I setup the anyconnect client on my phone which works great. I can access internal web pages, ssh to internal devices. Problem is that if I launch the anyconnect client on the phone, and then wifi tether my laptop to the phone, the phone will not forward the traffic from the tethered device to the Anyconnect VPN.
FWIW, Wifi Tethering works fine without the Anyconnect.
Running Task650's 4.2.2 rom and the Anyconnect for root users on the phone.
-J
Same problem here. Any help would be appreciated!
it's probably a routing issue on the phone, but I haven't had a chance to look into it yet.
-J
bump.
bump. I will look into this. But can't post my help until I make 10 posts and get the ability to post links
Its a setting set by your administrator
The issue:
You might already know this but your network admin configured the app to prevent sharing of the connection. This is a common measure to prevent breaches in security. Looking at the Cisco AnyConnect release notes:
Cisco has qualified the AnyConnect VPN client over a bluetooth or USB tethered Apple iPhone only. Network connectivity provided by other tethered devices should be verified with the AnyConnect VPN client before deployment.
Click to expand...
Click to collapse
The WorkAround
How AnyConnect works on the android is the same as on a computer, which is documented on SuperUser.
So what we have to do is either, export the VPN profile to another VPN app, or change the variable in memory that prevents tethering of the AnyConnect VPN session.
This can be done using (while it wasn't created for this purpose) Game Gardian
Related
Can someone tell me if they have had any success using VPNC or OPENVPN (or anything else) successfully to connect to a pure ipsec Cisco VPN with group authentication?
Also, could someone include a successful implementation in one of those amazing TIME our Devs have created?
Sent from my PC36100 using XDA App
Evo with Fresh
awwbaw3 said:
Can someone tell me if they have had any success using VPNC or OPENVPN (or anything else) successfully to connect to a pure ipsec Cisco VPN with group authentication?
Also, could someone include a successful implementation in one of those amazing TIME our Devs have created?
Sent from my PC36100 using XDA App
Evo with Fresh
Click to expand...
Click to collapse
I have not been successful but I think I am doing something wrong but here is the article
http://forum.xda-developers.com/showthread.php?t=698099
This one is on the Moment but the instructions may be similiar
http://forum.sdx-developers.com/android-2-1-development/(how-to)-run-a-cisco-vpn-client-(vpnc)-on-moment-2-1-(very-hacked-and-beta)/
Question...
this might seem dumb but I am concerning this...
I connect from remote to my company through Cisco VPN. There is a client on my notebook and I use secure ID.
Can VPN on the EVO allow me to connect with the evo and use it solely to access my company's intranet....or does this just allow vpn connection through tethering though my notebook/evo combo???? or both?
My interest is to use the evo by itself to occasionally log in and complete tasks.
vpnc works for me connecting to vpn 3015 and asa 5510 using ipsec with group authentication. I have heard if you tether while connected to vpn then your laptop will also be in the tunnel but I haven't tried that yet - I have used it for remote desktop directly from the phone.
here is what you need:
1) full root
2) busybox installed with symlinks
3) kernel version 2.6.29-a2443432
4) tun.ko from thread 698099
mostly I used the instructions from hxxp://code.google.com/p/get-a-robot-vpnc/wiki/Motorola_Droid_Support.
If you don't want to deal with installing busybox, I know for sure the fresh rom has it already setup.
copy tun.ko into /system/lib/modules
run the command insmod /system/lib/modules/tun.ko
I occasionally have issues disconnecting and/or losing connection to the internet after disconnecting - just enable/disable airplane mode has always fixed it.
there is also a log file in /data/data/org.codeandroid.vpnc_frontend/files/vpnc that may help troubleshooting connection issues.
edit: you need a farily new version of vpnc from the google code page - I think the one in the market won't work on evo.
I'm not certain if this is a kernel, ROM or software issue. I am running Fresh ROM 1.0.1 with the Netarchy 3.7.5 kernel, I have enabled the JIT compiler, and I have purchased the Xtralogic Remote Desktop Client version 1.14.0 and also use ES File Explorer for FTP/Samba.
I am able to authenticate and connect to our corporate VPN server. Once connected, I AM able to ping both from within the network to my device, and from adb-shell on my device to devices on the network. DNS resolution is working as expected over the VPN; search domains are setup properly.
However, upon establishing a connection (UDP or TCP) to any device on the remote network, my VPN connection dies (server side -- the android client still reads as connected). No bytes are received from the client anymore (per the corporate vpn software). I've tried this with RDP (UDP), SMB (UDP) and FTP (TCP). All three had the same result; upon initiating the socket, the VPN connection comes to a halt.
I know this worked when I was stock rooted.. and have only tried it again recently for a business trip in which RDP access to some remote servers would be a great big help. My changes are listed above: Fresh Rom 1.0.1, Netarchy 3.7.5 kernel, JIT enabled.
LogCat provides plenty of output for the VPN connection, but there is NOTHING logged when the "disconnect" occurs.
