802.1x EAP TTLS WIFI on TNT Lite? - G Tablet Android Development

Has anyone been able to get this type of WIFI connection working on the GTab? My university campus uses this connection and I can't connect my GTablet on that WIFI

ch121s said:
Has anyone been able to get this type of WIFI connection working on the GTab? My university campus uses this connection and I can't connect my GTablet on that WIFI
Click to expand...
Click to collapse
Yes, I did (at my university) but I had to replace the settings app with the original (which also allows the soft button for settings to work fine). There are some issues with doing the settings replacement so use with caution.

http://forum.xda-developers.com/showthread.php?t=857939
See the above post for a solution.
Android 2.2 (which the G Tablet runs) can connect to such network configurations, but the tapntap user interface did not create menus to input the information.
The aforementioned thread allows you to replace the tapntap settings GUI with the standard Android one, so you can input all of your credentials. If you would like, the author of that thread also kindly provided a rollback so you can put the tap n tap settings GUI back on once you've configured the network.
Or you can wait until the Dec. 20 update from Viewsonic. I called their support about a week ago regarding this feature and they assured me that it was going to be in the update.

Thanks guys!

potissimus said:
http://forum.xda-developers.com/showthread.php?t=857939
See the above post for a solution.
Android 2.2 (which the G Tablet runs) can connect to such network configurations, but the tapntap user interface did not create menus to input the information.
The aforementioned thread allows you to replace the tapntap settings GUI with the standard Android one, so you can input all of your credentials. If you would like, the author of that thread also kindly provided a rollback so you can put the tap n tap settings GUI back on once you've configured the network.
Or you can wait until the Dec. 20 update from Viewsonic. I called their support about a week ago regarding this feature and they assured me that it was going to be in the update.
Click to expand...
Click to collapse
Great news! At least we know it will be more than just Flash on 12/20.

Related

Odyssey instead of Worthless WiFi Clinet?

OK, I totally find the WiFi Client for the MDA Vario totally pathetic. Is it possible for me to get rid of it and use the Odyssey Client (can be found HERE)?
What exactly do you find worthless about the default client, so as I know before clicking on a link that is more than likely a virus.
1. No AES support
2. No LEAP Authentication from same config screen for setting up a Wireless connection.
3. No support for feedback (catch all errors/log status)
Need I say more.
Also, virus? Not bloody likely - hover over the link and you can see that it goes here
http://download.juniper.net/software/aaa_802/public/oac/451/Odyssey Client for Windows Mobile.exe
Juniper.net makes Odysses Client (also Used for the Dell Axim WiFi Client.)
as if I post a link to a virus . . . .
How is it totally useless ?
When i'm at home it connects to my home network, when i'm at work... it connects there. No surprises so far.
It's fit for the job it's intended to do.
Oh, if you're installing Odyssey... don't lose your phone...
http://www.geekzone.co.nz/content.asp?ContentId=3942
How silly of me to be paranoid when someone posts a link to an exe file that is just named with spaces from someone called warez!
:roll:
gazzrenn said:
How is it totally useless ?
When i'm at home it connects to my home network, when i'm at work... it connects there. No surprises so far.
It's fit the job it's intended to do.
Oh, if you're installing Odyssey... don't lose your phone...
http://www.geekzone.co.nz/content.asp?ContentId=3942
Click to expand...
Click to collapse
I said pathetic not useless, however, what I mean is: I can connect at home but not at work. Also, I do not connect at home by original design - I had to change my Wireless config of my router to match what the default Wifi Client on my PDA will accept (aka TKIP vs AES which I'd prefer)
Also, at work, we use LEAP authentication (on one SSID) and AES (on one of another SSID) - there isn't anyway for me to connect to any of my Wireless networks at work even though I am privy to all of the information to do so.
Sorry if I sound a bit frustrated (I am)
Any help would be appreciated.
How silly of me to be paranoid when someone posts a link to an exe file that is just named with spaces from someone called warez!
Click to expand...
Click to collapse
Well that much I can understand - but checking out the root domain before making assumptions would have clarified that quickly enough.
There is a LEAP is a tab in the Wireless Network settings?
WarezAppz said:
I said pathetic not useless, however, what I mean is: I can connect at home but not at work. Also, I do not connect at home by original design - I had to change my Wireless config of my router to match what the default Wifi Client on my PDA will accept (aka TKIP vs AES which I'd prefer)
Also, at work, we use LEAP authentication (on one SSID) and AES (on one of another SSID) - there isn't anyway for me to connect to any of my Wireless networks at work even though I am privy to all of the information to do so.
Sorry if I sound a bit frustrated (I am)
Any help would be appreciated.
Click to expand...
Click to collapse
Thats a much better desctiption of why you need a different client.
There is a LEAP is a tab in the Wireless Network settings?
Click to expand...
Click to collapse
Yeah there is - The problem is: That tab is on the Wireless LAN page - the 'Configure Wireless Networks' 802.1x page only gives 2 options for eap type PEAP, Smart Card or Certificate vs LEAP ergo I can not connect. Maybe I am just doing something wrong (I'd love for that to be the case). I admit I am rather limited when dealing with this client and trying to specifically set up a WiFi Connection. That is another reason why I find the default client less-than-desirable - not enough support documentation (either in the manual or via help file attached to the client itself)
WarezAppz said:
Yeah there is - The problem is: That tab is on the Wireless LAN page - the 'Configure Wireless Networks' 802.1x page only gives 2 options for eap type PEAP, Smart Card or Certificate vs LEAP ergo I can not connect. Maybe I am just doing something wrong (I'd love for that to be the case). I admit I am rather limited when dealing with this client and trying to specifically set up a WiFi Connection. That is another reason why I find the default client less-than-desirable - not enough support documentation (either in the manual or via help file attached to the client itself)
Click to expand...
Click to collapse
I am having the same problem. I downloaded the trial of Odyssey from Juniper but it won't enable. Don't bother with that LEAP tab in the default wifi client, it won't work. I spent several days trying everything in the book. I have Odyssey on my Axim x50v and it works like a charm connecting to our cisco wireless.
Please post if you find an answer.
As for the gazzrenn, you should tell the IT people at your work that they need to change their wireless settings if you can connect with the windows client.

