Related
I'm an IT guy and I just got into smartphone PPCs for the first time after a long-time hiatus from PDAs when I used to be a Palm owner. After my last palm, a LifeDrive, got stolen I moved to a Moto Q wich was a big dissapointment OS wise, and I never really got into modding it or anything, just set my POP3 e-mail server and used it like that for 2 years (draw back was that I didn't have contact sync nore internal e-mail sync that got handled by my exchange server). My contract with that Q expired and I made the move to a Sprint Mogul with WM 6.1 Pro and I'm NEVER LOOKING BACK!!!
Anyways, enough about me, this is my first contribution so I wanted to do the little intro.
I had searched around a bit about how to get ActiveSync to sync my company's Exchange server through PPTP VPN (we don't have it published with a certificate for an actual push config) but all I found was info on how to setup the VPN itself, being an IT guy that was like pointing out the obvious to me as I had already got that running and connecting but couldn't get anything but the OWA site opening in IE and Opera.
Basically what I figured out was that I had to program a work URL exception in the Connections control panel under the Advanced tab. There I added my exchange server's IP address as a URL and used that IP to program the server under ActiveSync with all the usual credentials. I can't configure it to receive as items arrive, instead I had to let the configuration run on a 10 minute schedule. Every time the schedule is up I see the VPN connecting pop up and it syncs PERFECTLY and disconnects the VPN. (It doesn't turn on my screen each time, it just pops up if I'm using it; but that pop up can be turned off if it gets to annoying).
I don't know if anyone else knew about this but I though I'd share this info as I searched for a few days and found nothing, ended up figuring this out myself. If this is new info I'll post more detailed configuration information for those who desire it.
BTW, this is working over the Data Plan and WiFi as well.
Wow. your a god...
I been trying to figure why it kept disconnecting the vpn when it synced up.
Adding the work url exception works perfect...
(Im using WM6.1 on a Samsung Omnia)
Many Many thanks!
No problem dude! I'm surprised no one else has really found this helpful. Glad I could help!
BTW, those exceptions work very well for internal web sites as well. I use it to log in to web-based management consoles such as Symantec's Mail Security for Exchange, Symantec Endpoint, basically if you got an internal website of some sort you can access it through VPN using a Work URL Exception.
I was looking for this info too, i would like more detailed configuration information about this.
Thanx in advance...
Roland hendriks
What part of the configuration are you having trouble with? Configuring the VPN, the Exchange Server or the URL Exception?
Thanks
I personally am thankful for your information. Even if none of the other 1000s of readers out there say anything...
Thank you for sharing your knowledge.
Tim
Glad I could help! I know I broke my head over this one during the first week of me having a WM phone. I figured it out thanks to the Fdc Soft Task Manager using the Netstat utility. It let me know exactly what the network stack of the phone was trying to do and the URL exclussion I just stumbled upon and reading what the page said it lead me to believe that it might be a routing table for configured "WORK" connections. And it worked.
During the past month or two of using my exchange like this and switching around ROMs and cooking my own ones now I've noticed that having TCP Data Reconnect and Transmission Retry settings in your registry set to high will cause Active Sync to take a long ass time for it to actually route communications through the VPN connection. I noticed this after using custom ROMs wich some have these settings increased to ensure communications go through but they raise connection timeouts way to much. On my own custom ROM I've set these to defaults (2 and 4 respectively) and Active Sync only takes about 1 minute to start syncing onces you hit sync while you wait for it to dial the cellular line and the VPN.
you talk about the vpn..
i think you are in the very small percentage of ppl who can get that to work.
i have the activesync set to manual and have tried the vpn type to both IPSec/L2TP and PPTP
w/o success..i always get a UN PW error which i know cant be so..
i set the host ip to what was shown from "whatsmyip"..
searching for quite awhile, i see thousands of ppl who cant get it to work and have
never found a reliable method that works for anyone but the person who posted it.
if you could back track a little and post how to do it, there are probly
thousands of ppl who would find it very useful and really appreciate it.
thanx
Well one thing is how to setup a WM device's VPN client to connect to your VPN server and another is actually configuring your VPN server. Do you have a working VPN setup in your corporate network already? This usually is setup by having a static IP assigned to your corporate internet connection and a firewall configured to allow VPN access with all the necessary traffic and authentication routes.
