything, the error has now changed to something about "ifconfig unable to load external program" it flashes to fast to read
iandixo said:
I get
tun 11416 0 - Live 0xbf113000
tiwlan_drv 862084 0 - Live 0xbf03b000
bc_example 6460 0 - Live 0xbf034000
omaplfb 16584 0 - Live 0xbf02a000
pvrsrvkm 150196 56 bc_example,omaplfb, Live 0xbf000000
and the path is set in settings
what should I see in /system/xbin/bb ?? as there is nothing there at all. Reason I asked is for some unknown reason and without me changing anything, the error has now changed to something about "ifconfig unable to load external program" it flashes to fast to read
Click to expand...
Click to collapse
This is good. Make sure that you set the path as the full path to the module as
/system/lib/modules/tun.ko in OpenVPN settings. (Yea path is a little misleading)
The error is due to openvpn not finding the path to ifconfig and route which is required to set the IP address for the tun device and push the default routes.
Did you install busybox ?. If not then you should install that.
If you already installed busybox then do this
adb shell
#mount -o remount,rw /dev/block/mmcblk0p5 /system
#su
#which busybox
This should return /system/bin/busybox
Under /system/bin you should also find ifconfig and route which are essentially symlinks to busybox
Now navigate to the /system/xbin directory
#cd /system/xbin
#mkdir bb (if it doesnt exist)
#cd /system/bin
#cp ifconfig /system/xbin/bb
#cp route /system/xbin/bb
#cd /system/xbin/bb
# ./ifconfig
This should return some details about the tiwlan0 interface.
#exit
#exit
Try again and see if this works. If not you can run the OpenVPN installer again.
Shouldnt matter if you already ran it once before.
Set the path for the openvpn binary as /system/bin &
the path for ifconfig as /system/xbin/bb
Hopefully this should do the trick.
Hmm. I can't get this to work with VPN Connections either. lsmod says the module is loaded, but VPN Connections fails. I won't have time to look at this for a week or so, but if anyone has VPN Connections working with this tun.ko, that would be good to know.
well I'm getting somewhere it now connects and it seems to be passing data ...but I'm only getting a connection of 0.09kBps up and 0.06kBps down
FletchF said:
Hmm. I can't get this to work with VPN Connections either.
Click to expand...
Click to collapse
Just to clarify, "VPN Connections" is an Android VPN client that can connect to a Cisco IPSEC VPN concentrator. It works well for me on my DROID.
link down? -nm
Hi. This sounds awesome. I am trying to get vpn since i left my laptop at home and my captivate is too small to do basic work.
I can't seem to dload the above but no go for dolphin or google browser.
Can someone post a mirror?
Edit: got it... couldn't get w the browsers and rockplayer seemed to want to play it. Used ie and got it ok.
I would love to hear if anyone else has had any success with alwaysVPN. I can connect but just can't seem to get any data ...
iandixo said:
well I'm getting somewhere it now connects and it seems to be passing data ...but I'm only getting a connection of 0.09kBps up and 0.06kBps down
Click to expand...
Click to collapse
I recall that I had the same issue initially. I was able to get connected but not browse the internal network. The monitor would show a connection of 0.09Kbps.
I think this means that the initial handshake went through but the server was not able to push the ip address or the default routes.
When you get connected you should see a status which progresses as
Auth - > Get Config -> and finally connected to "server IP" as "your new IP address". If you dont see your new IP address then the connection is not fully functional.
A rather unscientific method to fix it which worked for me was
1.) Uninstall busybox
2.) Reinstall busybox
3.) Run OpenVPN Installer again
set path to Openvpn binary as /system/bin
set path to ifconfig as /system/xbin/bb
adb to /system/xbin/bb and check if ifconfig and route exists.
Reboot, do a minor rain dance and pray to the God of your choice while the Nook is rebooting.
