Related
What is the best antivirus/firewall that i could use on an iis 7 server?
shawn10642 said:
What is the best antivirus/firewall that i could use on an iis 7 server?
Click to expand...
Click to collapse
Paid:
Sophos if you want to spend the time configuring it.
Symantec
AVG's server flavour.
Free:
Clam (it's what I use)
hey thanks for helping, another thing
1) i setup windows ftp 7.5 to iis 7.0 and setup went flawless, ping and everything went good, but i cant access the ftp server via ftp:// bccan.dyndns.org why??
shawn10642 said:
hey thanks for helping, another thing
1) i setup windows ftp 7.5 to iis 7.0 and setup went flawless, ping and everything went good, but i cant access the ftp server via ftp:// bccan.dyndns.org why??
Click to expand...
Click to collapse
If you're connecting from the outside of your network then you need to make sure of the following:
1. FTP is set up on your router to be forwarded to your IIS server
2. FTP site set to allow either all IP addresses to connect, or at least the external IP address you're coming in from (use www.whatsmyip.org to check your IP)
If you're connecting from within your network, you need to create a forward lookup zone in DNS for dyndns.org and add an A record of bccan with your server's internal IP address.
xaccers said:
If you're connecting from the outside of your network then you need to make sure of the following:
1. FTP is set up on your router to be forwarded to your IIS server
2. FTP site set to allow either all IP addresses to connect, or at least the external IP address you're coming in from (use www.whatsmyip.org to check your IP)
If you're connecting from within your network, you need to create a forward lookup zone in DNS for dyndns.org and add an A record of bccan with your server's internal IP address.
Click to expand...
Click to collapse
Also just to add, I would not worry as much about a software firewall on your IIS server , you will cause more problems than you will fix, as stated above if you only open the ftp port on your router to the outside, then no other connections will be able to get in ... Hardware firewalls/routers are a much better choice ..
As far as antivirus goes, it depends on how much money you want to spend, for free I would go with the ClamAV recommendation it works very well in a server environment.
Symantec which is not free really works well too ...
EDIT:
IMHO I would not use the machine name as your external DNS name, if that is what you are doing. That way you can use the machine name when connecting locally on your network and the DNS name when external ... It has just been my experience that using the same name for both machine and external DNS can cause all kinds of problems for other services you may want to run on that machine in the future ..
Hey guys, anyone know a way to get vpn working on the A500?
It supports ipsec. but we are eliminating that as of next week in favor of SSL.
I was going to use openvpn (and the new kern mod) but I don't think it supports ssl (only ipsec).
So curious is anyone has thought through this, I'd like to stop carrying my 17" hackbook-pro (HP DV9700 running snow leopard).
thanks in advance!
Hey,try vpnc widget.
At my university it works with my htc desire z.
Didn't try it on the a500,but you could do it
Bye
Sergioka
Sent from my HTC Vision using Tapatalk
Do you solved this? I had the same problem. Iconia don't remember any VPN settings.
Took me a while to figure out how to save on my Transformer. When you are on the VPN setup screen the menu/option box (not sure the correct name, it is the one with the 4 horizontal lines) will be up in the right hand corner. Selet that and a "Save" option will appear in the drop down.
I've yet to get VPN to work on my A500. Trying to connect to VPN on Windows 2003 server. It connects, but then nothing works. can't get to anything on the remote network or even my local network or the internet. As soon as i disconnect the VPN, the local network and internet starts working again.
Same boat
I'm experiencing the exact same situation where I can connect but get no traffic moving. Also, I cannot get settings, etc. to stick on shutdown/reboot. I'm going to put down exactly how I got here in the hopes that it helps someone else to figure this out...
1. Rooted stock Acer Iconia (A500) tablet
2. Installed tun.ko
Copied tun.ko to /system/lib/modules
chmod 644 /system/lib/modules/tun.ko
insmod /system/lib/modules/tun.ko
3. Installed BusyBox (from Market) 1.18.4 to /system/xbin
4. Installed VPNC Widget (from Market) and set information:
IPSecGateway - Public VPN host
IPSecId - VPN group name
IPSec Group Password - VPN group password
XAuthUsername - User ID
XauthPassword - User password
other Vpnc Options - *blank*
5. From VPNC Widget settings, selected "Check Prerequisites".
Running tests...
Error: root access missing!
Error: no access to TUN device!
Warning: 'Advanced Routing' feature missing - VPN connectivity might be lost after a while
Sorry, the VPNC Widget will not work on this phone.Not sure why it's saying root access missing, but it is saying no access to TUN device. It's not saying that TUN device is missing, so I know the insmod worked.