If you don't have a static IP in your office and use a lower cost DSL or Cable connection you aren't SOL, for these types of connections you can use a service like dyndns.org to dynamically upadate your dynamic IP into a static dns name like: mycompany.dyndns.org for example. This requires you to setup your firewall or ISP modem to communicate with dyndns.org to report the changes. Most firewalls come with this funcionality already built-in, but most of them also call them by different names so you'd have to look up your equipment's documentation on how to report a dynamic dns service.
I would be happy to help you setup your VPN correctly but its more practicall for me to help you setup a checklist on which type of VPN you want to setup (IPSec or PPTP) and what your corporate network's infrastructure looks like and let you know what to look for in google; there is PLENTY of very helpful information on the web on how to setup VPN but first you have to know what you need and how you are going to achieve it and then you'll know what to look for.
Each setup is very particular to the customer's needs and the network infrastructure that is setup and how much security you want to use (IPSec is a naturally secured VPN tunnel protocol while PPTP is not secured by nature but can be secured with a Radius server in your DMZ validating authentication in an encruypted manner to your Active Directory service).
What I posted above will work for an already existing and working PPTP VPN connection wich I already had running for years in my office and I regularly use with my laptop to connect to my exchange server while on the road or at home. What I posted above is what is need to get your WM device to connect to an already functioning PPTP VPN server.
Hope this helps. And if I'm to help you make a checklist I need a lot of information:
Type of ISP (static IP or dynamic IP)
Type/Brand of firewall device
How the devices are connected together (dumb modem or internet router from your ISP to your firewall's WAN port or a full blown router provided by your ISP wich is patched into your firewall's WAN port)
Internal network configuration (both AD and Exchange on same server (SBS) or separated)
What amount of security you are looking for.
Send me some PMs and maybe I could at least point you in the right direction.
nttdemented: I'm doing the PPTP shuffle at the moment, and wanted to pick your brains..
The basic connection is running fine - e.g. when I add 192.168.0.1 as an Exception and go to http://192.168.0.1 in Pocket IE the VPN fires up and I see the page just fine.
I've also added '10.6.1.8' as an exception, but if I go to that address in PIE, I don't see any network activity (using ethereal/tcpdump) on the 'ppp0' server interface (I use Ubuntu server's pptpd) ...
Can I assume that your Exchange server is hosted on the same machine as your PPTP server? Some MS SBS or similar?
Even if I configure an http proxy (on the 192.168.0.1 IP) I see no activity when I try the 10.6.1.8 address. :/
thanks so much!!
that i didn't find/read about the "exceptions" option in WM before...
Somehow, when i got my phone, i got it to work without this workaround, it just worked, out of the box, no exception setting required. (VPN settings + exchange server location were enough)
But yesterday, from the one moment to the next, it suddenly stopped working.
In my efforts to get it to work again i deleted the exchange settings, but doing that, I deleted all my contacts and my agenda! I was in big trouble because I really needed those , but after reading your post, i got it working again! my phone is synching "as we speak" and i'm very happy!
don't know how it worked before, don't know why it stopped working, all I know is, it's working now!
you made my day
Good to know!
Cheers!
I've since stopped using this method as we got around to publishing our Exchange server with an SSL certificate so I'm actually using SSL enabled ActiveSync push on my phone now.
Excuse me but perhaps you can help me too.
My problem is that I can get/sync my mails using WIFI.
If I connect thru GPRS, y go to send/receive and I get all the mails. If I'm on my office and connect thru WIFI to the work net I also get all the mails from the exchange server.
The problem is when I'm outside my office and connect to other wifi net and try to sync my mails. I have an HTC TOUCH CRUISE with WM 6.1 original from HTC without any flash.
Thanks in advance.
VPN connection doesn't always connect for ActiveSync synchronization?
