Cisco VPN for EVO - EVO 4G Q&A, Help & Troubleshooting

Can someone tell me if they have had any success using VPNC or OPENVPN (or anything else) successfully to connect to a pure ipsec Cisco VPN with group authentication?
Also, could someone include a successful implementation in one of those amazing TIME our Devs have created?
Sent from my PC36100 using XDA App
Evo with Fresh

awwbaw3 said:
Can someone tell me if they have had any success using VPNC or OPENVPN (or anything else) successfully to connect to a pure ipsec Cisco VPN with group authentication?
Also, could someone include a successful implementation in one of those amazing TIME our Devs have created?
Sent from my PC36100 using XDA App
Evo with Fresh
Click to expand...
Click to collapse
I have not been successful but I think I am doing something wrong but here is the article
http://forum.xda-developers.com/showthread.php?t=698099
This one is on the Moment but the instructions may be similiar
http://forum.sdx-developers.com/android-2-1-development/(how-to)-run-a-cisco-vpn-client-(vpnc)-on-moment-2-1-(very-hacked-and-beta)/

Question...
this might seem dumb but I am concerning this...
I connect from remote to my company through Cisco VPN. There is a client on my notebook and I use secure ID.
Can VPN on the EVO allow me to connect with the evo and use it solely to access my company's intranet....or does this just allow vpn connection through tethering though my notebook/evo combo???? or both?
My interest is to use the evo by itself to occasionally log in and complete tasks.

vpnc works for me connecting to vpn 3015 and asa 5510 using ipsec with group authentication. I have heard if you tether while connected to vpn then your laptop will also be in the tunnel but I haven't tried that yet - I have used it for remote desktop directly from the phone.
here is what you need:
1) full root
2) busybox installed with symlinks
3) kernel version 2.6.29-a2443432
4) tun.ko from thread 698099
mostly I used the instructions from hxxp://code.google.com/p/get-a-robot-vpnc/wiki/Motorola_Droid_Support.
If you don't want to deal with installing busybox, I know for sure the fresh rom has it already setup.
copy tun.ko into /system/lib/modules
run the command insmod /system/lib/modules/tun.ko
I occasionally have issues disconnecting and/or losing connection to the internet after disconnecting - just enable/disable airplane mode has always fixed it.
there is also a log file in /data/data/org.codeandroid.vpnc_frontend/files/vpnc that may help troubleshooting connection issues.
edit: you need a farily new version of vpnc from the google code page - I think the one in the market won't work on evo.