So just to let everyone know I got VPN Connections working for my work's Cisco VPN. I did the steps outlined at first, downloaded the file, insmod the file, added openvpn and settings apps, then tried my vpn connections app but it wouldn't work. So I gave up. Two days later I tried it for fun after I had rebooted it many times and it worked! I haven't done a insmod command and I have uninstalled the two OpenVPN commands
likearaptor said:
So just to let everyone know I got VPN Connections working for my work's Cisco VPN. I did the steps outlined at first, downloaded the file, insmod the file, added openvpn and settings apps, then tried my vpn connections app but it wouldn't work. So I gave up. Two days later I tried it for fun after I had rebooted it many times and it worked! I haven't done a insmod command and I have uninstalled the two OpenVPN commands
Click to expand...
Click to collapse
I was also able to get "VPN Connections" aka vpnc, working using this method.
Am now able to connect to my Cisco ASA, thanks for the great post.
My NookColor has been all of the sudden playing a load static noise when it is off and the only way to stop it is to turn it off. So I reset everything back to stock 1.0.1 and I will wait and see if it does it without it being rooted. If so I will get a different unit. But in the next week or two I will root it again and see if I need to install OpenVPN or not.
acomiskey said:
I was also able to get "VPN Connections" aka vpnc, working using this method.
Click to expand...
Click to collapse
Hmm. Still trying here. How many reboots did it take?
FletchF said:
Hmm. Still trying here. How many reboots did it take?
Click to expand...
Click to collapse
Just one for me, I did a lot of little things trying to get it to work, once I re-root later this week or next week I will post step by step directions to get it to work unless someone else beats me to it
FletchF said:
Hmm. Still trying here. How many reboots did it take?
Click to expand...
Click to collapse
I think just 1.
I had "vpn connections" installed. I then follow the instructions at the beginning of this thread. I stopped at "Next copy your openvpn config files and .crt files under /sdcard/openvpn" since I wasn't interested in using openvpn.
I then rebooted, launched "vpn connections" and it connected.
I cannot however get the vpnc widget to work.
Hello,
I'm trying to connect to a Cisco VPN client by using VPN Connections on an Archos 70 IT 250 GB, that is rooted.
I always get a "Connection failed" message, after which the app crashes.
Did anyone succeed in getting VPN Connections working on Archos 70 IT ?
Regards,
Tonny
TonnyVanmunster said:
Hello,
I'm trying to connect to a Cisco VPN client by using VPN Connections on an Archos 70 IT 250 GB, that is rooted.
I always get a "Connection failed" message, after which the app crashes.
Did anyone succeed in getting VPN Connections working on Archos 70 IT ?
Regards,
Tonny
Click to expand...
Click to collapse
Hi,
I used to have the same error on my Galaxy S, when trying to create a VPN tunnel to my companies CISCO gateway.
The problem seems to relate to the missing tun.ko library.
I'm not sure if the Samsung Galaxy files will work for Archos, but you might want to adapt and try the following how-to: http://forum.xda-developers.com/showthread.php?t=793712&highlight=tun.ko
Regards,
Patrick
TonnyVanmunster said:
Did anyone succeed in getting VPN Connections working on Archos 70 IT ?
Click to expand...
Click to collapse
I found a possible clue. After trying several free pptp vpn services and noticing that it seemed to resolve a url one time then just hang, I set up a vpn on my lan and tried the local coffee shop connection to access it. I found that if encryption was completely disabled on the lan vpn and unchecked on the 70 IT, it would connect and I could browse, check email, etc. As soon as I set the policy on the vpn server to enable any level of encryption it was back to the resolve 1 url and hang behavior. Of course an unencrypted vpn is about as worthless as t*ts on a bull but it's the only clue I've found. As a control, I tried an ip*d touch w/encryption on against the same vpn with all levels enabled and that worked.
If anybody else who's running a local vpn can duplicate and confirm this, it's a step in the right direction!
VPN Connections 0.99 (aka get-a-robot-vpnc) working on A101IT with urukdriod-0.6
I've managed to make get-a-robot-vpnc (aka VPN Connections 0.99) work on urukdroid0.6 on Archos 101 IT.
There are two issues with default vpnc.script, and one issue with output of 'ps' command needed by VPN Connections 0.99 GUI, to check is there a connected vpnc process.