I have had ActiveSync working with an Exchange server over a PPTP VPN connection for years now, but there has been one nagging issue I can't figure out. For the most part it works, but sometimes when ActiveSync tries to sync it will not make the VPN connection. There is only one connection listed when I tap on the icon on the notification bar - the phone's data connection. So in activesync, the icon with the arrows spins for a while but nothing synchronizes. I think it ends up saying "waiting for network" or something like that. It seems to always work when I manually hit "sync", but sometimes it fails on scheduled synchronizations.
Any idea why this happens sometimes?
oh...cheers...got my brain back...
The exceptions rule has almost fixed mine now. I'm getting mail but not through Activesync (just sits waiting for network).
Well I searched the forums all over the interweb for a week now, and did not find an answer so I post.
I live in China and as part of the Expat Survival Kit I run an OpenVPN service to solve my facebooktwitteryoutoube problems. The provider is strongvpn.com, or other name reliablehosting.com - reliable, they are, and responsive and helpful and everything.
The VPN uses a San Francisco server, so anytime I fire it up on my PC, I have a USA IP, and can access Youtube, Facebook, Twitter, Pandora et al. Bingo.
I struggled days to hack this connection on my Hero, and finally managed, it works, it connects. Apparently.
Now here is the hick:
- I connect on the Hero with TunnelDroid, using my original StrongVPN config file. It takes some time, but usually connects, either WiFi and Edge.
- I check my external IP, it's the good old Frisco one, I seem good to go
- I can surf sites like e.g. Amnesty International, impossible without VPN. I can use Pandora, so definitely I have US IP. Eventually if there is an embedded Youtube vid somewhere, I even can see and try to start it (although it's dead slow)!
- But, none of the social integration features work. I can not log in into twitter, facebook etc, and when I try to visit those sites with the browser, I have the same result as without VPN, nada. Timeout, service unavailable, technical problem, you name it
Now, if there is any developer / network or VPN expert / GFW operator / Google guru around... I really want to understand exactly what the problem can be - that would help some fellow Hero owners here in China
I changed the "hosts" file that I found on some forums... I tried to boost the process with some web proxy... Tried everything - nothing works.
How is it possible that I'm behind a VPN, I have American IP reported by any software you can imagine, and still I'm blocked, while everything works fine on the PC with the same VPN connection???
I can live without these apps and sites on my Hero...but can not live without finding out the truth
你有没有把DNS设置成OpenDNS的地址或者GooglePublicDNS的地址?
GFW好像会返回伪造的ip,纵然你有US的IP也无法访问一个假的IP,对吧
Ok,if you're hard to read Chinese...
Use a OpenDNS address or Google Public DNS address instead of ISP's,All of those DNS server are GFWed.They'll reply a fake ip address of Youtube.
Not working
Thanks,
I tried this way, but still no result.
How can ANY filter get through an 1024-bit secured openVPN connection anyway????
And on the PC, the same connection works flawlessly...
Is there any routetable or something like that?a modified hosts?some ROMs will do that.
a VPN connection will route all of your data in normal,but if you set a routetable,some special URL will not pass the VPN,
check them or flash a foreign ROM instead and try again.
Good luck
AFAIK the standard Hero kernel does not come with the tun.ko driver (which is necessary to capture the outgoing traffic and redirect it to the tunnel). Did you install a custom kernel, too? E.g. newer MoDaCo images have it by default.
I did nearly everything...modified hosts. Running MoDaCo 3.0 with newest 1.9 Tekn. kernel. Installed the openvpn binaries. And the connection WORKS, just not for everything...
Anybody in China who can use the social networking features on the Hero?
Ps: the reoutetable, I don't really know where to look it for...
I don't know the answer, but you can debug it yourself with a computer and wireless access point:
Hero <--wifi--> AP <--ethernet--> Computer running packet sniffer <--Internet-->
A few comments:
Don't consider Pandora as proof of a US IP. Better check on a website that gives actual info about your location.