Related

Does anyone have VPN Connection running on 2.2

Title says it all.
All of the 2.2 roms and kernels I have tried will connect to the VPN but must screw up the routes as they shut off my data.
Does anyone have this running?
the only issue i have with "VPN Connections" is that is doesn't pass DNS traffic correctly. hence, i must connect via IP Addy not DNS name. other than that it works fine for me. i'm able to establish a vpn connection then use the WYSE rdc/vnc app to connect to my windows or linux servers ... connnectbot for shell access.
I've also been unable to connect to either a PPTP or IPSec VPN over my 3G connection since upgrading to the official release of 2.2 on my EVO 4G. The connection appears to be established just fine, and the VPN server shows that my VPN client is connected, but I cannot ping to or from the device, nor access any internal resources from it. This is a serious bummer considering that things worked fine under 2.1. Will test over WiFi when I get home. Can't test it at work since we're behind a proxy (which is another gripe I have with Android right now... seriously Google, no proxy configuration options?).
i feel i should clarify the name the application i'm using to establish a vpn tunnel is not the stock android vpn application.
it is called "VPN Connection" http://www.appbrain.com/app/org.codeandroid.vpnc_frontend
amw2320 said:
Title says it all.
All of the 2.2 roms and kernels I have tried will connect to the VPN but must screw up the routes as they shut off my data.
Does anyone have this running?
Click to expand...
Click to collapse
I have some interesting info regarding VPN behavior. With 2.1, of course, it did not work. Here's what I experienced: I rooted my 2.1 with Unrevoked (not a full root) and then I installed OMJ's (8/6?) Froyo and lo and behold, my encrypted PPTP VPN to a MS 2003 server was working perfectly. I assumed that 2.2 resolved the vpn issues. Since I thought 2.2 was a fix, I didn't hesitate to install another ROM. This time, though, I also did a NAND root and installed another 2.2 rom; whose, I don't remember. My VPN was gone. What I discovered was that I COULD connect to an unencrypted MS PPTP server, but still not my encrypted VPN server at work. So, here we are today. I'm running Vael-Pak non-sense rom and after I loaded it I had no vpn, but here's the thing...a couple of days ago I was poking around inside some of the Evo's networking files, I didn't change anything, I just opened them and looked at them with Text Editor, and since then my encrypted PPTP VPN has been working great. I'm very hesitant to reboot my phone because I fear that it won't work anymore. Right now I'm happy.
I'm trying in vain to get VPN connections working too. The only ROM that I had it working with no problems was Cyanogenmod's. All the others don't seem to have it supported in the kernel. Now I'm running a ROM based on the stock 2.2 but haven't found a fix yet.
I'm in the same boat - my pptp vpn worked fine in stock 2.1, but not in stock 2.2...
Sent from my PC36100 using Tapatalk
I can't get a pptp (haven't tried l2tp) to connect from my unrooted 2.2 evo with encryption enabled. I'm trying to connect to my server at home running winxp pro with the default winxp vpn server setup.
Works fine if you disable encryption. But what's the point if it's not encrypted, right? It works fine with encryption using a laptop or my old iphone3G. Seems to be a bug with android.
I'd like to know if someone finds a workaround.
This worked in 2.1 - froyo broke it
liamaa said:
I can't get a pptp (haven't tried l2tp) to connect from my unrooted 2.2 evo with encryption enabled. I'm trying to connect to my server at home running winxp pro with the default winxp vpn server setup.
Works fine if you disable encryption. But what's the point if it's not encrypted, right? It works fine with encryption using a laptop or my old iphone3G. Seems to be a bug with android.
I'd like to know if someone finds a workaround.
Click to expand...
Click to collapse
-mark
I am in the same boat. On CM6 VPN works flawlessly, but it is missing a lot, and kept crashing on me.
On every other ROM and kernel with tun.ko, it says it is connected but no connectivity.
AVA V6 is fast, good battery life, everything works (including hulu, and blockbuster) and very stable, but the only single thing I can't get working is Cisco VPN!!
-David
I am curious, does anyone have VPN working on any Froyo ROM besides Cyanogen?
If so what Rom/kernel are you using?
Interesting observation last night - 4g was temporarily working in sf, and my pptp vpn worked over it. I turned off 4g and retested, pptp vpn didn't work over 3g...
-mark

[Q] What VPN solution is best/guaranteed to work

I have 2 old PIX firewalls I can use, or I could could use OpenVPN inside WRT, or anything. I have nothing setup yet.
What's the easiest VPN for the EVO to hook to?
I'm running unrooted 2.2.
There is no PIX or OpenVPN support in Android. If you root and download "VPN Connections" you can connect to a PIX or OpenVPN server. I have connected to each. Make sure to read through the bug reports. The version I was using had a routing problem that had to be corrected in vpnc-script.
I've managed to get my evo to connect a winxp pro box set up as a pptp vpn server. but only if I disable encryption on the evo. which kind of defeats the purpose.
Basically, android VPN support is spotty at best. There is an epically long google code thread on the subject.
For the time being setting up an ssh server and using connectbot seems to the best way to securely access remote networks. It's far from perfect but it's the best solution I've seen.
Some people have reported vpn success using custom roms. But they are the exception. And setting up an ssh server is probably easier than tweaking a custom rom, IMHO.
This conversation is over my head, but Logmein Ignition owns my soul.
Thanks everyone.
I might have to root my EVO again(last one was rooted, but had to get a new EVO through warantee)

Anyone use wifi tethering with android anyconnect?