VPN

it's there a way to connect or use my company VPN on android?
my company uses cisco VPN.
Yes. Look in the "Settings -> Wireless and Networks -> VPN".
Which way will you be connecting to your VPN? L2TP? PSK? Cert?
It may be important for you to know up front that Android doesn't yet support 3DES encryption, only DES.
I had the same problem until I switched to an older APN... Under Settings, Wireless and Network, Mobile Network Settings, Access Point Names (APN), add a new APN, all you need is to name it and the APN is internet2.voicestream.com This is an older APN T-Mobile used to allow for VPN connections. As soon as I used it instead of the epc APN, I connected without issue.
Bradical said:
I had the same problem until I switched to an older APN...
Click to expand...
Click to collapse
What problem was that? Unless I misunderstood the OP's post, the problem is how to connect to one's corporate VPN infrastructure from an Android phone. Your post seems unrelated to that unless I'm missing something.
epakrat75 said:
Yes. Look in the "Settings -> Wireless and Networks -> VPN".
Which way will you be connecting to your VPN? L2TP? PSK? Cert?
It may be important for you to know up front that Android doesn't yet support 3DES encryption, only DES.
Click to expand...
Click to collapse
Yea I looked under there but I read online that Android 2.2 doesn't support pure Ipsec witch is what I need....I just can't believe Google dropped the ball like this! I hope they took care of that in Honeycomb because my company wants to buy tablet but without VPN is a no go....
And the funnything is that Google knows about it since 2009:
http://code.google.com/p/android/issues/detail?id=3902
emonero said:
I hope they took care of that in Honeycomb because my company wants to buy tablet but without VPN is a no go....
Click to expand...
Click to collapse
While running the Honeycomb SDK Preview on my Nook Color, I checked this very thing out and found that no additional support / options were provided to me. I'd like to think this additional functionality was left out of the SDK preview but I'm not convinced. Perhaps it'll be different on either the Motorola XOOM and G-Slate tablets but I'm not optimistic since they've had so much time to deal with it but seem to not have done anything yet.
Another Tech and I installed Honeycomb on a Nook color just to check that settings and it doesn't have it...I hope Moto include it like they did with the droid Pro...
emonero said:
I hope Moto include it like they did with the droid Pro...
Click to expand...
Click to collapse
Interesting. I didn't realize that the Droid Pro even supported it. It might the only device that currently does. If that functionality were extracted and offered as a mod for the Vibrant, etc that would be worth paying for.
As such, I have had to advise my company away from using Android because it doesn't work our SonicWall VPN. However, the few Apple iDevices we have already connect to our VPN.
Cisco VPN Working on Vibrant
You can get it to work, you need to get open vpn installer, open vpn settings, vpn robot, and tun.ko file for the vibrant. Need to be rooted. It was a pain to get setup but works like a charm with an ASA 8.2 box. Cisco Anyconnect has been launched on a few android devices such as the vibrant 4G, hopefully this will get ported to the vibrant 3G, it would be so much easier and better since its all SSL based and not ipsec.

