Hi All
I have a new XDA II and would like to connect over my ISP (UUNET http://global.mci.com/about/network/pops/) with an ISDN number to UUNET and from UUNET over VPN to my coprate network. I have my VPN IP number and the Group-Authentication code. With my Notebook using Cisco VPN Client 4.0 its works well.
Any suggestions would be good.
Thanks and regards
JFK
Which type of VPN do you use?
PPTP is apparetly more reliable than IPSec (an O2 article I can no longer find stated this). One of the conslusions was that neither was very reliable, especitally if your moving. So if you get it to work, don't move!
Other than that, just ensure you are connecting to the right server and all your settings are correct.
Ben
you may try ncp vpn. It have PPC version.
supposingly you could connect to cisco VPN with it.
www.ncp.de
Related
:x I cannot seem to get the VPN side of things working.
Has anyone tried a VPN using WiFi ?
I can connect to a WiFi Access Point and browse the internet. I then try to establish a VPN connection to my network using the IP address of the VPN Server, get prompted for the user credentials, and the XDA tries to connect and just doesn't, no errors. The VPN Server is working, as I have tested the same settings using an HP Ipaq 5550.
Any suggestions ?
VPN Fault
O2 Data Support have confirmed that this is a bug.. Damn ! :evil:
Hi,
I have a little problem that I am sure there must be an easy solution to!
I have set up a VPN on my Universal to connect to work. The problem is that my work's VPN server allocates me an ip address in the 10.x.x.x address range. All servers that I need to access behind the VPN have addresses in this range as well. Unfortunately, my ISP (T-Mobile UK), also allocates an address in the same range. Therefore, whenever I try to acccess a server at work, WM5 suffers confusion since it doesn't know whether to route the message through the VPN or directly out to the internet through the cellular modem.
I have been able to verify that the VPN thing works if my work network was on a different network address since initially, I was unable to VPN into my PC at home for the reason described above. I changed the ip addresses of all machines on my home network and now everything works fine at home.
Unfortuantely, I am unlikely to convince the IT people at work to change the address of all their machines. Similarly, I don't think I will have much success with T-Mobile and so is there anything I can change at my end to avoid this problem?
Thanks in advance for any help.
Mark
Narrowing the ip address may help, eg 10.0.0.1 is different to 10.1.0.1.
are you using this over wifi or gprs? if the phone provider is involved, I assume its gprs.
you could try and esablish your ip address as fixed rather than part of the pool, so the it guys assign a range for remote connections as say 10.0.0.100 to 10.0.0.150 as remote dial in connections, thus giving you a separate number.
the best way though I would have thought is for you to a fixed ip address known to you and the servers, and then hard type the ip address as your vpn settings, then establish that ip address as part of the exceptions settings.
in order to use exceptions though you have to know the range, or the exact ip address you will be assigned, and must be different to your telco.
not much of a solution, just some suggested areas to look at.
cheers
s.
hi guys, just out of curiosity what software are you using for VPN? on my laptop my company has installed cisco vpn, does it need to be a cisco vpn for wm5?? :?
From bad to worse...
Thanks for the reply Simon.
Unfortunately, I just went to try out some of your ideas and discovered that I can't get the VPN to connect at all now. It used to connect OK but then have routing problems whenever I tried to access anything. And my home VPN worked perfectly. Now, I can connect to neither.
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Yesterday I "upgraded" my GPRS account from T-Mobile's Web'N'Walk to Web'N'Walk Professional and now I find I have this problem. Is this just a coincidence, or could it be that the Pro version has more severe restrictions than the consumer version?
I have emailed Customer Services to see what they have to say.
I will post back when I get a reply from T-Mobile.
mstar, I am no VPN expert, but for me, using a Windows XP hosted PPTP VPN it works after a fashion (above problems excepted!). I am using the VPN client built into Windows Mobile 5. I think you stand a good chance of getting it working using the built-in client.
Mark
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Click to expand...
Click to collapse
I've heard on the grapevine that T-mobile have explicitly refused certain types of traffic on the web-n-walk
VOIP is the biggy...
I was seriously thinking about getting signed up - but no point if IPSEC is a prob, as well as VOIP.
Not sure how they can tell it's Skype traffic :?
http://www.reghardware.co.uk/2006/05/09/t-mobile_bans_voip/
for more info
An Update
An update on my VPN problem. Yesterday after total failure to get the VPN to connect, I emailed T-Mobile customer services.
Although they have not replied, when I tried it this afternoon I found that it was working again as before even though it had not been working first thing this morining. Of course I have not changed anythng at my end to cause it to break and then start working again (but they all say that, don't they!).
