1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

TomatoUSB and "OpenVPN for android"

Discussion in 'Tomato Firmware' started by JugsteR, Jul 13, 2012.

  1. JugsteR

    JugsteR Serious Server Member

    Openvpn for android is a tun openvpn solution that does not require root on your android phone. It does however require Ice Cream Sandwich, version 4 of android.

    Anyway, apart from that small tip, has anyone actually got this combo working?

    I can't seem to get the TLS stuff right. I have the correct certificates and keys in the client verified from computer.

    I also don't know what to put as subnet for my client in the server settings part of tomatousb. I entered the correct common name and did not put net or mask in there and then I also choose not to push.

    If anyone has it working, will you please explain how you did it, I will when it is working for me...

    Signature? Signature!
     
  2. lancethepants

    lancethepants Network Guru Member

    Hmm, haven't used that app in particular, I'll take a look.
     
  3. JugsteR

    JugsteR Serious Server Member

    Thanks, it'll be interesting to see. Some people say routing tables require root to change, however I have not verified that.

    Signature? Signature!
     
  4. waeking

    waeking Networkin' Nut Member

    I don't use the tomatousb as a openvpn server but as a client. I can tell you that I "push routes" through openvpn to my android phone and it works. I am sure that in tomatousb in the advanced section you can push specific routes to your devices.
     
  5. JugsteR

    JugsteR Serious Server Member

    Yes, I guess one of the questions I had was if it was all right for a client to not have a subnet or mask and not push it, since I don't want that client seen by others. The mobile client should however have access to the other openvpn client, so their info, along with the server is pushed.

    I'm still stuck at the TLS step though. Don't know what to put there in "OpenVPN for android" app.

    Signature? Signature!
     
  6. JugsteR

    JugsteR Serious Server Member

    I solved the TLS step when I realized it was disabled on the tomatousb server. Then I faced another problem, I needed to remove --remote or add float (I think). Anyway, couldn't figure out how to do the first, so I did the second.

    Basically I'm a bit further now, but now the log says that I need to change something to allow the new routes from the server... still working on that.

    Signature? Signature!
     
  7. JugsteR

    JugsteR Serious Server Member

    I can verify that it is possible to use openvpn for android with tomatousb using tun and it works without root.

    Signature? Signature!
     
  8. rhester72

    rhester72 Network Guru Member

    Did you have to explicitly specify your DNS servers on Android?

    Rodney
     
  9. Dr Strangelove

    Dr Strangelove Networkin' Nut Member

    I use OpenVPN by Friedrich Schäuffelhut on an Android XPERIA X10i v2.3.3 [rooted] connect to an E4200v1 OpenVPN server and that works fine....ish.

    Routes are OK, but DNS tends to be a bit of a problem child on the Android side with my current install.

    Also use PPTP as an Android client to my E4200v1 server too.
     
  10. JugsteR

    JugsteR Serious Server Member

    Nope, only using my tunnel to get to a lan the other side of the Internet. Internet itself is not going through VPN.

    Signature? Signature!
     
  11. JugsteR

    JugsteR Serious Server Member

    The good thing about android 4 is that you dont need root if you use tun. Some specific devices do not work with these features however...

    Signature? Signature!
     
  12. rhester72

    rhester72 Network Guru Member

    I guess that's a difference. The same guys who did rootless OpenVPN for ICS also did it for older Android releases (I'm on 3.2), and they do indeed require that _all_ traffic go through the tunnel.

    Rodney
     
  13. JugsteR

    JugsteR Serious Server Member

    I can set it up to be the default route which I guess means that all traffic is routed through the VPN. Personally I just do t use it that way.

    Signature? Signature!
     
  14. JugsteR

    JugsteR Serious Server Member

    I just tested it for fun... the log says no DNS servers are found... which is no great surprise since my tomatousb has not checked the respond to DNS option in advanced. Funny thing is I can still surf on my gnexus, and according to the openvpn log traffic is going through there... not sure what is going on though.

    Signature? Signature!
     

Share This Page