[HOWTO] Use VPN with your Android & Home Router

This is a simple tutorial to allow you to connect to the internet using VPN through your home router.
:NOTE: At present, the steps here are sparse. They assume some technical capability to set things up yourself, this is just kindof a guide as to WHAT you'll need to setup.
Why, you ask? Security. Using a VPN will essentially encrypt your communications though a tunnel back to your home computer. Not going into all that here, basically a simple guide. I assume we're all smart here, so the basics.
Prerequisites
1. DD-WRT V24 Capable router. If you don't have this, then you will need to instead use a different method involving installing software on your PC that I won't cover here. The advantage of the DD-WRT router is ease of setup on the router, and not having to have your computer turned on.
2) Capable Android Phone & Provider. I can't troubleshoot your ROM or provider. Some Android Roms don't support VPN, and it's broken in some. Some providers apparently block it. If your Rom is good and your provider doesn't block it, you're golden. In some cases (such as on the G2X) custom kernels (such as Faux123's) will add the necessary TUN support. Or you may need to add a TUN.KO file if it doesn't... again, device specific, refer to appropriate device forums.
3) If you don't have a static IP (I assume you don't) you'll need a dynamic DNS provider compatible with DD-WRT. I prefer freedns.afraid.org, but you can use any o these: dyndns.org, zoneedit.com, No-Ip.com, 3322.org, easydns.com tzo.com or dynsip.org.
Got all that? Great!
Okay, here's the fun bit.
STEP 1
First, you need to hack your router. It's a LOT like rooting your Android phone. How to do it is BEYOND the scope of what I can write here, but what you need to do is visit http://www.dd-wrt.com and have a look around. Or, you can actually purchase routers with DD-WRT pre-installed. Basically you have to flash a custom ROM onto your router. It needs to support VPN, and be at least version "v24 SP1". Older versions may have a DIFFERENT VPN setup that's not as easy. Don't say I didn't warn you. I flashed the full-featured VOIP version to my router, a Buffalo WHR-G54S.
Unlocking (if necessary) and flashing your router with DD-WRT is a topic as broad as rooting/flashing Android - so I can't help you here. But once it is done, you are ready for....
STEP 2
Setup your dynamic DNS provider. I used http://freedns.afraid.org/ to do this. Basically you go to the site and sign up for the free "subdomain" services. You can pick a name that will be on a number of different domains, such as "us.to", where you could maybe pick something like "kick.us.to" if it isn't taken yet. All that matters is you remember the name.
Next, in DD-WRT, go to the Setup->DDNS tab and select the proper DDNS service and enter the information it asks for -- your service used, username, password and hostname usually. You can usually leave update interval at the default, and normally you don't need to use external IP check.
NOTE: You need to make sure you are not "Double NAT-ed".. this means two routers stacked is a nono. If you have a router connected to a cable/dsl router (instead of a cable/dsl modem), then it needs to be set to BRIDGE mode. Again.. complicated and really a topic best dealt with on its own.
Once you've setup your Dynamic DNS, you're well on your way. You can actually use that hostname for all sorts of things, such as always being able to get Audiogalaxy to connect to the right host without having to know a numeric IP that could change.
STEP 3
You're on a roll... Now, time to setup the VPN in the router. This is done under the Services->VPN tab. If that tab doesn't exist, then you got the wrong version of DD-WRT and need to go back to Step 1.
Enable PPTP Server, Broadcast Support, MPPE Encryption. Under Server IP enter your ROUTER's IP address (usually 192.168.1.1, or whatever you use to connect to your router). Under Client IP's, enter the range of clients on your local network in the format: 192.168.1.100-149 (where 100-149 represents possible IP addresses I've set in DD-WRT for my LAN)... this doesn't seem as important since we'll be connecting from outside.. Just do it.
Under CHAP-Secrets enter in your preferred username and password in the format:
username * password *
that is, the username, a space, *, a space, the password, a space and then *
Save and apply settings. (You need to click both SAVE and APPLY, DD-WRT is weird like this)
STEP 4
Back to Android! Yay! This part of the procedure may vary by phone, but this is how it is on my Gingerbread T-Mobile G2X with faux123's kernel.
Goto Settings->Wireless & Networks->VPN Settings->Add VPN->Add PPTP VPN
VPN Name=whatever you want
VPN server= your dynamic IP name you selected in Step 2
Enable encryption = Yes
now, hit Menu->Save
You should now see your VPN listed under VPNs. Click on it, and select CONNECT. Type in your username and password you selected at the end of Step 3.
It should connect. CONGRATULATIONS!
You should also have a notification in your taskbar that will now let you disconnect from the VPN.