So, I don't know whether this was just a momentary fault, or whether T-Mobile have changed something to re-enable the VPN ports for me. I can now VPN in to my home PC, but the problem connecting to my work VPN with the 10.x.x.x address remains.
So, Sikkutz, depending on the address of the remote network, you may or may not be able to get a VPN to work using T-Mobile's Web'N'Walk.
By the way, my VPNs both use Microsoft's PPTP and not IPSec and so there may be different issues with that protocol.
I have discovered that O2 provides a separate acccess point, vpn.o2.co.uk, that causes a public ip address to be allocated to the device, ie not on the 10.x.x.x network. It would seem that this is designed to address this very problem. Does anyone know if T-Mobile can provide something similar?
Mark
There must be a solution
Hi!
I have the same problem with my Qtek 9000 (VPA IV). I can connect to my VPN Gateway but the routing into LAN failed. I get a 10.x.x.x address from Vodafone Germany and my LAN uses 10.98.8.X. :-(
But there must be a solution! My previous Qtek 9010 (VPA III) had the same problem, but it was able to route between the 10.-networks after a firmware-upgrade to version 1.40.01! But I don't no why!
What was changed in firmware to enable routing???
Daniel
i have the same issue aswell, I am reluctant to change the IP range of my machines as that usually causes trouble for the servers
Any other ideas?
Thanks
maybe stupid thing, but did you guys try dna forwarding (that is what I use from home office, not on pda to be honest..
Maybe I just did not get your point....
What kind of VPN server do you use? I'am using a Cisco PIX and use a PPTP VPN almost everyday. I can use the 10.1.x.x network at the location the PIX is located (this PIX is directly connected to the 10.1.x.x network).
I can't however use any of the remote offices using 10.2/10.3.x.x etc.
This is becaus of the lack of routing abilities in the PPTP implementation.
With an IPSEC tunnel (additional software needed) the remote offices can be reached without any problems.
I know that some IP implementation disallow routing between a public address and any 10.x address. To solve this you could give your VPN clients an address from a 10.x subnet .
hi sorry been away awhile,
I use the routing and remote admin snapin of Windows server 2003 to manage my VPN, I can connect fine using the phone as a modem with my notebook but as soon as I try accessing any URL/resource on my network it fails, e.g. we have a intranet site on http://servername but it wont open this up.
Any Ideas?
Hi,
I am trying unsuccessfully to connect to a PPTP VPN using the VPN client built into my new HTC TyTN II.
Wifi - I can connect using a WinXP SP2 laptop using wifi through my home linksys wireless router (which has PPTP passthrough enabled) using the standard Win XP vpn client. When I try with my TyTN II, I can browse ok but if I set up a VPN connection I get "VPN server problems. Verify your username and password, etc"
GPRS - If I try to connect over GPRS, I connect to Orange GPRS but when it tries to connect to the IP address of my VPN server, I get the same VPN server problem error message. (As a side issue, I asked Orange to enable my account for vpn which they did, sent a SIM update and told me to change my apn to 'internetvpn' instead of 'orangeinternet')
As I can connect through my wifi connected laptop, it seems to point to my WM6 vpn client but my forum searches suggest that the WM6 client works ok. Oh, and yes, I have checked that I am using the correct vpn username and password!
Any thoughts greatly appreciated - the ability to maintain some linux servers was my main reason for getting this phone!
_______________________________________________________
Phone - HTC TyTN from Orange
Windows Mobile 6 Professional
CE OS 5.2.1620 (Build 18125.0.4.2)
Processor QUALCOMM MSM7200-400MHz
Memory 101.63MB
Setings Device Information Version
Operator version 24.181.1.612
ROM Version 1.81.61.2.WWE
ROM Date 09/20/07
Radio version 1.27.14.32
Protocol version 22.45.88.07H
Bump!!! Same problem here. I have all the proper ports open on my router and still no luck.
I've been trying to resolve this with the people that manage my vpn server which is my case is a Watchguard firewall - apparantly Watchguard isn't compatable with PPTP on WM6 and they have suggested using IPSec and have provided me with a client (not that I've got that working yet either!)
I suggest you contact the vendor of your vpn server and ask them whether they are compatable and how a WM6 client should be configured. Post anything you find out here for the benefit of others.
WM6 don't connect to VPN over GPRS/ WiFi
Friends...
I have the same problem... the VPN server is Windows Server 2003... My PDA has WM6 (with in-build VPN client)... then VPN PPTP would work OK... but What is the wrong??
Regards...