I setup the anyconnect client on my phone which works great. I can access internal web pages, ssh to internal devices. Problem is that if I launch the anyconnect client on the phone, and then wifi tether my laptop to the phone, the phone will not forward the traffic from the tethered device to the Anyconnect VPN.
FWIW, Wifi Tethering works fine without the Anyconnect.
Running Task650's 4.2.2 rom and the Anyconnect for root users on the phone.
-J
Same problem here. Any help would be appreciated!
it's probably a routing issue on the phone, but I haven't had a chance to look into it yet.
-J
bump.
bump. I will look into this. But can't post my help until I make 10 posts and get the ability to post links
Its a setting set by your administrator
The issue:
You might already know this but your network admin configured the app to prevent sharing of the connection. This is a common measure to prevent breaches in security. Looking at the Cisco AnyConnect release notes:
Cisco has qualified the AnyConnect VPN client over a bluetooth or USB tethered Apple iPhone only. Network connectivity provided by other tethered devices should be verified with the AnyConnect VPN client before deployment.
Click to expand...
Click to collapse
The WorkAround
How AnyConnect works on the android is the same as on a computer, which is documented on SuperUser.
So what we have to do is either, export the VPN profile to another VPN app, or change the variable in memory that prevents tethering of the AnyConnect VPN session.
This can be done using (while it wasn't created for this purpose) Game Gardian