STEP 5
Enjoy! .. wait, what? It didn't work? It did for me!!!
I guess.... ask questions here, or if it appears to be a phone issue, ask in your device's appropriate forum (and link to this thread so people know what guide you're following)
And, if anybody reading this is a better expert in setting this stuff up than I am, feel free to critique/laugh/criticize/constructively comment on this little howto and I'll correct anything I Rick Perry'd.
Nice tutorial! Would have been better if you also included more details in hacking our router
DroidVPN said:
Nice tutorial! Would have been better if you also included more details in hacking our router
Click to expand...
Click to collapse
I would have, but like I said, that's a topic as big as phone hacking itself. Every model of router is going to be different! There may be models that support VPN in the router as well without DD-WRT, but I'm not familiar with that setup.
DD-WRT's website has a pretty huge forum on what routers are compatible and how to set it all up.
The optimal speed can be achieved by the compression of traffic and by minimizing server loads. Web acceleration will enable you bring about a drastic improvement in the web page response time. This kind of acceleration usually come in lesser costs and offers the best web application performance.
So Wat does this do? Keeps u secured from the eyes of the ISP?.. harder for others to hack u?...
Sent from my HTC Desire using xda premium
evilgenius00 said:
So Wat does this do? Keeps u secured from the eyes of the ISP?.. harder for others to hack u?...
Sent from my HTC Desire using xda premium
Click to expand...
Click to collapse
lotherius said:
Security. Using a VPN will essentially encrypt your communications though a tunnel back to your home computer.
Click to expand...
Click to collapse
Yeah, that.
...
10char.
Nice TUT, VPN working
Thanks. I mostly appreciated the idea of using afraid.org.
For some reason, Dyndns and no-ip wouldn't work with ICS as client.
thanks for this tut, keep it up
nice.. thanks for sharing
The cool thing is, once you start hacking your router, you open up all sorts of fun. Like using a virtual wireless network to bridge the open wifi network that gets 1 bar of signal in one little corner of your apartment to be a full strength WPA protected network with your own SSID and subnet that all of your devices can use ... not like I would do such a thing. Now, I *am* a bit afraid to try to set up a VPN on the bridged virtual network..... that could get complicated.
Will this also work with OpenDNS?
Already running DDWRT v24 on WRT600N, and trying to figure this VPN stuff to connect my Atrix running CM10. Thanks for any help
katinatez said:
Will this also work with OpenDNS?
Already running DDWRT v24 on WRT600N, and trying to figure this VPN stuff to connect my Atrix running CM10. Thanks for any help
Click to expand...
Click to collapse
Any service which gives you a stable hostname to the outside network should work.
If you have a higher end router that supports the mega builds (8MB flash), then you can opt for OpenVPN which is more secure than PPTP. Setup is more complicated though.
australix said:
If you have a higher end router that supports the mega builds (8MB flash), then you can opt for OpenVPN which is more secure than PPTP. Setup is more complicated though.
Click to expand...
Click to collapse
Still using a (now antiquated) Buffalo WHR-G54S which has 4MB flash and 16MB Ram... so while it has a lot of features, OpenVPN is lacking... so I can't test that method personally.
This Buffalo is the best router I've ever owned, though. I still can do without gigabit or N networking, so I'm not upgrading. I went through 5 or 6 bad routers (even a Linksys WRT-54G that crashed constantly) before I got this one.
Thanks for all the info here. I've deleted the post because I think my issue is with something else.
Thanks..
p
very...helpfull..!!!
Very easy guide! Thanks!
455
nice cool...
bumpin this because i have a question regarding this, i just set this up and it works great
there are mainly two types of auth vpn servers use, certificate authentication and username/password
i tried to set up password one, and you still need the server public certificate along with username/password, but you don't need client public and private keys unlike with cert auth.
now, i placed the server key, ca.crt, on my internal storage and together with username/password, works great, my concern is security of this file. this file needs to be accessible right, so you can't put it in /etc or /system, having it in internal storage, any app with storage permission can read it... isn't this a security risk? how is this solved? where do i put the file?
thanks
edit: also, how do i *prevent* network traffic without vpn? i know there is always on option and start on boot, but i did, and when the boot finnishes there is a brief moment when the phone connects on mobile network just before initializing vpn and in that brief moment android probably sends all sorts of passwords and data through the network ... how do i delay this until vpn is initialized?