6. Started VPNC Widget - immediately errored out. Checked last vpn session log:
Enter IPSec secret for [email protected]
Enter password for [email protected]
pre-Init phase...
reloc_library[1315]: 1069 cannot locate '__set_sycal_errno'...
CANNOT LINK EXECUTABLE
reloc_library[1315]: 1070 cannot locat '__set_syscall_errno'...
CANNOT LINK EXECUTABLE
Error: no access to TUN device!
can't open /dev/net/tun, check that it is either device char 10 200 or (with DevFS) a symlink to ../misc/net/tun (not mist/net/tun): No such file or directory
can't initialise tunnel interface: No such file or directory
vpnc version 0.5.3-mjm1-140M
7. Manually created tunnel device
mkdir /dev/net
mknod /dev/net/tun c 10 200
8. From VPNC Widget settings, selected "Check Prerequisites".
Running tests...
Error: root access missing!
Warning: 'Advanced Routing' feature missing - VPN connectivity might be lost after a while
Sorry, the VPNC Widget will not work on this phone.TUN access is working, but still says no root access...
9. Started VPNC Widget. Connected immediately, but VPN traffic would not flow. External web traffic still worked. Cisco ASA shows successful login.
10. Disconnected from VPN Widget. Checked last vpn session log:
Enter IPSec secret for [email protected]
Enter password for [email protected]
pre-Init phase...
Error binding to source port. Try '--local-port 0'
Failed to bind to 0.0.0.0:4500: Address already in use
vpnc version 0.5.3-mjm1-140M
IKE SA selected psk+auth-3des-md5
NAT status: this end behind NAT? YES -- remote end behind NAT? YES
11. Changed VPNC Widget configuration:
Added '--local-port 0' to other Vpnc Options
12. Start VPNC Widget. Either it connects and immediately reports password error (Cisco ASA shows unsuccessful login - bad password, I think) or it connects but no traffic passes, VPN or web (Cisco ASA show successful login).
13. Check last vpn session log for bad password event:
Enter IPSec secret for [email protected]
Enter password for [email protected]
pre-Init phase...
Password for VPN [email protected]s:
Password for VPN [email protected]s:
authentication unsuccessful
vpnc version 0.5.3-mjm1-140M
IKE SA selected psk+auth-3des-md5
NAT status: this end behind NAT? YES -- remote end behind NAT? YES
I've tried reinstalling everything but I get the same results every time. I'm hoping this information helps someone (and me)...
Same problem here on the Motorola Xoom...
Typing netcfg reveals
Code:
lo UP 127.0.0.1 255.0.0.0 0x00000049
dummy0 DOWN 0.0.0.0 0.0.0.0 0x00000082
usb0 DOWN 0.0.0.0 0.0.0.0 0x00001002
sit0 DOWN 0.0.0.0 0.0.0.0 0x00000080
ip6tnl0 DOWN 0.0.0.0 0.0.0.0 0x00000080
ppp0 UP 10.10.6.7 255.255.255.255 0x000010d1
eth0 DOWN 0.0.0.0 0.0.0.0 0x00001002
tun0 DOWN 0.0.0.0 0.0.0.0 0x00001090
No connection on the TUN0 interface even though the widget claims VPN is connected.
After adding the following to the VPN options:
Code:
--local-port 0
--natt-mode cisco-udp
I can start VPN as many times I want resulting in numerous TUN interfaces in netcfg - all of which are DOWN.
I'm wondering if upgrading to HC3.1 (Xoom instructions http://forum.xda-developers.com/showthread.php?t=1074609) - which provides TUN support - solves the issue for both devices.
When you run the prerequisites check, does it also say that root access is missing?
Sadly, I am doubtful that HC3.1 will fix this as I know the TUN file is working properly because others have gotten OpenVPN working. The issue seems to lie with the VPNC Widget.
I can also connect to many different giganews VPN servers, but cannot access ANY network once connected.
WORKING with VPNC (not VPNC Widget)
I uninstalled VPNC Widget and then installed 0.99 VPNC and it is working.
Just need to create /etc/resolv.conf and append --local-port 0.
