I'm not certain if this is a kernel, ROM or software issue. I am running Fresh ROM 1.0.1 with the Netarchy 3.7.5 kernel, I have enabled the JIT compiler, and I have purchased the Xtralogic Remote Desktop Client version 1.14.0 and also use ES File Explorer for FTP/Samba.
I am able to authenticate and connect to our corporate VPN server. Once connected, I AM able to ping both from within the network to my device, and from adb-shell on my device to devices on the network. DNS resolution is working as expected over the VPN; search domains are setup properly.
However, upon establishing a connection (UDP or TCP) to any device on the remote network, my VPN connection dies (server side -- the android client still reads as connected). No bytes are received from the client anymore (per the corporate vpn software). I've tried this with RDP (UDP), SMB (UDP) and FTP (TCP). All three had the same result; upon initiating the socket, the VPN connection comes to a halt.
I know this worked when I was stock rooted.. and have only tried it again recently for a business trip in which RDP access to some remote servers would be a great big help. My changes are listed above: Fresh Rom 1.0.1, Netarchy 3.7.5 kernel, JIT enabled.
LogCat provides plenty of output for the VPN connection, but there is NOTHING logged when the "disconnect" occurs.
Any ideas?!
I received a response from the software vendor:
I received other reports about problem with VPN on Android. Unfortunately I don't have any solution to this problem. It is not RDP client specific, it looks like it is triggered by certain amount of network traffic. You will get the same result if you try to browse Internet on the phone when connect over VPN.
Click to expand...
Click to collapse
So, I ask if anyone can confirm or deny from their own device?
Title says it all.
All of the 2.2 roms and kernels I have tried will connect to the VPN but must screw up the routes as they shut off my data.
Does anyone have this running?
the only issue i have with "VPN Connections" is that is doesn't pass DNS traffic correctly. hence, i must connect via IP Addy not DNS name. other than that it works fine for me. i'm able to establish a vpn connection then use the WYSE rdc/vnc app to connect to my windows or linux servers ... connnectbot for shell access.
I've also been unable to connect to either a PPTP or IPSec VPN over my 3G connection since upgrading to the official release of 2.2 on my EVO 4G. The connection appears to be established just fine, and the VPN server shows that my VPN client is connected, but I cannot ping to or from the device, nor access any internal resources from it. This is a serious bummer considering that things worked fine under 2.1. Will test over WiFi when I get home. Can't test it at work since we're behind a proxy (which is another gripe I have with Android right now... seriously Google, no proxy configuration options?).
i feel i should clarify the name the application i'm using to establish a vpn tunnel is not the stock android vpn application.
it is called "VPN Connection" http://www.appbrain.com/app/org.codeandroid.vpnc_frontend
amw2320 said:
Title says it all.
All of the 2.2 roms and kernels I have tried will connect to the VPN but must screw up the routes as they shut off my data.
Does anyone have this running?
Click to expand...
Click to collapse
I have some interesting info regarding VPN behavior. With 2.1, of course, it did not work. Here's what I experienced: I rooted my 2.1 with Unrevoked (not a full root) and then I installed OMJ's (8/6?) Froyo and lo and behold, my encrypted PPTP VPN to a MS 2003 server was working perfectly. I assumed that 2.2 resolved the vpn issues. Since I thought 2.2 was a fix, I didn't hesitate to install another ROM. This time, though, I also did a NAND root and installed another 2.2 rom; whose, I don't remember. My VPN was gone. What I discovered was that I COULD connect to an unencrypted MS PPTP server, but still not my encrypted VPN server at work. So, here we are today. I'm running Vael-Pak non-sense rom and after I loaded it I had no vpn, but here's the thing...a couple of days ago I was poking around inside some of the Evo's networking files, I didn't change anything, I just opened them and looked at them with Text Editor, and since then my encrypted PPTP VPN has been working great. I'm very hesitant to reboot my phone because I fear that it won't work anymore. Right now I'm happy.
I'm trying in vain to get VPN connections working too. The only ROM that I had it working with no problems was Cyanogenmod's. All the others don't seem to have it supported in the kernel. Now I'm running a ROM based on the stock 2.2 but haven't found a fix yet.
I'm in the same boat - my pptp vpn worked fine in stock 2.1, but not in stock 2.2...
Sent from my PC36100 using Tapatalk
I can't get a pptp (haven't tried l2tp) to connect from my unrooted 2.2 evo with encryption enabled. I'm trying to connect to my server at home running winxp pro with the default winxp vpn server setup.
Works fine if you disable encryption. But what's the point if it's not encrypted, right? It works fine with encryption using a laptop or my old iphone3G. Seems to be a bug with android.