I also could not connect on vpn over GPRS and got error message, but after I tested all installed programs I have found out that my SPB GPRS Monitor was the reason for the errors. So I killed it.
Now VPN over GPRS connects and looking into register I see that I am really connected i.e. I got DNS server IP, I got name of the local network and dynamic IP for my HTC, but nothing works. As I have found out from server guys they see me but my dynamic IP is not logged in server DNS, so no program sees me and I can not work.
Can somebody help?
Same
I have a similar problem but the difference is that i don't even receive an error message. When i click connect NOTHING happens!! The wifi i am using is an open network but I must connect to vpn to connect to the internet.
Please help as i really need to get this working...
I have been trying to iron this out with IT at my office as well. I have been trying to get WM6.1 VPN working for nearly a year.
I have a TyTnII and my IT office just bought some kind of WM6.1 Motorola/Sprint Smartphone as well which they actually asked me about setting up for them.
The problem what I am experiencing is that I CAN connect to the VPN server (I use one of the TaskMan progs that has ipconfig built it, and I am getting an appropriate IP from the VPN server). BUT I can't browse ANY intranet sites via PIE or Opera Mobile 9.5. Whenever I try to browse to an intranet site I just get nothing, browser does nothing for ~10min then gives timeout error.
I have heard that this has to do with an inbuilt error in the PPTP module of the VPN client that incorrectly makes VPN server requests using the IP address assigned by the GPRS/EDGE/3G/etc. connection rather than the IP address assigned by the VPN connection, obviously will cause problems!
Anyway, we are investigating 3rd part VPN clients...
Only IPSEC works
I also made many tries to get vpn working over BT PAN profile.
The only configuration which worked for my was IPSEC with the Safenet SoftRemote-LT Client on PC.
With the windows native pptp based vpn does not work .
I got the error code 721 what means that the GRE protocol (frame type 47 on port 1721) does not pass through. This seems to be the the real problem of the packet filtering components of the WM device. The problem is not related to bluetooth or PAN Driver, because it behaves in the same way if you try to do it over USB port. No way.
You guys might want to check out my post about getting my PPTP VPN working and actually syncing ActiveSync on a fixed schedule regularly over VPN.
http://forum.xda-developers.com/showthread.php?t=428878
Getting what you want to work over VPN requires work URL Exceptions so that the traffice is properly routed.
nkitson said:
I've been trying to resolve this with the people that manage my vpn server which is my case is a Watchguard firewall - apparantly Watchguard isn't compatable with PPTP on WM6 and they have suggested using IPSec and have provided me with a client (not that I've got that working yet either!)
I suggest you contact the vendor of your vpn server and ask them whether they are compatable and how a WM6 client should be configured. Post anything you find out here for the benefit of others.
Click to expand...
Click to collapse
Watchguard does support PPTP, your IT guys just need to configure it. As for IPSec which would be awesome because there is an app call Greenbow that will connect you over 3G doesn't work with Watchguard. You can only connect using their own client for it which needs a license and isn't support on Windows Mobile. They got a hate email from me for that crap.
I'm trying to connect my phone (Samsung SCH-i760) to my co's Cisco VPN concentrators (all IPSEC) via the phone's wifi.
I've tried Bluefire and AnthaVPN and they make my wifi connection disappear. The wifi doesn't re-appear until I remove the vpn software.
I've also tried the NCP's client and when the software is installed the phone won't turn back on after it's turned off after some period of inactivity. The only way to get the phone back on is to remove and reinstall the battery.
Does anybody know of a client that works?
Thanks!
gm2racer said:
I'm trying to connect my phone (Samsung SCH-i760) to my co's Cisco VPN concentrators (all IPSEC) via the phone's wifi.
I've tried Bluefire and AnthaVPN and they make my wifi connection disappear. The wifi doesn't re-appear until I remove the vpn software.
I've also tried the NCP's client and when the software is installed the phone won't turn back on after it's turned off after some period of inactivity. The only way to get the phone back on is to remove and reinstall the battery.
Does anybody know of a client that works?
Thanks!
Click to expand...
Click to collapse
There is a built-in L2TP/IPSec VPN client in Windows Mobile......
I use this to connect to both Cisco PIX/ASA Firewalls as well as Cisco routers. Have a search as I think I even posted some configurations as well.
Andy
ADB100 said:
There is a built-in L2TP/IPSec VPN client in Windows Mobile......
I use this to connect to both Cisco PIX/ASA Firewalls as well as Cisco routers. Have a search as I think I even posted some configurations as well.
Andy
Click to expand...