VPN Client on the Fire TV

Hi,
I'm in France and trying to set up a VPN client on the Fire TV.
The only decent I've found on the store is VPNroot which won't connect and display a "socket address family" error.
I'm using Boxpn service which works great on my desktop/mobiles.
Anyone succeeded in setting a VPN client on the ftv ?
..
c0mm0n said:
Hi,
I'm in France and trying to set up a VPN client on the Fire TV.
The only decent I've found on the store is VPNroot which won't connect and display a "socket address family" error.
I'm using Boxpn service which works great on my desktop/mobiles.
Anyone succeeded in setting a VPN client on the ftv ?
Click to expand...
Click to collapse
Not yet. I have tried HMA and vyprVPN the apps crash when connecting to a server. You could do what I did and install DD-WRT on your router, granted your router is compatible. It works great for me and a have everything behind that router protected by the VPN
Yes i'm working on the router side too, but still thinks it'd be great to have the client running on the FTV itself.
c0mm0n said:
Yes i'm working on the router side too, but still thinks it'd be great to have the client running on the FTV itself.
Click to expand...
Click to collapse
Yeah, it would be cool to take it anywhere with you and just fire up the VPN app and get all the content without having to worry about carrying a router with you. ill keep looking into it. will update if find anything
Tun.ko with droidvpn works.
Sent from my SM-G900F using XDA Free mobile app
Proxydroid with socks5 algo works.
Sent from my SM-G900F using XDA Free mobile app
I'm afraid, Fire TV OS is not particularly receptive to VPN usage however, if your router supports DD-WRT firmware, it's a good news because DD-WRT has the option of selecting different VPN configurations like: PPTP, L2TP or OpenVPN and Once configured, users on the network don’t need to enter a log in process when they need to activate the VPN. It just starts automatically, so any device connects automatically and easily, giving you all the benefits of using a reliable VPN service.
^^ Macuser just mentioned the tun.ko vpn module got it working. Theres a tun.ko installer by droidvpn in the playstore that some of u guys may want to mess with.
i tried to follow Rose Ab's idea
i found an old router with dd-wrt on it, i now have to networks: one local and one connected via vpn which has the AFTV on it.
it works great
lanfeust said:
i tried to follow Rose Ab's idea
i found an old router with dd-wrt on it, i now have to networks: one local and one connected via vpn which has the AFTV on it.
it works great
Click to expand...
Click to collapse
Care to share how you configured the two networks? I'm thinking about doing the same thing, but can't find a reliable guide to do so.
I have two routers - both configured with dd-wrt. I find that when I plug my second router (w/vpn) into the first's LAN port, I can never get a connection to pass through. Any suggestions would be appreciated.
Sent from my iPhone using Tapatalk
vyktym said:
Care to share how you configured the two networks? I'm thinking about doing the same thing, but can't find a reliable guide to do so.
I have two routers - both configured with dd-wrt. I find that when I plug my second router (w/vpn) into the first's LAN port, I can never get a connection to pass through. Any suggestions would be appreciated.
Sent from my iPhone using Tapatalk
Click to expand...
Click to collapse
actually, i have one router for my "usefull" network wich is configured as a gateway (you can use your internet box too). The other is configured as a vpn connected client, connected on the first, making a network for devices that need to be connected to the USA. I use purevpn and they have good tutorials for tomato or ddwrt and other kind of routers.
I also have a NAS with two ethernet ports... each connected on a different network, so it can be available from the fire tv and my computer
lanfeust said:
actually, i have one router for my "usefull" network wich is configured as a gateway (you can use your internet box too). The other is configured as a vpn connected client, connected on the first, making a network for devices that need to be connected to the USA. I use purevpn and they have good tutorials for tomato or ddwrt and other kind of routers.
I also have a NAS with two ethernet ports... each connected on a different network, so it can be available from the fire tv and my computer
Click to expand...
Click to collapse
Thanks for clarifying. I think I got it working on my end by configuring the 2nd router to use the first router's IP address as the gateway and local DNS server. Still not my preferred option (waiting for the PIA android app to function by itself), but it will work for now. Cheers.
wouldnt it be better to just load up DDWRT on a router and configure your vpn from there?
macuser said:
Tun.ko with droidvpn works.
Sent from my SM-G900F using XDA Free mobile app
Click to expand...
Click to collapse
Can you tell us a little more about how you got this working?
Thanks
The best option avalaible is proxydroid.
Droidvpn is too slow.
Knowing this, if you still prefer using a vpn just let me know.
macuser said:
The best option avalaible is proxydroid.
Droidvpn is too slow.
Knowing this, if you still prefer using a vpn just let me know.
Click to expand...
Click to collapse
Can you explain the settings on the router side? I have dd-wrt
OpenVPN running both natively and on router
justin6162 said:
Can you explain the settings on the router side? I have dd-wrt
Click to expand...
Click to collapse
There is a thread on reddit that explains both using the OpenVPN client directly on FireTV or split-routing setup.
Here is the link to use the OpenVPN client natively on FireTV:
reddit.com/r/fireTV/comments/2b4hlh/finally_got_vpn_working/
Here is the link to use OpenVPN on the router and selectively route traffic over the tunnel for the FireTV:
reddit.com/r/fireTV/comments/2b4hlh/finally_got_vpn_working/cjwup38
I'm sure you can adapt the instructions to suit dd-wrt. And if you can't, maybe you should switch over to OpenWRT.
P.s. I'm a lurker so I cannot generate links until I've posted 10 times. Maybe a mod can do it, or someone else can repost it, or better yet, transcribe the instructions.
snappywan said:
There is a thread on reddit that explains both using the OpenVPN client directly on FireTV or split-routing setup.
Here is the link to use the OpenVPN client natively on FireTV:
reddit.com/r/fireTV/comments/2b4hlh/finally_got_vpn_working/
Here is the link to use OpenVPN on the router and selectively route traffic over the tunnel for the FireTV:
reddit.com/r/fireTV/comments/2b4hlh/finally_got_vpn_working/cjwup38
I'm sure you can adapt the instructions to suit dd-wrt. And if you can't, maybe you should switch over to OpenWRT.
P.s. I'm a lurker so I cannot generate links until I've posted 10 times. Maybe a mod can do it, or someone else can repost it, or better yet, transcribe the instructions.
Click to expand...
Click to collapse
I was able to get a split tunnel up and running on an ASUS RT-N66U router running Merlin Firmware. The VPN in Merlin is basically a port of OpenVPN in the tomato firmware implementation. The first step is to create the VPN tunnel and then you can setup the separate routes. For Private Internet Access (PIA). I used the following instructions to setup the tunnel:
https://www.privateinternetaccess.com/forum/index.php?p=/discussion/110/updated-tomato-setup-for-newer-branches-including-tomatousb/p1
Next I followed the instructions on this page for setting up a separate route for my FireTv. With this configuration my AFTV goes through the VPN tunnel and everything else goes through the normal Wan to my ISP. I followed the following instruction. Look at page 2 of the post for the instructions by WIZIN
http://www.smallnetbuilder.com/forums/showthread.php?t=9311&highlight=split
This is tailored for ASUS routers, but the idea should not be too difficult to implement on and dd-wrt o tomato firmware.
For me this is a much cleaner solution than running something on the AFTV. It starts up and shuts down with the router, so I don' have worry about restarting it when I reboot on the AFTV or it using CPU and memory on the AFTV.
Please help
Rose Ab said:
I'm afraid, Fire TV OS is not particularly receptive to VPN usage however, if your router supports DD-WRT firmware, it's a good news because DD-WRT has the option of selecting different VPN configurations like: PPTP, L2TP or OpenVPN and Once configured, users on the network don’t need to enter a log in process when they need to activate the VPN. It just starts automatically, so any device connects automatically and easily, giving you all the benefits of using a reliable VPN service.
Click to expand...
Click to collapse
I have a fire tv and would like to have a backup to connect to the office. I have a Asus N900 which has asuswrt fimrware. How do I setup the client to connect I am getting bad config on mine when trying to connect. IPCP -timeout sending config-requests.