Sucks that I have to do it from the shell, but at least it works...
latest vpnc widget works with a few mods :
- edit vpnc-script and change MYBOX="$0-box" to ="'
- chmod 500 vpnc-script (something recreates vpnc-script at every start otherwise)
Stopping vpnc does not work though ;/ (just cut off wifi for a few seconds to make it close)
hey n00bzy,where can I find the vpnc-script?
thx
sergioka
sergioka said:
hey n00bzy,where can I find the vpnc-script?
thx
sergioka
Click to expand...
Click to collapse
If I recall correctly, it's in /data/data/com.gmail.mjm4456.vpncwidget/files but don't quote me on it...
hey thanks for the info,
i found the file, but
the widget tells me this
"Running tests...
Error: root access missing!
Warning: 'Advanced Routing' feature missing - VPN connectivity might be lost after a while
Sorry, the VPNC Widget will not work on this phone."
Wow I forgot about the thread I started! lol I will try some of these suggestions and see if any work..
I know that ipsec is going to be cut off here soon, so I'm going to need a SSL solution sooner or later.
sergioka said:
hey thanks for the info,
i found the file, but
the widget tells me this
"Running tests...
Error: root access missing!
Warning: 'Advanced Routing' feature missing - VPN connectivity might be lost after a while
Sorry, the VPNC Widget will not work on this phone."
Click to expand...
Click to collapse
I was getting that message but it still connected. Try to connect, check your last connection log, and see what it says.
Oh man, I had only the link on the desktop and not the widget
Now, with the wigdet, it works!
Couple of questions as I am going through a a vpnc widget setup on a rooted Asus Transformer.
I am running prime 1.4 which already has the tun loaded but when I go to /dev/net/tun there is no file in that directory. Should there be a file in that directory?
The error I am getting right now from the widgets log is "can't open /dev/net/tun, check that it is either device char 10 200 or (with DevFS) a symlink to ../misc/net/tun (not /misc/net/tun): Is a directory can't initialize tunnel interface"
Any help will be much appreciated
I will pay good $$ to have a working (simple) Cisco VPN option on my Android. I have tried and wasted way to many hours trying to get this working with all the complicated and unclearly documented ways to get this working.
Anyone working on something besides Cisco (which they will be forcing our organization to pay for such service which is not possible seeing we are one of the largest orgs around and something like that is not feasible)?
Hi Guys,
This is a VERY easy and VERY secure trick to reverse tether which does not require any special app except rooting and terminal emulator.
I have done this on Linux but should work on windows as well.
1) Setup ur android as wifi hotspot (do NOT enable data connection though)
2) Make sure internet on ur laptop is working and shareable
3) Connect ur laptop to android hotspot
4) Note down the IP that laptop got (mostly 192.168.43.XXX)
5) Open terminal emulator and go to su (superuser) shell
6) Add default gateway route in android by running:
ip r del default; ip r add default via IP_FROM_STEP_4_ABOVE
Bingo! now u have reverse tethered. i.e. u should be able to access internet on android which actually uses internet connection of laptop.
Added BONUS, this all without ad-hoc network and still uses WPA2 security and the connection is very secure.
No tunneling, no additional softwares to install, NOTHING.
Additional TIPS:
1) Disable DHCP on laptop and assign FIX IP (say 192.168.43.2) for connecting to hotspot. Do NOT give any gateway or DNS.
2) Create a file in sdcard say /sdcard/reversegw.sh and add these lines:
ip r del default
ip r add default via 192.168.43.2
setprop net.rmnet0.dns1 208.67.222.222
setprop net.rmnet0.dns2 208.67.220.220
setprop net.dns1 208.67.222.222
setprop net.dns1 208.67.220.220
#NOTE: setprop lines set DNS of android to OpenDNS
3) In terminal emulator preferences, set "Initial command" as:
su -c 'sh /sdcard/reversegw.sh'
Bingo two! everything is now almost automatic.
Next time you want reverse tethering
1) Enable Hotspot on android
2) Connect laptop to that hotspot
3) start terminal emulator (which will automatically run that script)
4) You may now close terminal emulator
Few WORKAROUNDS
1) Android market works with this reverse tethering trick BUT it does not "download/update" apps. This is because market app thinks there is no internet connection.
2) Simple trick is that u also enable ur data connection after following all above steps
Market will now think that internet connection is there but it will continue to download via reverse tethered connection. Just make sure that data connection icon on status bar is not showing any activity. i.e. up/down arrows shud not glow
So... How is this different from internet connection sharing from your PC?
For that you need access point or wireless router.
This is without need for wireless router/access point or without USB cable.
Hi,
Thanks a lot for this clever trick, I was p***ed off that I could easily connect my windows XP to my phone's wifi hotspot but not the other way around, searched for days before finding your post.
