Jump to content


Photo

HTC Tattoo / Openvpn

- - - - -

  • Please log in to reply
1 reply to this topic

#1
Arkael

Arkael

    Newbie

  • Members
  • Pip
  • 1 posts
  • Devices:HTC Tattoo
Hi,
Hi,

I've recently installed OpenVPN on my HTC Tattoo phone, all certificates are ok , and i can connect to my server, log files seems to be ok.

My problem is thats i simply cannot ping or browse the server network from the phone... cannot ping VPN IP or local network IP.. nothing at all.

so i decided to configure client on a Windows computer, all is ok, no problem at all... with same configuration and same certificates...

Anyone had same issue? What do you think i should check?

server config:
port 1194
proto udp
dev tun
ca /mnt/C/sys/etc/ca.crt
cert /mnt/C/sys/etc/server.crt
key /mnt/C/sys/etc/server.key  # This file should be kept secret
dh /mnt/C/sys/etc/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.3.0 255.255.255.0"
tls-auth /mnt/C/sys/etc/ta.key 0
max-clients 2
user nobody
group nobody
persist-key
persist-tun
log-append  /var/log/messages
verb 4



and the client

client
dev tun
proto udp
remote XXXXXXX.dyndns.org 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
comp-lzo
verb 3

  • 0

#2
cyde

cyde

    Newbie

  • Members
  • Pip
  • 19 posts
  • Devices:htc hero
Well,

I have it working for a while now, so I have checked my client config file (that works) with the file you have and I have the following differences.

client // yep got this
dev tun // yep got this
dev-node /dev/tun // I have this one and you dont
proto udp // I have proto tcp, so I have never tried it with UDP. dont know how functional this is.
remote XXXXXXX.dyndns.org 1194 // yeah. got this but with port 443
resolv-retry infinite // yeah, got this one.
nobind // ditto
persist-key // ditto
persist-tun // and again
ca ca.crt // for these I actaully have the absolute location eg. /sdcard/certs/ca.crt
cert client.crt // and so on......
key client.key // and again, absolute path.
tls-auth ta.key 1 // I have this commented out with a ;
comp-lzo // yep got this
verb 3 // and this one.

Additional options that I have set and that work are:
reneg-sec 0 // this allows the server to decide whe to re-negotiate keys
//I also have the "auth" crypt cypher set
tls-remote <value> // I have this set.

suggest you run busyboxy in your phone and run the openvpn from the command line, so you can see the log. hope this helps in some way.

I have this running on HTC Hero (2.1 HeroSense Rom).

-RandyL

  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users