Resolving vpnc.script issues:
1. Symbolic link is missing that links /bin/busybox (or /usr/local/bin/busysbox on urukdroid) to 'which' command (cd /usr/local/bin; ln -s busybox which)
2. Symbolic link is missing that links /bin/busybox (or /usr/local/bin/busysbox on urukdroid) to 'ip' command (cd /usr/local/bin; ln -s busybox ip)
$aur0n told me that this two commands/links will be included in urukdroid-0.7.
Resolving GUI 'ps' issue (a bit harder ):
VPN COnnections GUI do 'ps | grep 'vpnc$' to see is there active vpnc process (established connection), but output of 'ps' command(s) found on urukdroid is not what GUI expects, so it cannot find vpnc proccess even if it is running and VPN is established.
On urukdroid there is 2 versions of 'ps' command:
1st is /bin/ps which is symbolic link to /bin/busybox (very old version of busybox (1.7.2, I believe) and output of ps this command is not suitable for VPN Connections (GUI)
2nd is /usr/local/bin/ps which is native ps command, but its output is also not suitable for VPN Connections (GUI)
There is a (hidden ) 3rd 'ps' command in /usr/local/bin/busybox (that version of busybox is 1.17.2) - but also not suitable output for VPN Connections (GUI).
Experimenting a bit I've found that '/usr/local/bin/ps -A' gives an suitable output, so I:
1. renamed /usr/local/bin/ps to /usr/local/bin/ps.new
2. made a script /usr/local/bin/ps with:
Code:
#!/bin/sh
ps.new -A
exit $?
3. chown root:root /usr/local/bin/ps; chmod 755 /usr/local/bin/ps
After that, everything worked.
Hope this solves issues for some of you
P.S. Forgot to mention - urukdroid 0.7 will have its own vpnc service built-in.
Works in UD 1.5
nenadr said:
I've managed to make get-a-robot-vpnc (aka VPN Connections 0.99) work on urukdroid0.6 on Archos 101 IT.
There are two issues with default vpnc.script, and one issue with output of 'ps' command needed by VPN Connections 0.99 GUI, to check is there a connected vpnc process.
Resolving vpnc.script issues:
1. Symbolic link is missing that links /bin/busybox (or /usr/local/bin/busysbox on urukdroid) to 'which' command (cd /usr/local/bin; ln -s busybox which)
2. Symbolic link is missing that links /bin/busybox (or /usr/local/bin/busysbox on urukdroid) to 'ip' command (cd /usr/local/bin; ln -s busybox ip)
$aur0n told me that this two commands/links will be included in urukdroid-0.7.
Resolving GUI 'ps' issue (a bit harder ):
VPN COnnections GUI do 'ps | grep 'vpnc$' to see is there active vpnc process (established connection), but output of 'ps' command(s) found on urukdroid is not what GUI expects, so it cannot find vpnc proccess even if it is running and VPN is established.
On urukdroid there is 2 versions of 'ps' command:
1st is /bin/ps which is symbolic link to /bin/busybox (very old version of busybox (1.7.2, I believe) and output of ps this command is not suitable for VPN Connections (GUI)
2nd is /usr/local/bin/ps which is native ps command, but its output is also not suitable for VPN Connections (GUI)
There is a (hidden ) 3rd 'ps' command in /usr/local/bin/busybox (that version of busybox is 1.17.2) - but also not suitable output for VPN Connections (GUI).
Experimenting a bit I've found that '/usr/local/bin/ps -A' gives an suitable output, so I:
1. renamed /usr/local/bin/ps to /usr/local/bin/ps.new
2. made a script /usr/local/bin/ps with:
Code:
#!/bin/sh
ps.new -A
exit $?
3. chown root:root /usr/local/bin/ps; chmod 755 /usr/local/bin/ps
After that, everything worked.
Hope this solves issues for some of you
P.S. Forgot to mention - urukdroid 0.7 will have its own vpnc service built-in.
Click to expand...
Click to collapse
Just wanted to say thanks! I'm using Urukdroid 1.5 and had the same issue. Used your trick and now VPNC connects to my companies VPN ^_^
Hi!
I successfully use(d) OpenVPN with the available tun.ko versions on my Galaxy Tab.