Just a quick tip for future readers : as you mentioned, to be able to download from Google Play, you need to activate packet data, however it seems to me that you need to activate it BEFORE enabling your wifi access point, connecting your PC to it and launching the routing script. Enabling packet data after your wifi network is established seems to break eveything.
Before or after.. may be its mobile dependent, I dont know.
In my case it works afterwards. Havent tried what happens if mobile data is enabled before the steps.
Whatever works, just make sure that its not using mobile network for internet else one might end up paying high charges.
If I connect the computer to the android hotspot it disconnects from the router, so I don't have internet anymore neither in the phone nor in the computer. How is it supposed to work? Can you post a schematic of the network and which device is connected to the outside internet?
i got reply in the terminal RTNETLINK answers : No such process.
asking for inet address
amishxda said:
Hi Guys,
This is a VERY easy and VERY secure trick to reverse tether which does not require any special app except rooting and terminal emulator.
I have done this on Linux but should work on windows as well.
1) Setup ur android as wifi hotspot (do NOT enable data connection though)
2) Make sure internet on ur laptop is working and shareable
3) Connect ur laptop to android hotspot
4) Note down the IP that laptop got (mostly 192.168.43.XXX)
5) Open terminal emulator and go to su (superuser) shell
6) Add default gateway route in android by running:
ip r del default; ip r add default via IP_FROM_STEP_4_ABOVE
Bingo! now u have reverse tethered. i.e. u should be able to access internet on android which actually uses internet connection of laptop.
Added BONUS, this all without ad-hoc network and still uses WPA2 security and the connection is very secure.
No tunneling, no additional softwares to install, NOTHING.
Additional TIPS:
1) Disable DHCP on laptop and assign FIX IP (say 192.168.43.2) for connecting to hotspot. Do NOT give any gateway or DNS.
2) Create a file in sdcard say /sdcard/reversegw.sh and add these lines:
ip r del default
ip r add default via 192.168.43.2
setprop net.rmnet0.dns1 208.67.222.222
setprop net.rmnet0.dns2 208.67.220.220
setprop net.dns1 208.67.222.222
setprop net.dns1 208.67.220.220
#NOTE: setprop lines set DNS of android to OpenDNS
3) In terminal emulator preferences, set "Initial command" as:
su -c 'sh /sdcard/reversegw.sh'
Bingo two! everything is now almost automatic.
Next time you want reverse tethering
1) Enable Hotspot on android
2) Connect laptop to that hotspot
3) start terminal emulator (which will automatically run that script)
4) You may now close terminal emulator
Few WORKAROUNDS
1) Android market works with this reverse tethering trick BUT it does not "download/update" apps. This is because market app thinks there is no internet connection.
2) Simple trick is that u also enable ur data connection after following all above steps
Market will now think that internet connection is there but it will continue to download via reverse tethered connection. Just make sure that data connection icon on status bar is not showing any activity. i.e. up/down arrows shud not glow
Click to expand...
Click to collapse
when i did as you said it is asking for the inet address am using tab 2 p3100 plz help me thanks in advance:good:
bkrishna963 said:
when i did as you said it is asking for the inet address am using tab 2 p3100 plz help me thanks in advance:good:
Click to expand...
Click to collapse
Post screenshot.
Screen shot
amishxda said:
Post screenshot.
Click to expand...
Click to collapse
Sorry for late
bkrishna963 said:
Sorry for late
Click to expand...
Click to collapse
IP is wrong just give IP address.
Also check original post properly. You have done 2 mistakes.
ip r del default; ip r add default via 192.168.43.2
Also next time please post bigger screenshot!
Am facing problem as shown in the pics when it is connected to lap it is showing as limited access and i cant proceed plz help me
Sent from my GT-P3100 using XDA Free mobile app
bkrishna963 said:
Am facing problem as shown in the pics when it is connected to lap it is showing as limited access and i cant proceed plz help me
Click to expand...
Click to collapse
Limited connectivity is inside PC. Please check your internet connection. Do not set android phone as your gateway for PC. (Read additional TIPS in my first post)
Thanks
tl;dr Google Talk/AndFTP/SIP can't connect over an OpenVPN connection in CM7.2
My OpenVPN configuration has worked for several months. But since 7.2 came out, I've been troubleshooting a problem with my phone's VPN connection to my home server. The symptom I'm seeing is that apps besides the web browser cannot connect to anything over the VPN, including the VPN host itself. When I use tcpdump to watch traffic going over my server's tun0 adapter, I don't see packets sent from AndFTP and SIP (the phone dialer's SIP) ever reach the server. Strangely, the web browser works just fine over the VPN. I'm able to view websites normal, and even connect to my webserver on port 8080.
