Hi!
I've got Nokia 7.2 with android 10 and I have interesting issue with android's VPN functionality.
My VPN is l2tp/ipsec PSK. It is working well, but with one interesting aspect.
My VPN server has another services on it's ip (http and etc).
If VPN is used on-demand (manual activating) - all is ok, I can use server's other services.
But if I switch VPN to "always-on" state - server's other services become unavailable.
Browser showing Error "ERR_NETWORK_ACCESS_DENIED"
What is interesting also - i can't ping vpn server's ip from phone. Ping command brings error message "do you want to ping broadcast". It seems like an error in netmask, but ifconfigs between 'on-demand' and 'always-on' are similar.
Phone is not rooted, so I can't check routes (or i don't know how to do it w\o root)
What can advice more experienced users? Where should i look into.
Thanks for any response in advance.
Related
Hi everyone,
I have a little problem that I don't know how to solve, nor diagnose as I lack some knowledge.
I have a linksys E3000 router. I installed one of the many Tomato firmware flavors that has bundled VPN server. I managed to configure the server, generated the keys ca,client etc. Everything seems to work fine from a PC. I also run the latest cyanogenmod nightly on my Hero. I managed to solve or let's say find out how to install the certificates onto the system (add the ca.crt, client.crt, client.key into a .pk12 openssl package). Then I used the default CM configuration assitant to configure the connection and it works, or at least it connects and I can see that the conection was succesful on my router GUI.
Now, the problem is that even if it says connected (a small key at status bar), I can't do anything, no web browsing, no android market connection, nothing that involves traffic. I don't know what is the problem, or how to diagnose, log or something. Any help would be apreciated.
Thank you.
My router vpn server configuration:
Interface Type TAP
Protocol UDP
Port 1194
Firewall Automatic
Authorization Mode TLS
Extra HMAC authorization (tls-auth) Disabled
Client address pool DHCP
--------------------------------
Direct clients to redirect Internet traffic (tick)
Encryption cipher Default
Manage Client-Specific Options (tick)
Allow Client<->Client (tick)
My HTC Hero configuration:
-Basic
Name (some i chose)
VPN server (a dyndns host, the router updates the ip automatically)
User authentication (unticked)
CA certificate (the pk12 file i created)
CLIENT certificate (the pk12 file i created)
DNS search domains (unchanged)
-Advanced:
Server port 1194
Protocol to use udp
Device to use tap
LZO compression (unticked)
Redirect gateway (ticked)
Remote Sets Adresses (ticked)
Local IP Adress (faded)
Remote IP Adress (faded)
Chipher algorithm default
Size of cipher key default
Extra arguments unchanged
I'm running a Piratebox web server on my phone - Does anyone know if there's a way to adjust DNS and re-direct everyone to my phones web server when they are tethering from my phone?
+1 to this question.
I am currently trying to find a way to get some android devices, which are working as AdHoc clients), and I want an app running on them to connect to a "server" address instead of using a specific, fixed IP address. I meant to do this programatically, by creating a socket to an InetAddress resolution of the "server" address. I assume InetAddress will use the DNS defined on the wireless interface to make this translation, but its Java, and that assumption really depends on the low level impl. of InetAddress.
So yeah, DNS redirect from the DNS server running on the AdHoc host, which by association also runs Wireless Tether for root users. How can we do it?
I have tried some redirections from the hosts file (zone file), location in "system/etc/hosts". My device, like many others, comes preloaded with a bunch of IP-hostname redirections, but these only seem to work locally, e.g.:
gugle.com redirects to 127.0.0.1 (in the hosts: "gugle.com 127.0.0.1")
If I input this address on the AdHoc host, gugle.com will redirect to my http port 80 landing (I have a web server running on the device to test this).
If I input this address on an AdHoc client, it doesnt return anything. I'm guessing the DNS server running on the host does not use the zone file from the OS.
So the question remains - where can we define a redirection from the DNS server that runs on the Wireless Tethering for root users device.
I have a Mac mini running OS X 10.8.2 with the OS X Server 2.2.1 from the app store, and I have set up the VPN using L2TP in the Server.app interface. I have tested this VPN connection using a Macbook, which works, but I can't figure out how to get Android's built-in VPN to work.
Current set-up:
I have opened ports 500, 1701, 1723, and 4500 on my router.
I am using a dynamic DNS from no-ip.com, we'll say hostname.no-ip.org
I have set a "Shared Secret", we'll say 1234567890
I have set up an account for my android phone on the server, let's say the user name is "nexus" and the password is "google"
On the Macbook, I simply use the DNS, the secret, and credentials that I have set up on the server, and it connects.
On my Android device (Nexus 4 4.2.2) I am using the following settings:
Name: Mac Server
Type: L2TP/IPSec PSK
Server address: hostname.no-ip.org
LT2TP secret: (not used)
IPSec identifier: (not used)
IPSec pre-shared key: 1234567890
When I try to connect using these settings, it prompts for the username and password, so I enter "nexus" and "google". It sits there saying "Connecting..." for maybe 30 seconds and then it just goes back to "Disconnected" with no error or other message. I have also tried putting the "Shared Secret" in the L2TP secret field, but with the same result.
