Hi all,
I've been searching high and low for any help on using OpenVPN on my Rogers TyTN. Does anyone have experience with this? I cant connect via Wifi or GPRS and cannot seem to access my TAP device (never loads??).
Any help please!
Thanks.
Are you using the "basic" (standard?) GPRS/3G access point node (APN)? If you're connecting to internet.com, then you are and VPN apps (including the one built into WM) won't work. You need to call Rogers and up your data service to the "VPN" level. The APN for this is vpn.com. It will cost you $10 per month over and above what you're paying for data now.
Basically the difference is this: The internet.com APN is behind a NAT gateway (firewall). The IP address you get is a private address. Some ports (e.g. Port 47 needed for all VPN protocols) are blocked. The vpn.com APN is connected directly to the Internet and the IP address you get is a public Internet address. Lastly, no ports are blocked.
Hope this helps.
John
Related
I'm trying to VPN using GPRS to several networks which I have access to but I can't seem to be able to VPN them with my PDA2K. I can VPN them easily with no special configuration with my XP.
My i-mate keeps trying "Connectioning XX VPN..." and then aborts after about half a minute saying to check the username and password. The username and password are correct.
I called my cellular provider and they said that I should be able to connect to a VPN only if 'UDP Encapsulation' is defined on the VPN server?!?!? Well.. What is this thing? I'm trying to connect to big corp VPN, they wouldn't even listen to 'special requests'. I tried to connect to 4 different VPNs and I could not connect to any single one of them!
I really need that VPN connection via GPRS with my PDA2K. Any help would be more than appreciated. Maybe a different client than the built in VPN client of the WM2003SE ?
Thanks in advance.
Sorci
anyone?
bump for help. this gotta be a common prob.
Your GPRS connection will be subject to some form of NAT (Network Adress Translation) through your provider. VPNs don't get along well with NAT as the firewall doing the address translation modifies the packet header after it has had it's hash value calculated by the client (in this case your PDA). The receiving firewall will reject the packet as the hash values for the (now modified) packet don't match.
UDP encapsulation gets around this by encapsulating the encrypted and authenticated (secure) packet in a UDP packet which will be happily modified by the NAT'ing firewall. The receiving firewall will decapsulate(is that even a word?) the UDP packet and process secure packet inside as normal.
James
Thanks a lot Jamz for the thorough detailed info. I appreciate it.
So what's the fix? I tried several other VPNs and was unable to access them as well.. I can't just call all these providers and make some strange requests for a 'one guy with a pda2k and a gprs connection' that wants them to change their VPNs, enabling or disabling protocols or port.
Any other solution?
sorci said:
Any other solution?
Click to expand...
Click to collapse
Are you sure you're using the built-in VPN client in Windows, and not something like a Cisco VPN client?
You could try something like the Movian VPN client (not sure this is still made). I've used this previously with a Cisco VPN and it is fully configurable to handle multiple VPN types.
I've got a similar problem. Am trying to set up a temporary GPRS connection into my work LAN (I work for myself but 2nd child due shortly so want to be able to connect in from home for a couple of weeks only). I've got MS Win2000 Server set up to accept incoming VPN connections and it works fine on a dial-up connection but refuses to authenticate my username/pasword whenever I try to get the GPRS working.
As it's only going to be used for a short period of time, I'm loathe to spend out on any specific hardware/software but if anyone's got any suggestions, I'd be grateful.
If it helps, the LAN is behind a Netgear DG834GT ADSL modem/router/firewall and VPN PPTP and IPSEC are allowing in and out on it. The server is on a static IP address in the range 192.168.99.x.
GPRS Connections and VPN
With O2 you have to aks for VON connectivity to be enabled and connect to vpn.o2.co.uk instead of mobile.o2.co.uk. (by the way you can't access the web whilst connected to the vpn.o2.co.uk AP)
I suspect that most providers have simalair requirements
Dave
Hi,
I have a little problem that I am sure there must be an easy solution to!
I have set up a VPN on my Universal to connect to work. The problem is that my work's VPN server allocates me an ip address in the 10.x.x.x address range. All servers that I need to access behind the VPN have addresses in this range as well. Unfortunately, my ISP (T-Mobile UK), also allocates an address in the same range. Therefore, whenever I try to acccess a server at work, WM5 suffers confusion since it doesn't know whether to route the message through the VPN or directly out to the internet through the cellular modem.