The comments about OpenDNS and hosts files are helpful, but both assume that the wrong IPs are not already cached somewhere. Make sure all caches (DNS, browser, etc.) are flushed.
The easiest way to find out if the DNS is the problem is to do a ping to youtube.com and see if the IP range really belongs to Google or of it's a random IP elsewhere. You can use a 'whois' command or website to figure out who the IP belongs to.
Please note that OpenVPN does not encrypt at 1024-bit. 1024-bit is just the initial key length, which is unrelated to the 128-bit or 256-bit of the actual tunnel.
Btw, you don't necessarily need to use OpenVPN. Lighter protocols like PPTP and L2TP may perform better on a phone. China Unicom works well with both. China Telecom works fine with L2TP.
Greetings from Shenzhen.
open VPN
Hi,
not sure if this thread is still alive but i give it a try...
I' currently running elelinux 2.4 with [email protected] on my HTC hero and have trouble connecting to a friends VPN.
the VPN server is in Germany and it works well for my friend, who is also hosting the server. however when i try to connect the server records following:
read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
and it seems that my phone is refusing the connection to the server...
any ideas?
thanks!
hero.walker said:
Hi,
not sure if this thread is still alive but i give it a try...
I' currently running elelinux 2.4 with [email protected] on my HTC hero and have trouble connecting to a friends VPN.
the VPN server is in Germany and it works well for my friend, who is also hosting the server. however when i try to connect the server records following:
read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
and it seems that my phone is refusing the connection to the server...
any ideas?
thanks!
Click to expand...
Click to collapse
hi there , I don't use elelinux 2.4, but i encountered an same error with CM 7 nightly build, and I believe that is an issue of the kernel you are using for the kernel have some problem with the tun.ko moduel , here is the thread ( read from page 42 ) :
forum.cyanogenmod.com/topic/14455-cm7-discussion-of-nightlies/page__st__860
sorry , i haven't get the permission to post url here yet .
thanks for the link! seem like it does not work with my current kernel, will fash the flykernel from elelinux and try again.
Have anyone tried connecting to VPN servers on their Galaxy Tab 7.7?
I have tested more than 3 VPN servers. (They all work on PC, iPhone, iPad, Tab 10.1, Tab 8.9, HP TouchPad). When I try to connect them on Galaxy Tab 7.7, it connects successfully but fail to let me do anything once the connection is made.
I have created 2 test accounts and please feel free to test it using them or your own servers... let me know how it go...
BTW, I tried restoring. no help at all.
PPTP Server 1: pptp.vpn2.hk
PPTP Server 2: pptp.vpn2.us
Login: test
Password: samsung1234
William
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
C3POID said:
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
are you saying that i need to upgrade my VPN server to kernel 2.6.35.x just for 7.7? just wondering cos my VPN servers (and many other VPN servers out there that I have tried) work for all other platforms, like Tab 10.1, iPad, Windows, OS X etc etc...
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
C3POID said:
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM? I couldn't really be bothered with custom ROM as I am waiting for the official ICS upgrade notification ... I guess the furtherest I am willing to go is to root my device and install some replacement kernel (if this is even possible)...
I know linux but my main device is an iPad so I am just too lazy to spend too much time backing up / reinstalling the Android for custom ROM... anyway thanks for your time...
williamli1983 said:
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM?
Click to expand...
Click to collapse
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
C3POID said:
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
Click to expand...
Click to collapse
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work. God figures! oh well good thing it's not my main device so I won't stress much over it.
williamli1983 said:
oh well good thing it's not my main device so I won't stress much over it.
Click to expand...
Click to collapse
You are lucky, my MS2 is my main device and has a locked bootloader and only a 2.6.32 kernel .
I solved the VPN problem by changing to CM7, which wasn't possible for a long time, and using OpenVPN/SSL now.
Lucky me.
A953 Tapatapatapatalk
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
wilsonj said:
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
Click to expand...
Click to collapse
mmm... we know how to setup the VPN here. just saying that the VPN never worked on any PPTP servers I tried
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
pinkowl said:
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
Click to expand...