PPTP VPN client on FTV

Hi, I have a ASUS router loaded with DD-WRT. I have enabled PPTP server on my router. I wish to connect to my router using this PPTP VPN natively from my FTV.
I can connect fine from my Windows 8 machine (and my IPhone), but not from FTV. I understand FTV has been stripped of VPN modules. I am able to successfully connect to my OPENVPN server on the same router from my FTV using a few google play apps like Tun.KO, OpenVPN settings and OPENVPN installer.
I am wondering if there is way to accomplish the same thing for the PPTP? I did try the VpnRoot application, but it gives me an error. Important 2 lines are:
-- Creating PPPoX socket --
-- Socket() Address family not supported by protocol
I researched this error and it seems like FTV (as we already know) is missing pppox.ko (or pppol2tp??) kernel module. Now, there are places to download the supporting files to build this module. I am not sure how to proceed on that (build and install). Or if there is a simpler way to install this on FTV? From my understanding, building modules on linux has to be targeted to the kernel version... So, I am lost and any help is appreciated.
Any luck figuring this out with PPTP?
No, I haven't looked at it furthur. I don't have a linux box, but I did free up some space on my HD to install Fedora. But, I am planning to take a crack at it soon! It would be nice if RBox can include the PPTP support in his pre-rooted ROMs... Not sure how difficult that is for him (yes, its a copout :crying
This might not address your initial question directly, but you can use a script to change iptables on the router to VPN only the IP of the AFTV:
http://serverfault.com/questions/38...-hosts-route-through-openvpn-client-on-tomato
Mind you, this is for Tomato, but DD-WRT uses scripts too. I'm using it with Tomato Shibby BUT with OpenVPN not PPTP...cannot comment on the latter.
I tried a few VPN clients on AFTV, no dice.
Thanks. There was a wiki on dd-wrt on how to selectively route VPN traffic for certain hosts. But don't have a need for it. But it is a good learning post and potentially helpful to folks trying to use VPN to access US based services and not wanting to buy an extra router just for that. Much appreciated.

Categories

Resources