I tried to move that to the brand new European version of the 10.1 (no V, GT-P7500, Kernel 2.6.36.3, [email protected] #1, buildnr HMJ37 P7500XXWKG9, baseband XXKG7, ). But obviously, there is no tun.ko in the kernel and the available versions of tun.ko do not work with the 3.1 Honeycomb kernel.
Does anybody has compiled a tun.ko for this kernel already or can guide/tell me, how to do this myself?
Regards,
Questions or Problems Should Not Be Posted in the Development Forum
Please Post in the Correct Forums and Read THIS
Moving to Q&A
I am searching badly for a solution tu use PPTP VPN on my Galaxy Tab 10.1 (no v) 3G, too!
In the meantime, I learned that tun.ko is part even of the stock kernel. Nevertheless, I did not get it running with the setup I used on my Galaxy Tab.
Are you sure? I did a search for the file but nothing was found.
if preshoot already upload his git sources, I can do this for you guys.
Just wait for him,to upload his latest sources...
funky81 said:
if preshoot already upload his git sources, I can do this for you guys.
Click to expand...
Click to collapse
That would be nice.
richardtrip here told me, that tun.ko is already in the stock kernel.
I am presently trying to find out what detail makes problems in the connection to my Linux server. A connection is established, but not fully and yet not useable.
Hi!
I did some experiments with my OpenSuse 10.3 server and the Tab 10.1.
With the tun-device, I can establish a connection. But the 10.1 does not receive its address in the VPN network, ifconfig does not show the tun-device as device.
The same configuration which works flawlessly on my Galaxy Tab does not work on the 10.1.
Perhaps somebody is experienced with the OpenVPN configuration in this case.
Some more findings:
The device used is tap, but tunctl must be called to create a persistent tapx.
tunctl expects /dev/net/tun which must be either created by a symlink (/dev/tun exists, mkdir /dev/net, ln -s /dev/net/tun /dev/tun) or must be added with parameter -f on commandline.
It also seems that ifconfig has different parameters than on my Galaxy Tab. Starting OpenVPN from commandline, it complains about route/ifconfig with wrong parameters.
With special thanks to Amarok, I could get his solution also working on my Tab 10.1:
Install Busybox from Market
Install OpenVPN Installer from Market and install to
binaries: /system/xbin
route/ifconfig: /system/xbin/bb
Create /system/xbin/bb with Root Explorer or from shell
Create link to busybox for ifconfig and route
ln -s /system/xbin/busybox /system/xbin/bb/route
ln -s /system/xbin/busybox /system/xbin/bb/ifconfig
Check permissions for /system/xbin/openvpn, it should be 777 (rwxrwxrwx)
Using the openvpn binary from my galaxy tab (copy into /system/xbin, chmod 777) got OpenVPN finally working.
akxak said:
With special thanks to Amarok, I could get his solution also working on my Tab 10.1:
Install Busybox from Market
Install OpenVPN Installer from Market and install to
binaries: /system/xbin
route/ifconfig: /system/xbin/bb
Create /system/xbin/bb with Root Explorer or from shell
Create link to busybox for ifconfig and route
ln -s /system/xbin/busybox /system/xbin/bb/route
ln -s /system/xbin/busybox /system/xbin/bb/ifconfig
Check permissions for /system/xbin/openvpn, it should be 777 (rwxrwxrwx)
Using the openvpn binary from my galaxy tab (copy into /system/xbin, chmod 777) got OpenVPN finally working.
Click to expand...
Click to collapse
The last step ? From you which tab did you copy openvpn ? Is it possible to get the specific openvpn. Still not working on my side.
Thanks
Nar
Have also a look at this thread:
http://forum.xda-developers.com/showthread.php?t=1185370
Attached the openvpn binary I use.
akxak said:
Have also a look at this thread:
http://forum.xda-developers.com/showthread.php?t=1185370
Attached the openvpn binary I use.
Click to expand...
Click to collapse
So the tun.ko with stock works? When I run openvpn from either cli or openvpn settings tab it'll connect but I get no ip address. The only errors I'm getting are " Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: route (2.1.1)". So is using the attached openvpn binary all it took?