Click to collapse
thanks for the info. for me (on the wifi only version) vpn won't work on wifi
I also have the wifi only version, I connect de VPN, works for a while and suddenly stops transfering data althought the connection appears as established. To make it work again i have to disconnect and reconnect.
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
teegee17 said:
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
Click to expand...
Click to collapse
i didn't spend as much time looking into L2TP on mine as my main vpn servers are PPTP based.... mine also came from HK (well i m living in it right now )
hope ICS will be out soon! really want to try chrome
you should contact to your service provider. they will help you better
marksmithbvs said:
you should contact to your service provider. they will help you better
Click to expand...
Click to collapse
i m the service provider!
but i also tried a few other providers out there as well. none of them work on 7.7
i just got a galaxy nexus and everything works fine on it.
as mentioned somewhere above this post. it is a bug in the 7.7 code
williamli1983 said:
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work.
Click to expand...
Click to collapse
Rubbish -- I use it all the time w/ gotrusted...
For anyone interested in data security the ability to encrypt network traffic is obviously important-- especially in light of the myriad of recent well publicized reports of private and government electronic snooping. It is also relevant to mention that to date no one has come close to cracking "TwoFish" encryption which can be used by SSH. With this in mind, consider the following tutorial which describes a method for encrypting all 3g, 4g, and Wi-Fi data, thus beefing up phone and personal data security.
Setting up a global SSH Tunnel on Android phones
This tutorial assumes the reader possesses a fully configured SSH server and rooted phone. In lieu of a server, (eg., the reader only has only a Windows-based operating system), research into CYGWIN is recommended. I use CYGWIN to run my SSH server and I have found that it is the most robust option for Windows users; however, setting this up on Windows can be a daunting task.
Setting up global SSH Tunnel on Android
1. Download 2 apps from the Google Playstore: ConnectBot and ProxyDroid
2. Install ConnectBot and ProxyDroid on your phone.
3. In ConnectBot set up Port forwards for your SSH connection. For "Type" field use "Dynamic (SOCKS)." For “Source Port” use 56001 or any local port not being used. The reasoning behind using port 56001 is this: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535)
4. Open ProxyDroid and configure as follows:
Host: 127.0.0.1
Port: 56001 (or the port you chose to use in step 3)
Proxy Type: SOCKS5
Global Proxy: Check the box
The above procedure accomplishes several things. First, ConnectBot remotely connects to your SSH server. Next, the ConnectBot connection forwards to the local port 56001. ProxyDroid then redirects all network traffic through the localhost on port 56001. Once you are connected through ConnectBot and ProxyDroid is activated all of your data will be tunneled through the encrypted ConnectBot session. This is an excellent way to set up a global proxy because it does not require manual configuration of any applications to connect through the proxy. You can test the functionality of the connection by opening up your phone browser and performing the Google search: What is my IP. If the proxy is functional you will see the WAN IP of the network of your SSH server. Additional and more thorough testing can be done with packet sniffers such as WireShark.
An application called "SSH Tunnel" is an alternative to accomplishing the above. However, I find ConnectBot and ProxyDroid is more elegant and gives better control-- not to mention being more sophisticated/chic. When correctly performed the ConnectBot and ProxyDroid method encrypts all 3g, 4g and Wi-Fi data on your phone. This is obviously useful for phone access of sensitive materials especially using unfamiliar or alien network connections. With the current proliferation of identity theft via electronic snooping on mobile devices I do not advocate using cellular phones for any banking or electronic transactions without setting up a robust and reliable encrypted connection.
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Android 4.3?
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
Unfortunately, I have not done any testing with android 4.3 yet so I'm not sure why the dns request wouldn't be proxied. I'll look into it and get back to you.
DNS proxy on android 4.3
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
4.4
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
Tested on kitkat and is working fine. Ssh tunnel app not working however.
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
I use pacman rom on nexus 4.
thank you for this tutorial!
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Thank you Dr.Tautology
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Glad to help!
DWroadrunner said:
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
Click to expand...