I have been able to verify that the VPN thing works if my work network was on a different network address since initially, I was unable to VPN into my PC at home for the reason described above. I changed the ip addresses of all machines on my home network and now everything works fine at home.
Unfortuantely, I am unlikely to convince the IT people at work to change the address of all their machines. Similarly, I don't think I will have much success with T-Mobile and so is there anything I can change at my end to avoid this problem?
Thanks in advance for any help.
Mark
Narrowing the ip address may help, eg 10.0.0.1 is different to 10.1.0.1.
are you using this over wifi or gprs? if the phone provider is involved, I assume its gprs.
you could try and esablish your ip address as fixed rather than part of the pool, so the it guys assign a range for remote connections as say 10.0.0.100 to 10.0.0.150 as remote dial in connections, thus giving you a separate number.
the best way though I would have thought is for you to a fixed ip address known to you and the servers, and then hard type the ip address as your vpn settings, then establish that ip address as part of the exceptions settings.
in order to use exceptions though you have to know the range, or the exact ip address you will be assigned, and must be different to your telco.
not much of a solution, just some suggested areas to look at.
cheers
s.
hi guys, just out of curiosity what software are you using for VPN? on my laptop my company has installed cisco vpn, does it need to be a cisco vpn for wm5?? :?
From bad to worse...
Thanks for the reply Simon.
Unfortunately, I just went to try out some of your ideas and discovered that I can't get the VPN to connect at all now. It used to connect OK but then have routing problems whenever I tried to access anything. And my home VPN worked perfectly. Now, I can connect to neither.
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Yesterday I "upgraded" my GPRS account from T-Mobile's Web'N'Walk to Web'N'Walk Professional and now I find I have this problem. Is this just a coincidence, or could it be that the Pro version has more severe restrictions than the consumer version?
I have emailed Customer Services to see what they have to say.
I will post back when I get a reply from T-Mobile.
mstar, I am no VPN expert, but for me, using a Windows XP hosted PPTP VPN it works after a fashion (above problems excepted!). I am using the VPN client built into Windows Mobile 5. I think you stand a good chance of getting it working using the built-in client.
Mark
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Click to expand...
Click to collapse
I've heard on the grapevine that T-mobile have explicitly refused certain types of traffic on the web-n-walk
VOIP is the biggy...
I was seriously thinking about getting signed up - but no point if IPSEC is a prob, as well as VOIP.
Not sure how they can tell it's Skype traffic :?
http://www.reghardware.co.uk/2006/05/09/t-mobile_bans_voip/
for more info
An Update
An update on my VPN problem. Yesterday after total failure to get the VPN to connect, I emailed T-Mobile customer services.
Although they have not replied, when I tried it this afternoon I found that it was working again as before even though it had not been working first thing this morining. Of course I have not changed anythng at my end to cause it to break and then start working again (but they all say that, don't they!).
So, I don't know whether this was just a momentary fault, or whether T-Mobile have changed something to re-enable the VPN ports for me. I can now VPN in to my home PC, but the problem connecting to my work VPN with the 10.x.x.x address remains.
So, Sikkutz, depending on the address of the remote network, you may or may not be able to get a VPN to work using T-Mobile's Web'N'Walk.
By the way, my VPNs both use Microsoft's PPTP and not IPSec and so there may be different issues with that protocol.
I have discovered that O2 provides a separate acccess point, vpn.o2.co.uk, that causes a public ip address to be allocated to the device, ie not on the 10.x.x.x network. It would seem that this is designed to address this very problem. Does anyone know if T-Mobile can provide something similar?
Mark
There must be a solution
Hi!
I have the same problem with my Qtek 9000 (VPA IV). I can connect to my VPN Gateway but the routing into LAN failed. I get a 10.x.x.x address from Vodafone Germany and my LAN uses 10.98.8.X. :-(
But there must be a solution! My previous Qtek 9010 (VPA III) had the same problem, but it was able to route between the 10.-networks after a firmware-upgrade to version 1.40.01! But I don't no why!
What was changed in firmware to enable routing???
Daniel
i have the same issue aswell, I am reluctant to change the IP range of my machines as that usually causes trouble for the servers
Any other ideas?
Thanks
maybe stupid thing, but did you guys try dna forwarding (that is what I use from home office, not on pda to be honest..
Maybe I just did not get your point....
What kind of VPN server do you use? I'am using a Cisco PIX and use a PPTP VPN almost everyday. I can use the 10.1.x.x network at the location the PIX is located (this PIX is directly connected to the 10.1.x.x network).