--
Brad
---------- Post added at 06:49 PM ---------- Previous post was at 06:42 PM ----------
jbaskew said:
So the tun.ko with stock works? When I run openvpn from either cli or openvpn settings tab it'll connect but I get no ip address. The only errors I'm getting are " Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: route (2.1.1)". So is using the attached openvpn binary all it took?
--
Brad
Click to expand...
Click to collapse
I missed the permissions part in your earlier post. With the openvpn binary you attached to the thread along with changing the perms I'm good to go. Such a relief! Thanks, akxak!
--
Brad
What about tun.ko???? I run the same GT as you though 7500 3.1 ??
As already stated, tun.ko is part of the stock firmware.
Sent from my Galaxy Tab 10.1 using Tapatalk.
I dont find tun.ko on my GT when I search with root explorer..
my tun.ko is located in /data/media/openvpn/openvpn/tun.ko
On my Tab, a separate tun.ko is not required. OpenVPN works anyway, as that seems to be an integral part of the kernel.
I'm trying to use the openvpn settings as well but when I try to connect I get
"Fatal:Cannot allocate TUN/TAP dev dynamically"
and when I try to insmod tun.ko using adb, I get this error:
"init.module 'tun.ko' failed <Exec format error>
I'm using pershoot's most up to date kernel (yesterday) with the tun.ko file that was included with it. I also tried with the one supplied in this thread as a .rar file and I received the same errors.
Any ideas?
Nearly there
Hey everybody.
I also have some problem with openvpn connection.
At first i turn on openvpn the start the configuration (at the same time i started a ping on my server: ping 300.300.300.300 -t)
After that my ping works for 12 - 14 times. After the 12 + 14 times then it shows "out of time" error message.
What have i done wrong? (Every 5 seconds at the bottom of my tab it shows "myvpn.openvpn: Connected"
Preferences:
Samsung Galaxy Tab 10.1 Rooted
Android 3.1
Newest Busybox
Done everything from the tutorial of this topic
Update: When i turn the tun module on then the ping only works for about 9 times.
After about 20 failed pings, the pink works again for the amount i wrote.
As seen when I type with wifi tethering enabled
iptables -L -t nat -v
the MASQUERADE line is like "-o pdp0 -i any", this means that packets are matched only when they exit via the mobile network.
However, the line should be more like "-i softap0 ! -o softap0". The MASQUERADE line should match packets that enter via the wifi access point, and leave via any other interface. (But see below, -i doesn't work, must use -s)
I found this while trying to use openvpn. When openvpn is running, the android device has complete access to the vpn according to my tests. The laptop associated with the AP can access the internet, the android device, but not the network behind the VPN connection. I can find no reason for this other than the MASQUERADE line. The routing table, sysctl *.forward etc. are all looking fine.
With this MASQUERADE line, it cannot possibly work, because when the unmasqueraded softap0 packets go down the tun0 interface, no machine knows where to route the reply packets.
This is on Android 2.3, Samsung galaxytab stock firmware. I'll investigate further.
Update:
when I stop tethering, the MASQUERADE rule goes away. This proves it's indeed controlled by tethering.
I tried it on Android 4.0, Sony Xperia pro, Cyanogenmod 9 ---> same thing
I can understand that noone ever thinks about making a MASQUERADE line with "-i interface", but it seems actually the right thing to me. (Must use -s addr/mask instead) I'm doing this on a laptop with lots of virtual machines connected to an internal network. This must be masqueraded for outgoing packets, no matter what interface it goes out (wlan0, eth0, openvpn etc.)
Update:
-i interface doesn't work in POSTROUTING. So the line should be "-s address_range_of_softap ! -o interface".
This complicates matters for a workaround. I'm planning to schedule a script at boot time, but I don't know how to (correctly) find the softap address when it's not running.
Update:
I tried tethering and replaced the iptables rule with "-s address_range_of_softap ! -o softap0" instead of just "-o pdp0". This still works to route/masquerade traffic to the internet, but doesn't work vor tun0 (openvpn). I don't know why. No packets/bytes go through it (counter doesn't increase) when pinging the other side of the vpn.