Setting up CyanogenMod Android devices with OpenVPN access
2,835 views
Skip to first unread message
Fabian Rodriguez
Jun 8, 2011, 2:16:02 PM6/8/11
to Android users in Canada
I'd like to post this on my blog but I though I would share it here
first for some review and validation by others.
I tried this on a Hero and Nexus One phones running the latest
CyanogenMod with success. This is not about any other combination or
configuration so please start a new thread if you're wondering about
that.
OpenVPN on CyanogenMod HowTo
=========================
Setting up OpenVPN on an Android device involves first importing the
certificate and then configuring your setup.
Note: OpenVPN is not available on most devices unless "rooted". You
should find it in "Settings> Wireless & Networks> VPN Settings> Add
VPN" under "Add OpenVPN VPN. CyanogenMod includes this by default. I
HAVE NO IDEA how to do this on any other ROM and this thread is not
about that.
Typically your OpenVPN provider will give you three files: user.crt,
user.key and ca.crt files generated with OpenVPN scripts.
Such files must be converted into a PKCS12 container for use in
Android's certificate storage. This is accomplished with the following
command:
openssl pkcs12 -export -in user.crt -inkey user.key -certfile ca.crt -
name YourVPNNameHere -out yourvpnname.p12
You'll need to specify a password which will be needed later.
(the above is adapted from http://olorin.info/blog/2010/03/cyanogenmod-openvpn-gui-how-to-load-keyscerts)
To import the resulting .p12 file into your Android device:
1) place the file in the main directory of the SD card into your
device.
2) Go to "Settings> Location & security"
3) In the "Credential Storage" select "Import from SD card"
4) Choose the .p12 file you just copied to the SD card. The password
should match what you specified when creating the .p12 file.
5) Confirm the certificate name. The message "CertificateName IS
installed" confirms successful installation.
To add the VPN setup in your configuration:
1) Go to "Settings> Wireless & Networks> VPN Settings> Add VPN"
2) Choose "Add OpenVPN VPN" and specify the following parameters:
3) VPN Name: YourVPNName
Set VPN server: IP/hostname as given by your OpenVPN provider
User Authentication: (tick)
Set CA Certificate (confirm the choice)
Set user certificate: (confirm the choice)
DNS search domains: (as given by your OpenVPN provider)
4) Using the button "Settings", go to "Advanced" and check "LZO
compression" and "Remote Sets Addresses" if your provider uses that,
then press the "back" button to return to the previous screen
5) Using the "Settings" button, press "Save"
To connect to the VPN:
Briefly press the VPN entry you created. A "long press" allows
editing or logout
In my personal tests the Google browser would not resolve local domain
addresses correctly, I use Firefox anyways which did.
first for some review and validation by others.
I tried this on a Hero and Nexus One phones running the latest
CyanogenMod with success. This is not about any other combination or
configuration so please start a new thread if you're wondering about
that.
OpenVPN on CyanogenMod HowTo
=========================
Setting up OpenVPN on an Android device involves first importing the
certificate and then configuring your setup.
Note: OpenVPN is not available on most devices unless "rooted". You
should find it in "Settings> Wireless & Networks> VPN Settings> Add
VPN" under "Add OpenVPN VPN. CyanogenMod includes this by default. I
HAVE NO IDEA how to do this on any other ROM and this thread is not
about that.
Typically your OpenVPN provider will give you three files: user.crt,
user.key and ca.crt files generated with OpenVPN scripts.
Such files must be converted into a PKCS12 container for use in
Android's certificate storage. This is accomplished with the following
command:
openssl pkcs12 -export -in user.crt -inkey user.key -certfile ca.crt -
name YourVPNNameHere -out yourvpnname.p12
You'll need to specify a password which will be needed later.
(the above is adapted from http://olorin.info/blog/2010/03/cyanogenmod-openvpn-gui-how-to-load-keyscerts)
To import the resulting .p12 file into your Android device:
1) place the file in the main directory of the SD card into your
device.
2) Go to "Settings> Location & security"
3) In the "Credential Storage" select "Import from SD card"
4) Choose the .p12 file you just copied to the SD card. The password
should match what you specified when creating the .p12 file.
5) Confirm the certificate name. The message "CertificateName IS
installed" confirms successful installation.
To add the VPN setup in your configuration:
1) Go to "Settings> Wireless & Networks> VPN Settings> Add VPN"
2) Choose "Add OpenVPN VPN" and specify the following parameters:
3) VPN Name: YourVPNName
Set VPN server: IP/hostname as given by your OpenVPN provider
User Authentication: (tick)
Set CA Certificate (confirm the choice)
Set user certificate: (confirm the choice)
DNS search domains: (as given by your OpenVPN provider)
4) Using the button "Settings", go to "Advanced" and check "LZO
compression" and "Remote Sets Addresses" if your provider uses that,
then press the "back" button to return to the previous screen
5) Using the "Settings" button, press "Save"
To connect to the VPN:
Briefly press the VPN entry you created. A "long press" allows
editing or logout
In my personal tests the Google browser would not resolve local domain
addresses correctly, I use Firefox anyways which did.
Reply all
Reply to author
Forward
0 new messages