[Q] Problems with Tab 7.7's VPN Client

Have anyone tried connecting to VPN servers on their Galaxy Tab 7.7?
I have tested more than 3 VPN servers. (They all work on PC, iPhone, iPad, Tab 10.1, Tab 8.9, HP TouchPad). When I try to connect them on Galaxy Tab 7.7, it connects successfully but fail to let me do anything once the connection is made.
I have created 2 test accounts and please feel free to test it using them or your own servers... let me know how it go...
BTW, I tried restoring. no help at all.
PPTP Server 1: pptp.vpn2.hk
PPTP Server 2: pptp.vpn2.us
Login: test
Password: samsung1234
William
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
C3POID said:
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
are you saying that i need to upgrade my VPN server to kernel 2.6.35.x just for 7.7? just wondering cos my VPN servers (and many other VPN servers out there that I have tried) work for all other platforms, like Tab 10.1, iPad, Windows, OS X etc etc...
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
C3POID said:
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM? I couldn't really be bothered with custom ROM as I am waiting for the official ICS upgrade notification ... I guess the furtherest I am willing to go is to root my device and install some replacement kernel (if this is even possible)...
I know linux but my main device is an iPad so I am just too lazy to spend too much time backing up / reinstalling the Android for custom ROM... anyway thanks for your time...
williamli1983 said:
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM?
Click to expand...
Click to collapse
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
C3POID said:
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
Click to expand...
Click to collapse
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work. God figures! oh well good thing it's not my main device so I won't stress much over it.
williamli1983 said:
oh well good thing it's not my main device so I won't stress much over it.
Click to expand...
Click to collapse
You are lucky, my MS2 is my main device and has a locked bootloader and only a 2.6.32 kernel .
I solved the VPN problem by changing to CM7, which wasn't possible for a long time, and using OpenVPN/SSL now.
Lucky me.
A953 Tapatapatapatalk
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
wilsonj said:
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
Click to expand...
Click to collapse
mmm... we know how to setup the VPN here. just saying that the VPN never worked on any PPTP servers I tried
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
pinkowl said:
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
Click to expand...
Click to collapse
thanks for the info. for me (on the wifi only version) vpn won't work on wifi
I also have the wifi only version, I connect de VPN, works for a while and suddenly stops transfering data althought the connection appears as established. To make it work again i have to disconnect and reconnect.
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
teegee17 said:
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
Click to expand...
Click to collapse
i didn't spend as much time looking into L2TP on mine as my main vpn servers are PPTP based.... mine also came from HK (well i m living in it right now )
hope ICS will be out soon! really want to try chrome
you should contact to your service provider. they will help you better
marksmithbvs said:
you should contact to your service provider. they will help you better
Click to expand...
Click to collapse
i m the service provider!
but i also tried a few other providers out there as well. none of them work on 7.7
i just got a galaxy nexus and everything works fine on it.
as mentioned somewhere above this post. it is a bug in the 7.7 code
williamli1983 said:
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work.
Click to expand...
Click to collapse
Rubbish -- I use it all the time w/ gotrusted...