Is the built-in Android VPN simply incompatible with OS X Server's VPN? Or have I misconfigured something?
Note: I would strongly prefer to continue using L2TP, and not the less-secure PPTP VPN
Ok, so I have managed to connect to the VPN when doing it INSIDE the network to the IP of the server (lets say 192.168.1.2). If I change the address to hostname.no-ip.org it won't connect, although it is working for everything else (such as web, etc).
I have tried on my iPad and I can connect just fine either from inside the network or over 3G connection.
On the Nexus I have tried to change the hostname.no-ip.org to my public IP address but it will not work either.
The funny thing is that when I try to make it work outside the server, the mac server log will show nothing, while every other test I run it logs it perfectly.
I think something is very broken in the way VPN is implemented in Android. Am I the only one finding himself in this situation?
....your missing a very large part.....
FORWARD YOUR PORTS ON YOUR ROUTER
Also in your router look for anything relating to VPN.
Also some routers will not alow you to conect from the external ip internally. I hate routers like that..
and why run osx server on a macbook?
if you want a secure home vpn, go find a old windows computer any p4 will do and install linux and install vpn services on it.
Hello Everyone,
I am contacting you on behalfo of HideIPVPN.com - VPN & SmartDNS service provider.
Here is what we need,
we are looking for developer capable of creating app for both iOS & Android or at least one of those systems (offers for both are of course more preferable).
Task is to create VPN & SmartDNS connection manager - that will create connection to our servers.
Application will use an API to authenticate clients based on their username and password for VPN service and list all VPN servers which support PPTP, L2TP and OpenVPN protocol.
1.1 Application should be able to create VPN connection based on client server/protocol/country selection.
1.2 App. should look similar to our Windows software.
1.3 Client should be able to select Country, City and VPN protocol (PPTP, L2TP or OpenVPN) then press connect button.
1.4 From options we need all possible options on Android/iOS
1.5 Application killer, this function will kill selected apps. if VPN connection drops and should be able to restart apps. if VPN connection was re-established.
Specifications for Smart DNS:
Application will use an API to authenticate clients based on their SmartDNS key and list all DNS server countries for Smart DNS service.
2.1 Application should be able to Update DNS settings under selected wifi connection and flush DNS cache on Android.
2.2. App. will use API to update client IP address. 2.3 App will use an API to change Netflix zone from listed countries.
2.4 App should be able to update IP address on cron (clients can sect 24h, 1h, 30 min, 15 min and 5 min )
If you are interested in developing these apps for us, please contact us here [[email protected]] so that further details can be discussed. We would appreciate if you message would include rough price estimate.
If you want to see how our Windows software works, you can download it here (https://billing.hideipvpn.com/dl.php?type=d&id=59).
To register 3h trial VPN account click here: http://www.hideipvpn.com/freetrial/
To register 7 days trial SmartDNS account click here: https://billing.hideipvpn.com/free-trial-smartdns/
Both options require no further commitment to service, C/C details or any sort of resignation, feel free to try!
Looking forward to hear form you,
HideIPVPN Team
hello lads, I am interested in making Android application that can be use as VPN server, any tips where I can start from ? Is it possible ? I have not see any good topic about this in net
I just wonder why you consider an Android app as a VPN server.
Is it just a portal for a specific LAN? Or do you need a general VPN server for encrypted internet connections?
Even if you can implement basic functions of this VPN server, don't you worry about its concurrent & load capacity as a 'server'? ......
Its definitely possible but you'll have to likely root the phone first.
I turned a rooted Android phone into a VPN server by using the Linux Deploy app and UNIX tools "busy box app" then running CentOS on Linux Deploy. I installed SoftEther VPN Server on CentOS through SSH on the phone.
I wrote about it in a forum. If you google "Turn a flashed to verizon phone into vpn server" it will come up in Aspkin forum and you can see me work through it.
This way is 100% free and SoftEther will tunnel straight through a firewall using port 443 unlike any paid app so you can leave the phone hidden anywhere connected to WiFi and as long as you use SoftEther Client and the DNS host name to connect to the server. It wont work if you use a openVPN or L2TP/IPsec client without opening ports on the router of the wifi connection, or the server IP address (which would be a local ip if connected to wifi hidden somewhere).
Click to expand...
Click to collapse
James_Watson said:
I just wonder why you consider an Android app as a VPN server.
Is it just a portal for a specific LAN? Or do you need a general VPN server for encrypted internet connections?
Even if you can implement basic functions of this VPN server, don't you worry about its concurrent & load capacity as a 'server'? ......
Click to expand...
Click to collapse
Thank you for your reply. I just want to make a VPN server that uses a mobile network and accepts connection from 1 device(concurrent or load capacity or encryption does not matter). It is a small part of my application and not for commercial use. so, everything is possible, to root a device or another way to do my goal.