I'd like to know if someone finds a workaround.
This worked in 2.1 - froyo broke it
liamaa said:
I can't get a pptp (haven't tried l2tp) to connect from my unrooted 2.2 evo with encryption enabled. I'm trying to connect to my server at home running winxp pro with the default winxp vpn server setup.
Works fine if you disable encryption. But what's the point if it's not encrypted, right? It works fine with encryption using a laptop or my old iphone3G. Seems to be a bug with android.
I'd like to know if someone finds a workaround.
Click to expand...
Click to collapse
-mark
I am in the same boat. On CM6 VPN works flawlessly, but it is missing a lot, and kept crashing on me.
On every other ROM and kernel with tun.ko, it says it is connected but no connectivity.
AVA V6 is fast, good battery life, everything works (including hulu, and blockbuster) and very stable, but the only single thing I can't get working is Cisco VPN!!
-David
I am curious, does anyone have VPN working on any Froyo ROM besides Cyanogen?
If so what Rom/kernel are you using?
Interesting observation last night - 4g was temporarily working in sf, and my pptp vpn worked over it. I turned off 4g and retested, pptp vpn didn't work over 3g...
-mark
I had the android-wifi-tether app working just fine with Visionary soft root and the original 2.2 build that came with my G2. After updating to the newest build from T-Mobile, hard rooting and setting up Cyanogen 6.1, tether over wifi has stopped working.
When I try to start up a wifi network with the android-wifi-tether app, the built in wifi tether app starts up in the notification bar and the IP Address I get from DHCP is handed out by the built in app (192.168.43.0 range), but I am unable to push any packets through. Checking ifconfig on the phone it seems like my ip address is 192.168.43.1, not 10.3.0.1 which is what I configured in the android-wifi-tether app.
Starting up the built in wifi tether app, I can't even get an IP address through DHCP. Setting a static address I can ping the phone at 192.168.43.1, but I can't push any bits through to the internet.
Any suggestions? I've already removed the android-wifi-tether app and replaced it with a current version. Is there any way I can disable the built in app? Thanks!
I'm using CM9 on my galaxy nexus.
I can connect to my PPTP VPN server (my router running tomato) fine without tunneling, both inside my lan, and outside it.
I can connect to my SSH server (again my router), both inside my lan and outside it. And have successfuly forwarded ports before w/ connect bot and remote desktop apps.
But everything I try results in my VPN connection timing out when I try to do it over the SSH tunnel. I have it connecting to localhost on the VPN settings side. And on the connect bot side i am forwarding port 1723 to 192.168.1.1:1723 (which is my routers lan IP).... but it still times out.
Does anyone have any ideas? is this even possible?
bump - so no one has tried to do this?
edit: nevermind, not possible with PPTP http://www.webhostingtalk.com/showthread.php?t=666728
PPTP requires the GRE protocol, which you can't tunnel over SSH. I've googled this extensively and have tried it repeatedly without any success. You could do PPP over SSH, but it's not very easy to set up, and depending on what OSes you're running, it might be out of your reach.
Check out OpenVPN; it runs on both Windows and Linux, uses a single configurable port for communications, and does everything over that port; as long as you can find an unblocked port on your network to use it on, you should be fine.
Click to expand...
Click to collapse
Update: This is resolvable by setting the firewall to blacklist mode and inverting the selection. While I prefer whitelist mode, this will work until I can find a better solution.
Note, when inverting, make sure that "All Applications" isn't checked. It isn't obvious, because it should also be left unchecked in whitelist mode, but this will block everything in blacklist mode.
First off, this is on the Dev Edition (Sense) Lollipop release. Phone is S-off/bootloader unlocked, but I doubt that matters. I am using AFWall+ to manipulate the firewall (iptables) configuration.
The problem is USB tethering. DNS requests aren't getting through to the tethered device no matter what I do if iptables is configured. I checked the logs and they showed that process -11 (kernel) was blocked from sending UDP (DNS) to the tethered IP address. However, I specifically enabled the kernel, -12 (tethering DHCP & DNS), and root apps for good measure. Nothing.
However, it is JUST DNS. If I use an onboard terminal to nslookup the name, I can use the IP address from the tethered machine just fine. It appears that TCP isn't being blocked, just UDP. Further, local apps have no problem access the network in any way - it's just the USB tethered PC that is having trouble. I have not tried WiFi tethering yet.
I have tried my usual app, DroidWall, and now AFWall+, but neither can get it done. Something seems to have changed in Lollipop, because this used to work in KitKat.
Any ideas?