I can't however use any of the remote offices using 10.2/10.3.x.x etc.
This is becaus of the lack of routing abilities in the PPTP implementation.
With an IPSEC tunnel (additional software needed) the remote offices can be reached without any problems.
I know that some IP implementation disallow routing between a public address and any 10.x address. To solve this you could give your VPN clients an address from a 10.x subnet .
hi sorry been away awhile,
I use the routing and remote admin snapin of Windows server 2003 to manage my VPN, I can connect fine using the phone as a modem with my notebook but as soon as I try accessing any URL/resource on my network it fails, e.g. we have a intranet site on http://servername but it wont open this up.
Any Ideas?
I am in desperate need of Help!! Can someone walk me through all the correct router (Linksys WRT54G)/phone settings (Cingular 8125) for accessing Terminal Services over GPRS. I can connect through terminal services while at home on my wireless network by using my network IP address. I would like to have this feature when away from home. The PC I want to connect to has XP Pro and I have enabled remote access.
OmegaDog said:
I am in desperate need of Help!! Can someone walk me through all the correct router (Linksys WRT54G)/phone settings (Cingular 8125) for accessing Terminal Services over GPRS. I can connect through terminal services while at home on my wireless network by using my network IP address. I would like to have this feature when away from home. The PC I want to connect to has XP Pro and I have enabled remote access.
Click to expand...
Click to collapse
Well, for you to access it from outside of your home, you have to know the IP address your internet provider assigns you. And you most likely will have to enable port forwarding on your router.
To resolve my home network from the office, I use no-ip.org for a DNS forwarder. Bassically, myplace.bounceme.com always points to what IP my cable modem has. N0-ip.org is a free service, with a utility that keeps the DNS tables updated.
I have enabled port forwarding and I know the ip address provided by my dsl provider by accessing www.whatismyip.com.
OmegaDog said:
I have enabled port forwarding and I know the ip address provided by my dsl provider by accessing www.whatismyip.com.
Click to expand...
Click to collapse
So what is the problem then ?
times out when trying to connect through cingular gprs
I can`t go into the Web via T-Mobile after I went into the web via WLAN
My wlan configuration is as follows:
network: Broadcom 802 DHD etc...
IP: I must put it in
Subnet 255.255.0.0
Standardgateway 172.16.1.1
DNS 172.16.1.1
Only when I erase the configuration I can go into the Web via T-Mobile but then
I can`t go into the Web visa WLAN
Crazy
What I get is that there is a "DNS error" when I try to go into the web via T-Mobile....
Is the challenge to guess your Windows version, ROM and installed applictions, browsers etc?
There's a thread for Q&A's, this is ROM Development.
Windows version: WM 6.1
ROM: The original rom from HTC
browsers: opera and IE
Pls help me because all WLAN and T-Mobile codes seem to be right
Although you dind't specify anything about the ROM and OS version you have, I can tell you a little about the way IP addresses work and why you're not having internet.
Every computer on the internet has an IP address and that is used to identify it. However there are on a home network more than one computer, so you have a router that re-routes your internet through it's own range of IP addresses. Meaning you get an IP from your provider, which your router stores, and your router gives all computers in a network an IP address. This way every computer in your network can connect to the internet without the ISP having to give you more than one IP address.
Normally routers work with a technique called DHCP, dynamic host configuration protocol, which allows all computers in the network to communicate and share addresses. So without having to enter information manually a computer knows that the DNS is 172.16.1.1 (for example) and that it's IP is 172.16.1.*. If you disable this technique you must enter the information manually.
This isn't a problem until you need to connect to more than one network. Since every network has it's own set of IP ranges, it's own DNS, etc. So when you connected to your WiFi and manually entered information for your home network you disabled the ability to connect to T-Mobile yourself. Since the IP you get from T-Mobile isn't the same as you use in your WiFi network.
The other way around is the same, when you connect to T-Mobile your getting an IP address assigned automatically, howevery our WiFi network doesn't give you one automatically and thus resulting in no internet connection.
I hope that made sense to you, kept it as simple as possible. Also I hope you can fix the problem... normally you can do that by enabling DHCP in your router by logging in into the device. (You usually do this by entering the IP address of the default gateway into your webbbrowser.)
peter7 said:
I can`t go into the Web via T-Mobile after I went into the web via WLAN
My wlan configuration is as follows:
network: Broadcom 802 DHD etc...