T-Mobile Hotspot "Upsell" - TOTAL Workaround

If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.
TexasState said:
If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.
Click to expand...
Click to collapse
Yeah, that's a workaround indeed, however the setup is long and extensive for anyone. We're still trying to find a QUICK solution that doesn't require a mass setup of every device. I only bounce to my tethering when there's an outage at home or I'm on the road, neither are the best solutions to be spending time switching everything over when I could have just as easily opened the browser on my phone to take care of everything. I found this post from the link you posted in the other thread where we weren't discussing hard solutions, just concepts and ideas, theoretical solutions (hence why there was never a post like this there). It's great to see that the one thing we know is the catalyst has been confirmed once again (HTTP USER-AGENT) as what T-Mo and every other carrier is doing, so this is a solution for not just T-Mo, but every provider. Again, it's a hell of a setup and requires that you keep at least one computer active during the ENTIRE tethering session, also, it appears T-Mo doesn't block Playstation 3 from what I can tell, at least we were able to watch like 3-4 hours of Netflix when we had the 500mb tethering cap without a problem.
This affect nat type? If I use this program? Ps3 online game though
Sent from my SGH-T889 using XDA Premium 4 mobile app
It seems T-Mobile has caught onto using different agents. I was trying to use mobile hotspot on my laptop yesterday. It didn't matter if my UA was android handset or Googlebot, it redirected me to a hotspot upsell page.
Dr. Hax said:
It seems T-Mobile has caught onto using different agents. I was trying to use mobile hotspot on my laptop yesterday. It didn't matter if my UA was android handset or Googlebot, it redirected me to a hotspot upsell page.
Click to expand...
Click to collapse
Go into your APNs and select the tethering APN, if you can edit the hostname from epc.tmobile.com to fast.t-mobile.com or whatever your normal APN is, there are a bunch of threads talking about how to get tethering working, this is just the LAST step, don't come here thinking this is the FIRST step, you're going at it backwards.
TexasState said:
If you're like me, then you have a data plan with T-Mobile that includes only 2.5GB of data for tethering. After you 2.5GB is up,T-Mobile begins redirecting all of your tethered traffic to a webpage prompting you to buy more tethering data.
T-Mobile does this by reading all of the headers on every HTTP request. It analyzes each one and reads the User-Agent string. This is what tells websites how to deliver their content for you and is why you only get mobile versions of webpages on your phone and not on your laptop. So, many people got around this by spoofing the user agent with a browser plugin to make it look like your laptop was requesting the mobile version of websites (so T-Mobile would think that it's a phone requesting the data, not a tethered laptop.) However this solution only works for that specific browser. Other browsers, applications, and devices that do not support User-Agent spoofing were left without a solution. Was I really the only one trying to tether my PS3 for Netflix and gaming?
So some people turned to VPNs which basically act as a secure proxy so that T-Mobile could not read the traffic and tell what the User-Agent was. But this often costs money and/or slows down your network speed. Seeing as how people who are looking for a tether workaround are trying to not spend money, and are trying to use T-Mobile's lightning fast LTE, this isn't really a practical solution.
So after spending hours and hours looking for a solution, I came to the conclusion that there was none yet.
I deduced that the obvious solution would be to modify the packets on the fly and change the user-agent string of every HTTP request as it came to the phone before forwarding it on to T-Mobile. Luckily for us, all HTTP requests that have no User-Agent string or a string of "null/null" etc. are automatically accepted! So all that needed to be done was to strip the user-agent string of all of the outgoing HTTP requests - on the fly.
My first thought was that hopefully there was an android app that could do this.
There isn't.
And I am not capable of making one but if you find one or can make one, please tell me and I will adjust this explanation because that would make things a bit simpler. However, since we don't live in a perfect world, we have to run a program on a computer and route all traffic through that program. This wonderful little program that I came across called "Fiddler" (it won't let me post the link but it's www[dot]fiddler2[dot]com) is just what we need. It's a completely free program.
Go download and install fiddler. This program will allow us to monitor and 'fiddle' with the network traffic on the fly!
First, fire up your tethering app on your phone and connect your computer. I personally use android WiFi tether but I suppose it probably doesn't matter which one you use. Once you've connected your computer. Open up fiddler, go to "Rules," "User-Agents," and select "Custom..." A window will pop up. Leave this blank and click okay. Now, all of the network traffic from that computer with have its user-agent string modified to "User-Agent:[blank]" Test this out on any browser on your computer and you should not be redirected to the upsell page.
Now for all of your other devices! I was particularly concerned with my PS3 but any device that supports proxy use will work. That's a hell of a lot more devices than the number that support UA spoofing haha. Go to "Connection Settings" on your PS3 and select "Manual"