Click to collapse
Hey DWroadrunner,
That's great news! I'm very happy that my post helped you, as my intention was to provide all the necessary information to do this in one place. It's not always the case that a user port wont work, but unless you are big on port level security it's not easy to determine if/when the port is being used. This is probably why 11723 did work for you, however it's always better to go with a dynamic/private port range. Also, if you want a simple way to improve the security of your ssh server change the default port from 22 to something else. You'd be surprised how many attempts to connect will be made by attackers on a daily basis.
Regards,
DocTaut
droidshadow said:
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Click to expand...
Click to collapse
Let me know if this is working on CM. I have tested on stock 4.3 with no issues.
Any luck yet?
rintinfinn said:
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Click to expand...
Click to collapse
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Dr.Tautology said:
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Click to expand...
Click to collapse
Hi, the developer send me a mail saying that autotunnel should accept both private key types. None of them worked for me, though. He also suggested to try and paste the content of the private key into the bracket. I might give that a try. Edit: I can confirm copying and pasting the private key works. But it does not seem to transfer traffic via the the server, at least not the 3g traffic while using chrome. Edit 2: Turns out SSH Autotunnel does not use a socks proxy. Therefore secure browsing is not an option. The app is for secure pop3/ftp-server/smtp-server connections only. Thanks go to Matej for his kind support.
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
You can use ssh tunnels also with Drony if some proxy with authentication is involved. Works also on non rooted devices.
Automation
khaytsus said:
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
Click to expand...
Click to collapse
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
I think so, it's just firewall settings etc.. Unfortunately for me, I need stuff that doesn't support SOCKS so I've gone back to looking into a faster OpenVPN service.
But this is good for browsing and things that use http etc.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
hi have you figured out an automated script for this task via tasker, iv tried to create something but ended up no where lol.
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
sam.jaat said:
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
Click to expand...
Click to collapse
Do you have to login to the proxy or is it an open proxy? If it's open, you could see if you can find a OpenVPN server that listens on 80 or 443. Then use any OpenVPN client on Android and you can add/update config to match the directions here: https://openvpn.net/index.php/open-source/documentation/howto.html#http
Hey guys. Got a nexus player a few weeks ago and was able to sideload TorGuard on there. I can enter in my credentials and it authenticates, but when it goes to establish a connection it fails. Does anyone know how to get it to establish? On most recent stock OTA and not rooted. Also the bootloader is still locked.
Sent from my SM-G920T using XDA Free mobile app
I just got my NP today and am having the same problem getting TorGuard to run. I got it sideloaded OK and it seems to authenticate fine, but never establishes a connection. Were you able to figure this out? Any assistance would be enormously appreciated.
Thanks!
Vpn
I read a web site that suggested loading openvpn installer and openvpn settings for the fire tv do you think it would work on the nexus player? ??
SOLVED!
You simply need to have TorGuard change your 'username' to something other than an email address --- the email address format (e.g. '@' '.com') screws things up on the Nexus Player. However, if you simply have a traditional 'text' username, everything authenticates fine. Simply contact TorGuard support and they can make this change for you in a couple of minutes.
Vpn
Is it possible to use other vpns than torguard? ??
If it runs on 5.1.1 or 6 it should work for Us
Owie1983 said:
Is it possible to use other vpns than torguard? ??
Click to expand...
Click to collapse
Since we're running either v5.1.1 or Android v6, any VPN client certified for either Android system should run on our Nexus Players.
I have a torGuard account and only have experience with that, so far.
Torguard vpn
Ok so I can connect with the vpn but when I exit the app and try a to watch a tv app from the same country as vpn connection it doesn't work. When I go back to the vpn app it says that it is initializing and a new ip address appears. Any ideas? ??
I have this same issue ... the TV app I am trying to load is Netflix and it says it cannot find the netflix servers or connection... Can't seem to find a fix but the TorGuard support are pretty good and helping me at the moment will let you know if a fix is found ... Unless you have a fix already?
I just order a Nexus player hopefully private Internet access works
Sent from my SM-N910T3 using Tapatalk