Like you (probably), my first assumption is that a problem like this is due to misconfiguration somewhere. However I'm starting to think that's not the case this time. My VPN configuration is very simple, and I don't use any iptables netfilter rules anywhere (the server is behind a nat router). These apps work just fine over my VPN when I'm using the old CM7-12112011-nightly-olympus build. My Ubuntu laptop also has no issues using the VPN. I have observed the route table (# busybox route -n) after the VPN connection is made using the latest nightly, and the old build which works. Both routes are the same (for whatever reason, the default gateway isn't removed, but it works on the old build anyway).
So I have only seen this issue when I'm running CM7.2 RC1 or the latest nightly: update-cm-7-20120409-NIGHTLY-olympus-signed.zip
For now I'm back on the CM7-12112011-nightly build, and my apps work on my VPN again. But I wanted to post this here incase this issue affected anyone else. I'm not sure how to continue troubleshooting it, or whether it might even be related to a bug.
I can use Pandora just fine over VPN, as well as download stuff from the Market/Play and use GTalk.
Here's my server config if you want to compare it
Code:
$ cat /etc/openvpn/server.conf
port 12345
proto udp
dev tun
ca /etc/openvpn/blahblah.crt
cert /etc/openvpn/blahblah.crt
key /etc/openvpn/blahblah.key
dh /etc/openvpn/blahblah.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.220.220"
push "dhcp-option DNS 208.67.222.222"
client-to-client
duplicate-cn
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 3
Ok if these builds are working for you, that does indicate it's just some misconfiguration on my end.
update: I did fresh installs of the last atrix-dev-team build and the latest cm7.2 nightly. On both builds apps are working over the VPN just fine. The only thing that doesn't work is the dialer's built in SIP, it won't connect over the VPN. It works when I'm on the same lan as the server, but not otherwise over the vpn. Watching tcdump, I never see packets coming from the phone when I enable "Receive incoming calls."
So I just gave up trying to get the SIP dialer to work on my VPN, and installed CSipSimple and SIPDroid. Both work just fine over VPN. While both these apps are popular, I was only avoiding using them since I didn't think they would be necessary. I've used the dialer's SIP to proxy calls over asterisk in the past with my original A855 Droid. Not sure why it doesn't work anymore, but not a big deal either.
I am also having some difficulty with openvpn. I am running CM7.2 RC3 on my Atrix. I have never had it working before on the Atrix (recent convert to CM7), but have had it working on laptops and an iphone. Was intrigued that it appears to be built in. I just cannot get it to work.
My issues are:
1) I cannot use the tun device. If I try, it appears to connect, then errors out.
Code:
N read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
If I select tap, it will connect, but then it tells me that there are fragment errors
Code:
FRAG_IN error flags=0xfa3333ff: FRAG_TEST not implemented
2) I cannot add the 'extra arguments' under the advanced settings. I try tp put "fragment 1400" and . I'd like to add mssfix as well, but cannot figure out how to use this input block. If I try "fragment 1400" same thing:
Code:
MANAGEMENT: Client disconnected
When I use tap and keep the extra arguments clear, it appears to connect, but I get nothing: andsmb cannot see smb shares, I cannot get to the router web page, etc.
I have also configured pptp and that will allow me to connect (access shares and see the router web interface (ddwrt). I would prefer openvpn, though. Any help appreciated.
My connect script with a laptop is:
Code:
remote xxxx.dyndns-office.com 1194
client
dev tap0
proto udp
mssfix 1400
fragment 1400
resolv-retry infinite
nobind
persist-key
persist-tun
float
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
Keith
For anyone interested in data security the ability to encrypt network traffic is obviously important-- especially in light of the myriad of recent well publicized reports of private and government electronic snooping. It is also relevant to mention that to date no one has come close to cracking "TwoFish" encryption which can be used by SSH. With this in mind, consider the following tutorial which describes a method for encrypting all 3g, 4g, and Wi-Fi data, thus beefing up phone and personal data security.
Setting up a global SSH Tunnel on Android phones
This tutorial assumes the reader possesses a fully configured SSH server and rooted phone. In lieu of a server, (eg., the reader only has only a Windows-based operating system), research into CYGWIN is recommended. I use CYGWIN to run my SSH server and I have found that it is the most robust option for Windows users; however, setting this up on Windows can be a daunting task.