Go through your setup as usual and connect to your phone's wifi hotspot. When you come to the page that says "Proxy Settings" select "Use"
For the IP address go back to your computer and look at Fiddler. In the top-right corner there is an image of two computers and it says "Online" next to it. Hover over that icon and it will have an IP address listed. This is the virtual proxy that Fiddler has set up for auxillary incoming traffic on the local network. Type that IP address into the PS3's proxy settings and use port 8888 (you may have to configure your computer firewall to allow incoming traffic on that address/port)
Also, in Fiddler go to the AutoResponder tab and check the box that says "Unmatched requests passthrough." This is so that HTTP requests that come in without a User-agent already defined will just be passed on. If this box is not checked you may get frequent 404 errors.
Finish up the connection settings on the PS3 and let it fly! You can watch the traffic on Fiddler in real time!
This is my first post on XDA and this workaround is brand new as far as I can tell so there may be some kinks that need to be worked out.
Let me know if you have any questions or problems!
Respectfully,
Hunter.
Click to expand...
Click to collapse
Doesn't work on ps3...obtaining ip address succeeds but internet connection fails..i added the ip and port 8888 to the fire wall and allowed connection. and when i hover over the two computers it shows two ip addresses i have tried both and same results
metro pcs upsell, lg optimus f3/JB 4.1.2
I'm on the Metro PCS network, i used to have the lg motion and that phone would hotspot my ps3 with no problems. I figured that I would upgrade my phone to the lg optimus F3 and keep hotspoting on the $60 unlimited plan. Much to my surprise I have ran into the same issue many have others have ran into, the tmobile upsell page. mine now says metro pcs upsell. so I have tried many Apps in the store with no possible way around the upsell page. After hours and days of research, its apperhant that tmobile and metro pcs are not restricting the tethering function. I can obtain an ip address but not gain internet access. As have many others. I've rooted my phone using motochopper, i installed titanium backup pro, and rom toolbox pro. I backed up all my apk's to the external and went root browsing for anything that has to do with wifi, hotspot or tether. I wasnt getting anywhere untill today. My LG Optimus F3 runs on JB 4.1.2, instead of finding tethering features i found the open source codes on sharing data and http rules. I dont have much experience with altering codes, but i do know this would be a great starting point for bypassing the upsell reroute. By using romtools pro, i finally found myself using the app manager, from there i clicked on the file networking apk, i scrolled the app display to the right to get to romtools special features, clicked on explore apk. Every rule was laid out in plain text using a notepad. Javax/servlets/resources. Every file in this folder can be read with notepad. There is tons of info regarding internet sharing, web browsing, and what runs and triggers the infamous upsell codes. I've read a few post where developers are trying to find the source of upsell, i hope this helps as a starting point. (Besides that) i was also able to enter the lg hidden menu and uninstall all metro pcs apps with one click
"(Besides that) i was also able to enter the lg hidden menu and uninstall all metro pcs apps with one click""" ????
i am in exact same boat , metropcs , rooted with all tricks tried , and still upsell page .
one interesting thing though is my lg motion can use the F3 wifi for ip camera apps . tried other apps but no go .
"IP camera viewer" has no issues accessing internet by way of a wifi tether on the F3 using my non active LG motion , strange .......the other apps report network errors or just fail to start ( netflix ) perhaps this will help in hunting a bypass on the UPsell crap
Thanks but...
Thanks for providing the most current news about this problem with Tmobile, I have been using HMA / foxfi since Aug 2013. Just a few hours ago it stopped working, couldn't even login to VPN. I lost my useragent switcher when I upgraded Chrome, and couldn't fall back on that either, so thanks for the tip about fiddler.
I am currently online because I caved to the upsell. So my question is, has Tmobile "improved" security on its upsell to the point that VPN's and UA spoofs dont work anymore, and do I have to learn the answer to this by community or by blowing my data limit again? Does anyone have a fresh strategy, or know what's going on in Tmobile business? Do they even care about people like us?
I live by this connection, since other ISP's around here are not worthwhile, and I maintain mobile business with my laptop, and I would prefer to process GB's without having to scavenge for someone else's wifi.
petedude2lu3 said:
Thanks for providing the most current news about this problem with Tmobile, I have been using HMA / foxfi since Aug 2013. Just a few hours ago it stopped working, couldn't even login to VPN. I lost my useragent switcher when I upgraded Chrome, and couldn't fall back on that either, so thanks for the tip about fiddler.
I am currently online because I caved to the upsell. So my question is, has Tmobile "improved" security on its upsell to the point that VPN's and UA spoofs dont work anymore, and do I have to learn the answer to this by community or by blowing my data limit again? Does anyone have a fresh strategy, or know what's going on in Tmobile business? Do they even care about people like us?
I live by this connection, since other ISP's around here are not worthwhile, and I maintain mobile business with my laptop, and I would prefer to process GB's without having to scavenge for someone else's wifi.
Click to expand...
Click to collapse
