Jump to content


HTC Tattoo / Openvpn

- - - - -
Started by Arkael , Jun 24 2010 06:46 AM

  • Please log in to reply
1 reply to this topic

#1
Arkael
Posted 24 June 2010 - 06:46 AM

Arkael

    Newbie

  • Members
  • Pip
  • 1 posts
  • Devices:HTC Tattoo
Hi,
Hi,

I've recently installed OpenVPN on my HTC Tattoo phone, all certificates are ok , and i can connect to my server, log files seems to be ok.

My problem is thats i simply cannot ping or browse the server network from the phone... cannot ping VPN IP or local network IP.. nothing at all.

so i decided to configure client on a Windows computer, all is ok, no problem at all... with same configuration and same certificates...

Anyone had same issue? What do you think i should check?

server config:
port 1194
proto udp
dev tun
ca /mnt/C/sys/etc/ca.crt
cert /mnt/C/sys/etc/server.crt
key /mnt/C/sys/etc/server.key  # This file should be kept secret
dh /mnt/C/sys/etc/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.3.0 255.255.255.0"
tls-auth /mnt/C/sys/etc/ta.key 0
max-clients 2
user nobody
group nobody
persist-key
persist-tun
log-append  /var/log/messages
verb 4



and the client

client
dev tun
proto udp
remote XXXXXXX.dyndns.org 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
comp-lzo
verb 3

#2
cyde
Posted 25 June 2010 - 01:10 AM

cyde

    Newbie

  • Members
  • Pip
  • 19 posts
  • Devices:htc hero
Well,

I have it working for a while now, so I have checked my client config file (that works) with the file you have and I have the following differences.

client                                                  // yep got this
dev tun                                               // yep got this
dev-node /dev/tun                               //  I have this one and you dont
proto udp                                            // I have proto tcp, so I have never tried it with UDP.  dont know how functional this is.
remote XXXXXXX.dyndns.org 1194         // yeah.  got this but with port 443
resolv-retry infinite                               //  yeah, got this one.
nobind                                                  // ditto
persist-key                                            // ditto
persist-tun                                            // and again
ca ca.crt                                               // for these I actaully have the absolute location eg. /sdcard/certs/ca.crt
cert client.crt                                         //  and so on......
key client.key                                        //  and again,  absolute path.
tls-auth ta.key 1                                    //   I have this commented out with a ;
comp-lzo                                              //  yep got this
verb 3                                                   // and this one.

Additional options that I have set and that work are:
reneg-sec 0     // this allows the server to decide whe to re-negotiate keys
//I also have the "auth" crypt cypher set
tls-remote <value>  // I have this set.

suggest you run busyboxy in your phone and run the openvpn from the command line, so you can see the log.   hope this helps in some way.

I have this running on HTC Hero (2.1 HeroSense Rom).

-RandyL

Back to Android Software · Next Unread Topic →


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. MoDaCo
  2. Android
  3. Android Software