IP: I must put it in
Subnet 255.255.0.0
Standardgateway 172.16.1.1
DNS 172.16.1.1
Only when I erase the configuration I can go into the Web via T-Mobile but then
I can`t go into the Web visa WLAN
Crazy
Click to expand...
Click to collapse
KilZone - thank you so much for your kind answer !!!
I do only have an access point no router ?
Is this possible too ?
I think the access point functions as a router too, not sure about that, but you can try by entering the default gateway into your browser and see where you end up.
peter7 said:
KilZone - thank you so much for your kind answer !!!
I do only have an access point no router ?
Is this possible too ?
Click to expand...
Click to collapse
moved out of dev
Dupe thread.
All
I have my htc setup to both internet sharing and Wi-Fi connection on my work PC with a lan connection. On both of these connections e.g. wired USB and wireless i can get the internet for about 3 minutes then it stops working. Is there some sort of block? I did see a while back that the WiFi app has no restrictions...
Any help would be superb.
Cheers
Baker0
Thats a little odd, there is certainly no block and I have had the wifi router running for a good 30-40 minutes without failing.
what part is failing, is the phone no longer running the wifi router, or is the pc no longer getting internet on that network connection?
If you need help on how to find this info just reply and I can walk you through some more diagnostic steps.
The phone is still running just the internet stops on the machine. I have to stop the wi fi on the phone then start again then connect. I think it might be t-mobile but the internet on the phone is fine
are you in the uk?
if you connect your laptop to the phone via the wifi router you should be able to right click the network logo, click on status and view the wifi network info, it should tell you in there if it has internet access on that network connection.
If you try this again and when it fails check this status window and see if windows is seeing an internet connection or not?
when the net fails again try and visit http://72.14.203.100/ (this should be the google homepage) if you see google then there is a dns problem if it still says network timeout or failed to connect or something like that then we will have to dig further.
LOL thanks for your help. I am in the UK. ive been working in IT for the last 12 years and I know and have done the test, its not the machine it has something to do with the phone or t-mobile network
Sorry to hijack your thread a little, but I'm on the T-Mobile Network in the UK too (except I'm using a Touch Pro with a custom ROM), and although I can make connections from the PC to websites using the IP address, the DNS isn't working so I can't resolve domain names.
Any ideas?
Cheers,
Steve.
Baker0 said:
LOL thanks for your help. I am in the UK. ive been working in IT for the last 12 years and I know and have done the test, its not the machine it has something to do with the phone or t-mobile network
Click to expand...
Click to collapse
It must be the phone then since I do use wifi router, I am on t-mobile and in the UK and I do not experience this :S
I seem to be saying this more and more but maybe you should try a hard reset and see if that fixes the problem?
StevePritchard said:
Sorry to hijack your thread a little, but I'm on the T-Mobile Network in the UK too (except I'm using a Touch Pro with a custom ROM), and although I can make connections from the PC to websites using the IP address, the DNS isn't working so I can't resolve domain names.
Any ideas?
Cheers,
Steve.
Click to expand...
Click to collapse
This is likely an issue with the way your machine has been setup to connect to the wifi network. Try visting the properties of the network and vieing the dns settings for the tcp/ipv4, It should be set as Obtain DNS server addresses automatically. If it is set like this then try setting it too 8.8.8.8 and 8.8.4.4 these are googles, dns servers if this works for you then you could stick with this or do some further digging as to why you are not getting the dns server addresses automatically like you should be.
Xp3RiM3nT said:
This is likely an issue with the way your machine has been setup to connect to the wifi network. Try visting the properties of the network and vieing the dns settings for the tcp/ipv4, It should be set as Obtain DNS server addresses automatically. If it is set like this then try setting it too 8.8.8.8 and 8.8.4.4 these are googles, dns servers if this works for you then you could stick with this or do some further digging as to why you are not getting the dns server addresses automatically like you should be.
Click to expand...
Click to collapse
Setting the DNS entries to Google's makes it work, but attempting to get the DNS Server's automatically leaves me with no ability to resolve domain names. How strange?
Thanks for the workaround, not sure where to start looking to fix it properly.
Cheers,
Steve.
Hey guys,
I am new to this wifi router thing and got the following questions:
1. To be able to use it, you must have data connection with your provider. Am I right?
2. By any chance, can I use this system by using a sim taken out of a prepaid mobile broadband dongle and inserted into my device (htc touch HD)?
3. Once I get connected can I surf the internet/check emails etc from within the device itself without the need to use a laptop?
Please don't mind these basic stupid questions.
cheers