Setting up global SSH Tunnel on Android
1. Download 2 apps from the Google Playstore: ConnectBot and ProxyDroid
2. Install ConnectBot and ProxyDroid on your phone.
3. In ConnectBot set up Port forwards for your SSH connection. For "Type" field use "Dynamic (SOCKS)." For “Source Port” use 56001 or any local port not being used. The reasoning behind using port 56001 is this: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535)
4. Open ProxyDroid and configure as follows:
Host: 127.0.0.1
Port: 56001 (or the port you chose to use in step 3)
Proxy Type: SOCKS5
Global Proxy: Check the box
The above procedure accomplishes several things. First, ConnectBot remotely connects to your SSH server. Next, the ConnectBot connection forwards to the local port 56001. ProxyDroid then redirects all network traffic through the localhost on port 56001. Once you are connected through ConnectBot and ProxyDroid is activated all of your data will be tunneled through the encrypted ConnectBot session. This is an excellent way to set up a global proxy because it does not require manual configuration of any applications to connect through the proxy. You can test the functionality of the connection by opening up your phone browser and performing the Google search: What is my IP. If the proxy is functional you will see the WAN IP of the network of your SSH server. Additional and more thorough testing can be done with packet sniffers such as WireShark.
An application called "SSH Tunnel" is an alternative to accomplishing the above. However, I find ConnectBot and ProxyDroid is more elegant and gives better control-- not to mention being more sophisticated/chic. When correctly performed the ConnectBot and ProxyDroid method encrypts all 3g, 4g and Wi-Fi data on your phone. This is obviously useful for phone access of sensitive materials especially using unfamiliar or alien network connections. With the current proliferation of identity theft via electronic snooping on mobile devices I do not advocate using cellular phones for any banking or electronic transactions without setting up a robust and reliable encrypted connection.
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Android 4.3?
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
Unfortunately, I have not done any testing with android 4.3 yet so I'm not sure why the dns request wouldn't be proxied. I'll look into it and get back to you.
DNS proxy on android 4.3
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
4.4
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
Tested on kitkat and is working fine. Ssh tunnel app not working however.
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
I use pacman rom on nexus 4.
thank you for this tutorial!
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Thank you Dr.Tautology
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Glad to help!
DWroadrunner said:
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
Click to expand...
Click to collapse
Hey DWroadrunner,
That's great news! I'm very happy that my post helped you, as my intention was to provide all the necessary information to do this in one place. It's not always the case that a user port wont work, but unless you are big on port level security it's not easy to determine if/when the port is being used. This is probably why 11723 did work for you, however it's always better to go with a dynamic/private port range. Also, if you want a simple way to improve the security of your ssh server change the default port from 22 to something else. You'd be surprised how many attempts to connect will be made by attackers on a daily basis.
Regards,
DocTaut
droidshadow said:
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Click to expand...
Click to collapse
Let me know if this is working on CM. I have tested on stock 4.3 with no issues.
Any luck yet?
rintinfinn said:
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Click to expand...
Click to collapse
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Dr.Tautology said:
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Click to expand...
Click to collapse
Hi, the developer send me a mail saying that autotunnel should accept both private key types. None of them worked for me, though. He also suggested to try and paste the content of the private key into the bracket. I might give that a try. Edit: I can confirm copying and pasting the private key works. But it does not seem to transfer traffic via the the server, at least not the 3g traffic while using chrome. Edit 2: Turns out SSH Autotunnel does not use a socks proxy. Therefore secure browsing is not an option. The app is for secure pop3/ftp-server/smtp-server connections only. Thanks go to Matej for his kind support.
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
You can use ssh tunnels also with Drony if some proxy with authentication is involved. Works also on non rooted devices.
Automation
khaytsus said:
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
Click to expand...
Click to collapse
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
I think so, it's just firewall settings etc.. Unfortunately for me, I need stuff that doesn't support SOCKS so I've gone back to looking into a faster OpenVPN service.
But this is good for browsing and things that use http etc.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
hi have you figured out an automated script for this task via tasker, iv tried to create something but ended up no where lol.
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
sam.jaat said:
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
Click to expand...
Click to collapse
Do you have to login to the proxy or is it an open proxy? If it's open, you could see if you can find a OpenVPN server that listens on 80 or 443. Then use any OpenVPN client on Android and you can add/update config to match the directions here: https://openvpn.net/index.php/open-source/documentation/howto.html#http