Any ideas?!
I received a response from the software vendor:
I received other reports about problem with VPN on Android. Unfortunately I don't have any solution to this problem. It is not RDP client specific, it looks like it is triggered by certain amount of network traffic. You will get the same result if you try to browse Internet on the phone when connect over VPN.
Click to expand...
Click to collapse
So, I ask if anyone can confirm or deny from their own device?
I have 2 old PIX firewalls I can use, or I could could use OpenVPN inside WRT, or anything. I have nothing setup yet.
What's the easiest VPN for the EVO to hook to?
I'm running unrooted 2.2.
There is no PIX or OpenVPN support in Android. If you root and download "VPN Connections" you can connect to a PIX or OpenVPN server. I have connected to each. Make sure to read through the bug reports. The version I was using had a routing problem that had to be corrected in vpnc-script.
I've managed to get my evo to connect a winxp pro box set up as a pptp vpn server. but only if I disable encryption on the evo. which kind of defeats the purpose.
Basically, android VPN support is spotty at best. There is an epically long google code thread on the subject.
For the time being setting up an ssh server and using connectbot seems to the best way to securely access remote networks. It's far from perfect but it's the best solution I've seen.
Some people have reported vpn success using custom roms. But they are the exception. And setting up an ssh server is probably easier than tweaking a custom rom, IMHO.
This conversation is over my head, but Logmein Ignition owns my soul.
Thanks everyone.
I might have to root my EVO again(last one was rooted, but had to get a new EVO through warantee)
Hey everyone. Was curious if anyone has tried a VPN application on the Nexus. Not sure if stock kernel would even support it. I currently use VPN Connections on my Droid Incredible CM7, as it was only easy vpn app I found to connect to my cisco vpn network at work.
Yeah you need custom kernel and root.
Sent from my Galaxy Nexus using XDA App
No root or custom kernel with Columbitech! All stock client with Android 4.0! Two factor authentication, 256 bit AES encryption, FIPS 140-2 certification and session persistence!
https://market.android.com/details?...51bGwsMSwyLDEsImNvbS5jb2x1bWJpdGVjaC5tVlBOIl0.
Wait, I thought ICS added Cisco VPN support. Why bother with rooting or Columbitech?
https://code.google.com/p/android/issues/detail?id=3902#c1537
Cisco VPN now works, at least against the ASA5505 I'm testing against. It accepts Group Names under IPSec/L2TP/PSK. Key in your group name and password, and it should work. Have not messed with certificates yet.
Works for me too (don't know the model).
This release is all kinds of awesome
alee said:
Cisco VPN now works, at least against the ASA5505 I'm testing against. It accepts Group Names under IPSec/L2TP/PSK. Key in your group name and password, and it should work. Have not messed with certificates yet.
Click to expand...
Click to collapse
What about SSL VPN (i.e. Cisco AnyConnect)?
Chirality said:
What about SSL VPN (i.e. Cisco AnyConnect)?
Click to expand...
Click to collapse
Cisco has Anyconnect apps in the market for SSL VPN. You have to have the corresponding mobile licenses installed in the ASA first.
davanw said:
Cisco has Anyconnect apps in the market for SSL VPN. You have to have the corresponding mobile licenses installed in the ASA first.
Click to expand...
Click to collapse
Hmm...looks like it either requires root or a specific hardware vendor's ROM to work. Guess they haven't updated it to use the ICS VPN API yet.
Hmmmm today Im try connect to Cisco VPN which use Group Authentication but failed. On PC I use Cisco VPN Client version 5.0.07.0290 and can normaly connect.
I don't use certificates.
I have selected IPSec over UDP (NAT / PAT).
I have Host, Group Name, Group Password, User Name, User Password which I must write in which edit box on android?
Few of you mention to use it already supports it. I tried to setup one with L2TP/IPSec PSK. Entered the server name. Which fields do you put the group username and password in?
Thanks in advance!
I'm using the IPSec XAuth PSK setup filling the IPSec identifier with group and IPSec pre shared key with the shared password. I didn't need to use the advanced section.
I just basically went through each setup option until I hit the right combination.
That worked! Thanks. Now is there a way to get around requiring a passcode to unlock the phone?
good god that was so much easier than setting up my transformer for this. thanks everyone for the guidance. Any idea if there's a widget that will just turn a specific vpn on/off?
I'm using a Cisco IPSEC VPN concentrator. with PSK auth.
I'm able to connect but i can't route any traffic.
When i connect from my desktop i use to get a /24 IP with a default gw, when connecting from my phone all i get is a /32 ip and no default gw
Didn't see a post directly about this so I wanted to ask.
Has anyone tinkered with having the gnex open a VPN and clients connected via the hotspot function (default vzw, rooted, or other apps) being able to access internal resources?
Not sure if a VPN is created first, the hotspot function will NAT the VPN based IP or the public vzw address.
Thanks!