Click to collapse
There's no facility in the built-in VPN client to pass groupname and grouppwd, so unfortunately it doesn't work with my co's VPN infrastructure.
Thanks!
gm2racer said:
There's no facility in the built-in VPN client to pass groupname and grouppwd, so unfortunately it doesn't work with my co's VPN infrastructure.
Thanks!
Click to expand...
Click to collapse
You can specify the group as part of the username and the VPN device should interpret it (assuming it has been configured to do so?), however I don't think there is a way to send a separate group password.
Code:
[email protected]!group-vpn
or
[email protected]#group-vpn
If you are using strong encryption with good PSK's or Certificates then the group password doesn't really give you that much (IMO). I prefer to keep things simple for users so there is less for them to break. The built-in VPN client in Windows is pretty simply (same as the dial-up) and can be easily packaged using the Windows CMAK tools.
Cisco has recently released the AnyConnect VPN client for Windows Mobile. it might be worth having a look at this.
Andy
Andy, unfortunately it's my co's VPN that I'm trying to connect into, and they mandate groupname and grouppwd, so I guess I'm outta luck with the built-in VPN client...
Regarding the Cisco AnyConnect VPN client, I thought it only did SSL VPN and didn't have any facility to do IPSec VPN.
Weird, I have been using Bluefire v2.7.5.706 for about a year and a half with out a problem. I connect to my company ASA5000 IPSEC VPN client without a problem. Of course, its not over WiFi but over the 3G network. But even with the software installed, I have not had WiFi disappear on me. Did you try establishing a wifi connection first, then connecting through Bluefire?
There is also this VPN Mobile software (http://www.thegreenbow.com/mobile.html) for mobile devices.
Give it a try and tell us what want you think. You can try it for 30 days free of license.
Here is the software download page for VPN Mobile.
Same here for VPN Client software for laptop.
Greenbow team.
First, the background. I have a new Verizon Galaxy Tab, very impressive and I have searched extensively about this problem. I need to establish a VPN tunnel with a couple of client sites. I have Server 2008 and Sonicwall endpoints available with PPTP (Server 2008) and L2TP (both endpoints) available. I have spent the better part of a day trying every option I can to establish a VPN connection with no success.
Has anyone successfully used the built-in VPN capabilities? I have read that PPTP is broken in Froyo but that possibly L2TP may work. Please do not suggest alternate services as a solution as I am aware already of that route, although I am open to purchasing any app that would make this work. My device is not rooted and I am not interested at this time of flashing any custom ROM. I am interested in determining what works and how you made it work. Thanks in advance.
ourtech said:
I have Server 2008 and Sonicwall endpoints available with PPTP (Server 2008) and L2TP (both endpoints) available.
Click to expand...
Click to collapse
SonicWALL have VPN clients for their NetExtender and Aventail products on the Market. I've used Aventail and it works great.
Regards,
Dave
Thanks. I will give it a try. I found a client in the market from Sonicwall.
Update
I tried the SSL VPN client (NetExtender) for SonicWall and it works very well. If anyone needs a VPN solution and their SonicWall supports SSL VPN then go for it.
do you need to have SonicWall VPN? Is it possible to use pptp to connect to a vpn?
I tried the PPTP and L2TP built-in clients with no success. I bought my Tab to be able to fix a problem on a server when I am mobile and I was disappointed that I was not able to get either working. Searching didn't yield much except that PPTP is apparently broken and L2TP is somewhat non-standard. It may also be that it has been fixed on models from other carriers (I have a Verizon unit). So I say try it, but don't be surprised if it doesn't work. I am hoping that the supposed Gingerbread release may offer some fixes in this area. In the meantime, the SonicWall is a solution for me, but won't be for most people.
I have the Verizon Tab also. I am wondering how I can connect to my VPN. Can Android use any of these: OpenVPN (SSL), PPTP, and Cisco IPsec.
I have the built-in VPN working via L2TP to my home network, running xl2tpd. I never got IPSec working, though (trying to provide with StrongSwan PSK).
Are you using the Verizon Tab? I have no problem connecting to the same vpn with my Evo.
ResonanceZero said:
I have the built-in VPN working via L2TP to my home network, running xl2tpd. I never got IPSec working, though (trying to provide with StrongSwan PSK).
Click to expand...
Click to collapse
I'm using a T-Mobile tab. That shouldn't make any difference, however.
I've never seen L2TP working on Android, and so far (1.6; 2.1; 2.2) Froyo has the best PPTP support with a whole minute before whatever app you are using starts to time out.
Sent from my GT-P1000 using Tapatalk