1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OpenVPN Android Setup

Discussion in 'Tomato Firmware' started by Slingky78, Feb 2, 2011.

  1. Slingky78

    Slingky78 Networkin' Nut Member

    Hi guys,

    I'm trying to use openVPN on my tomato router build 54 for accessing my network from my android cellphone (nexus one running cm7 build 17)

    I tried 2 things on tomato server

    a) tap mode
    - from a windows client : I get ip, gateway, internet access and I'm able to access computers from the internal LAN (in my case 192.168.11.0)
    - from android : I don't get any ip at all (same cert and config files)

    b) tun mode
    - from windows and android : I get an ip but no default gateway

    Please help me with that one.

    There is the log from android client trying to connect in tun mode :

    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: MULTI: multi_create_instance called
    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Re-using SSL/TLS context
    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 LZO compression initialized
    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
    Feb 1 22:54:03 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 TLS: Initial packet from 184.151.127.159:40848, sid=6d7b3105 130e7b36
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=client1/emailAddress=me@myhost.mydomain
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: 184.151.127.159:40848 [client1] Peer Connection Initiated with 184.151.127.159:40848
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: MULTI: new connection by client 'client1' will cause previous active sessions by this client to be dropped. Remember to use the —duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: MULTI: Learn: 10.8.0.6 -> client1/184.151.127.159:40848
    Feb 1 22:54:04 unknown daemon.notice openvpn[2508]: MULTI: primary virtual IP for client1/184.151.127.159:40848: 10.8.0.6
    Feb 1 22:54:07 unknown daemon.notice openvpn[2508]: client1/184.151.127.159:40848 PUSH: Received control message: 'PUSH_REQUEST'
    Feb 1 22:54:07 unknown daemon.notice openvpn[2508]: client1/184.151.127.159:40848 SENT CONTROL [client1]: 'PUSH_REPLY,route 192.168.11.0 255.255.255.0,dhcp-option DNS 192.168.11.1,route 10.8.0.1,topology net30,ping 15,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5' (status=1)
     
  2. Seeker

    Seeker Addicted to LI Member

    Try manually setting VPN IP range in tomato ovpn settings (untick "dhcp" and manually insert ips, which should be from the same subnet and should not overlap with other clients, dhcp, etc.)
     
  3. Slingky78

    Slingky78 Networkin' Nut Member

    If using TAP mode and the following ip address range ;
    192.168.11.220-192.168.11.225

    It works from a remote windows client.

    But android doesn't get an ip.

    I'm running cyanogenmod 7 build 38 on my Nexus One.

    Please help.
     

Share This Page