VPN's no longer work for me either. I'm not getting the upsell page just no internet access at all while tethering.
Thanks TexasState, this was very valuable information that got me completely through T-Mobile's "walled garden" on their unlimited high-speed plan (for phones only) in an area where we don't have any good land-line options. :good:
What are some proactive approaches to making sure T-Mobile doesn't block my line? I'm using a phone basically as a makeshift wifi-router and all our computers run Fiddler. Is there anything else that T-Mobile might do to sniff out cheaters in the future? Is user-agent the only thing they can look at to determine if you're cheating?
Greetings first post here on XDA I have been able to tether via usb on metro/tmobile in OKC ,I am on a rooted F3 (LGMS659) I have tried just about everything a little luck with open garden but too slow for me ,downloaded foxfi wifi ap point no go ,redirected to upsell , tried usb with level one settings ,it works . but I may have done something when I entered the hidden menu 3548#*659# in settings those last two are interesting to me Upsell Url and ATS Start Property On
Took me about 8-10 hours to figure it out but i did it so heres how you get your tether back.
1.Open up your hidden menu.
2.Open Wlan test.
3. Click on UpSell and turn it off.
And turn on your tether app and have fun.
JUN10R831 said:
Took me about 8-10 hours to figure it out but i did it so heres how you get your tether back.
1.Open up your hidden menu.
2.Open Wlan test.
3. Click on UpSell and turn it off.
And turn on your tether app and have fun.
Click to expand...
Click to collapse
After half a day on the unlimited plan with Tea Mobile, this seems to have worked for me. Had to reinstall hiddenmenu.apk on my LG phone because I removed it earlier as bloatware but even after a reinstall as a user (as opposed to system) app, it worked.
Procedure was slightly different due to different model of phone/hidden menu but same basic procedure. BTW, it's unlimited but with 2.5 gb cap for hotspot. Let's just say I'm over the cap.
EDIT: So I got to almost 6 gb in one day, but then I got the redirect of death. I will troubleshoot when I have time later.
dbozam said:
After half a day on the unlimited plan with Tea Mobile, this seems to have worked for me. Had to reinstall hiddenmenu.apk on my LG phone because I removed it earlier as bloatware but even after a reinstall as a user (as opposed to system) app, it worked.
Procedure was slightly different due to different model of phone/hidden menu but same basic procedure. BTW, it's unlimited but with 2.5 gb cap for hotspot. Let's just say I'm over the cap.
Click to expand...
Click to collapse
What model did you use? Mine was in the Hidden Menu --> Settings menu.. and i chose "Upsell Try Off" with no avail.
LG G2 for Tmobile.
S4 "Hidden" Menu
I'm having the same issues as presented above but I'm unable to get into the "hidden" menu using the key code mentioned. I'm running Wicked V10 (it's great). Would love to test this out if I could access the right menu. So far I've gotten into the service menu but that's it.
This is by far the best work around I have found. Everything works. And if you are clever you can edit your user agent rules so they are automatic. Then turn fiddler into a windows service so ya never have to see it again and it just works. Excellent tutorial. The only thing I wish I could do is figure out how to get my Xbox 360 to connect to fiddlers proxy. If anyone knows please post it.
Thanks again OP
-Polluti0n
Sent from my SAMSUNG-SGH-T879 using XDA Premium 4 mobile app
Blank UA causes 403s and ASP issues.
This method works fantastic overall. I have my phone tethered to a router and run fiddler on all needed devices - no upsell message thus far (40GB+ down)
The issue I've run into is that some websites user the User Agent string to serve different content - by using a blank UA many ASP.net websites fail (on _doPostBack, in particular) and several give 403 errors (docs.WooThemes com) so I switched to a mobile UA but then sites serve mobile versions of their content (Amazon com). The next option is a desktop UA, but then I may as well not even switch it at ll?
I'm wondering - does anyone know what specifically T-Mobile looks for in the UA field, or know of a valid UA string that avoids detection but doesn't register as mobile (or give 403's)?
brn2drv99 said:
This method works fantastic overall. I have my phone tethered to a router and run fiddler on all needed devices - no upsell message thus far (40GB+ down)
The issue I've run into is that some websites user the User Agent string to serve different content - by using a blank UA many ASP.net websites fail (on _doPostBack, in particular) and several give 403 errors (docs.WooThemes com) so I switched to a mobile UA but then sites serve mobile versions of their content (Amazon com). The next option is a desktop UA, but then I may as well not even switch it at ll?
I'm wondering - does anyone know what specifically T-Mobile looks for in the UA field, or know of a valid UA string that avoids detection but doesn't register as mobile (or give 403's)?
Click to expand...
Click to collapse
Googlebot and safari 5 for windows work great and are undetected by T-Mobile.
Sent from my SAMSUNG-SGH-T879 using XDA Premium 4 mobile app
Polluti0n said:
Googlebot and safari 5 for windows work great and are undetected by T-Mobile.
Click to expand...
Click to collapse
Seems to work perfectly. Thanks!
For anyone needing it, here's a bare-bones CustomRules js file for Fiddler.
Code:
import System;
import Fiddler;
class Handlers
{
static function OnBeforeRequest(oSession: Session) {
// User-Agent Overrides
oSession.oRequest["User-Agent"] = "Mozilla/5.0 (compatible; Googlebot/2.1; +tp://w.google.com/bot.html)";
// Add 'ht' after the + and make it 3 'w's instead of just one
}
}

Resources