Bridged VPN Issues
476 views
Skip to first unread message
Patrick
May 29, 2012, 1:14:59 PM5/29/12
to OpenVPN™ Settings (for Android™ Devices)
Hello.
First the basics...
My set up is your basic: Internet -> Firewall -> VPN Server on LAN
I have it set up and working in bridged mode for all PC's and Linux
boxes so far. I am able to redirect all traffic through the VPN and
browse the local LAN normally. However when connecting from my phone
the UI tells me that I'm connected but I really dont think that it is.
Also it should be noted that I have a separate VPN that I use on the
phone that is set up for routing mode and it works perfectly, so I
know that the phone is set up properly.
When I connect it goes through all of the steps "connecting / auth /
get config". The only thing weird is that when it's done it says,
"Connected to 99.52.166.123 as". IP addresses have been changed to
protect the innocent. So yeah... It says it's connected with no "as"
address. After connecting the phone does not route its traffic through
the vpn and I dont think I've been able to get to any resources on the
local LAN.
Is there a client log file I could pull some where?
Any help you can provide would be appreciated.
Thanks,
-Patrick
Heres my server .conf:
script-security 2
port 1194
proto tcp
dev tap
up "/etc/openvpn/up.sh br0 eth0"
ca ***.crt
cert ***.crt
key ***.key
dh dh1024.pem
server-bridge
push "redirect-gateway def1 bypass-dhcp"
client-to-client
duplicate-cn
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
And my client.ovpn:
client
dev tap
proto tcp
remote vpn.****.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca **.crt
cert **.crt
key **.key
ns-cert-type server
comp-lzo
verb 3
First the basics...
My set up is your basic: Internet -> Firewall -> VPN Server on LAN
I have it set up and working in bridged mode for all PC's and Linux
boxes so far. I am able to redirect all traffic through the VPN and
browse the local LAN normally. However when connecting from my phone
the UI tells me that I'm connected but I really dont think that it is.
Also it should be noted that I have a separate VPN that I use on the
phone that is set up for routing mode and it works perfectly, so I
know that the phone is set up properly.
When I connect it goes through all of the steps "connecting / auth /
get config". The only thing weird is that when it's done it says,
"Connected to 99.52.166.123 as". IP addresses have been changed to
protect the innocent. So yeah... It says it's connected with no "as"
address. After connecting the phone does not route its traffic through
the vpn and I dont think I've been able to get to any resources on the
local LAN.
Is there a client log file I could pull some where?
Any help you can provide would be appreciated.
Thanks,
-Patrick
Heres my server .conf:
script-security 2
port 1194
proto tcp
dev tap
up "/etc/openvpn/up.sh br0 eth0"
ca ***.crt
cert ***.crt
key ***.key
dh dh1024.pem
server-bridge
push "redirect-gateway def1 bypass-dhcp"
client-to-client
duplicate-cn
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
And my client.ovpn:
client
dev tap
proto tcp
remote vpn.****.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca **.crt
cert **.crt
key **.key
ns-cert-type server
comp-lzo
verb 3
Friedrich Schäuffelhut
Nov 3, 2012, 12:30:26 PM11/3/12
to android-open...@googlegroups.com
Hi,
bridged network should work. But I do not recommend it for phones as it might cause unnecessary broadcast traffic to your phone.
You can enable the log file in the configurations context menu:
1. Touch the configuration long. Select Preferences -> Enable Logging,
2. Restart your connection
3. Touch the configuration long. Select View Log File
4. Hit Refresh to reread the log file.
If your config is /sdcard/openvpn/myvpn.conf then the log file will be stored at /sdcard/openvpn/myvpn.log.
Best Regards
Friedrich
Cristiano Nuzzo
Feb 16, 2013, 2:21:52 PM2/16/13
to android-open...@googlegroups.com
I know that tap device can't been used in android, so no bridged mode is available.
Message has been deleted
Message has been deleted
Message has been deleted
Message has been deleted
Daniel Siladji
Apr 2, 2013, 4:58:10 PM4/2/13
to android-open...@googlegroups.com
Hello, I have the same problem when using my Galaxy S2 and and OpenWRT router. The phone does not even route the traffic through VPN, even though it says everything is ok. When I check the IP (using whatismyip), I get my normal mobile data connection IP, as if I'm not using VPN. Here is the client configuration:
client
tls-client
dev tap
proto udp
remote dancsi.no-ip.org 1194 # Change to your router's External IP
resolv-retry infinite
nobind
ca ca.crt
cert client.crt
key client.key
dh dh2048.pem
#comp-lzo
persist-tun
persist-key
verb 3
And my server config
config openvpn 'lan'option enable '1'option port '1194'option proto 'udp'option dev 'tap0'option ca '/etc/openvpn/ca.crt'option cert '/etc/openvpn/server.crt'option key '/etc/openvpn/server.key'option dh '/etc/openvpn/dh2048.pem'option ifconfig_pool_persist '/tmp/ipp.txt'option keepalive '10 120'option comp_lzo '1'option persist_key '1'option persist_tun '1'option status '/tmp/openvpn-status.log'option verb '3'option server_bridge '192.168.1.1 255.255.255.0 192.168.1.200 192.168.1.219'list push 'dhcp-option DOMAIN lan'list push 'dhcp-option DNS 192.168.1.1'option client_to_client '1'
Konrad Bauckmeier
Apr 7, 2013, 6:55:04 PM4/7/13
to android-open...@googlegroups.com
On Saturday, November 3, 2012 5:30:27 PM UTC+1, Friedrich Schäuffelhut wrote:
You can enable the log file in the configurations context menu:1. Touch the configuration long. Select Preferences -> Enable Logging,
Hello, can somebody give me an advice please?
I copied a text.conf file in the openvpn folder. In the app, the config is now visible. Regardless of how log I press, I do not get a context menu. Is this function still available? I use ICS 4.0.4
Konrad Bauckmeier
Apr 7, 2013, 7:01:29 PM4/7/13
to android-open...@googlegroups.com
Hello, can somebody give me an advice please?I copied a text.conf file in the openvpn folder. In the app, the config is now visible. Regardless of how log I press, I do not get a context menu. Is this function still available? I use ICS 4.0.4
Never mind, I found it. The conf must be enabled fist.
Max
Jul 26, 2013, 10:19:29 AM7/26/13
to android-open...@googlegroups.com
I'm not sure if this will apply to a bridged setup, but I use my pfSense router as OpenVPN server and in order to get all the client traffic redirected through the VPN tunnel, I have to enable the "redirect gateway" option. On the server config is push "redirect-gateway def1". In my case I also have to enable outboud NAT on the router for the OpenVPn subnet.
That configuration in conjuction to the custom DNS works perfectly on my phone and tablet (both running CM 10.1).
Reply all
Reply to author
Forward
0 new messages