Related
Hi, All
I have a VPN problem that is strange. Here goes:
I have my Nexus One two days ago. It's not rooted and no APK installed on it.
At that time, the VPN worked very well.
Then, I unlocked and rooted it. Then I flashed a Pandora Firmaware. The firmware is here.
://d.epis.me/Pandora%20N%201.1%20for%20nexus.zip
After that, the VPN didn't work. I must wait for a long time after I started to connect, and an error message came out like this: "Can not connect to the server". If I use a wrong password, the VPN will tell me the pssword is wrong. The same VPN server can be connected by same username and password on my laptop, but not Nexus One. It is very strange.
Then I restored the original shipping firmware. It didn't work too. The reply of the VPN is the same as above.
The server is uk.focusvpn.com, and VPN type is PTPP. Encryption type I selected encryped and not encrypted, it didn't work on both.
Now the VPN on my Nexus One is totally broken. Can any good guy help me?
Mods are likely going to move this to a different forum.
If any of the devs want to look at this I'm seeing this also. The VPN Connections app for me to a Cisco Concentrator works fine.
I can't for the life of me get PPTP to work; this may just be a buggy PPTP client in the Nexus One 2.1 build. It works FLAWLESSLY on my G1 with the last CM build. I get a generic message that GRE is not functional; but this is BS - on the same link I can tether my Mac and it works or use the same WiFi On a Windows system or mac and it works. I'm suspecting Google regressed or introduced a bug on 2.1 with PPTP
Cyanogen; or any of the other dev's if you want to "borrow" my PPTP VPN account to debug I'm game to email you the info; PM me. I was going to try this on the emulator and but some debug messages in to see what the specific issue may be...
Yeah. PM me and ill try to fix it for the CM N1 release tomorrow!
is the CyanogenMod also for nexus one?
VPN on nexus (android 2.1)
I noticed on this webpage
code.google.com/p/android/issues/detail?id=4111
that android 2.1 only support old fashion Authentication Protocols
+ CHAP allowed
+ MSCHAPv1 allowed
But
- PAP disabled
- MSCHAPv2 disabled
- EAP Proxy disabled
i searched around and found no program can hack this to enable the later 3
is it easy to enable the above? anyone here can help to configure it or it actually needs a new development?
I have sucessfully connected to a cisco asa ipsec firewall using froyo 2.2 on a htc evo 4g supersonic.
pics or stfu
I have successfully connected my Android 2.2 EVO to a Cisco ASA 5520's Remote Access IPSEC VPN many times using VPNC. The problem comes when you actually try and route traffic thru the tunnel. . . Is everything working? eg, DNS lookups via the tunnel?
If it is, would you mind sharing HOW?
"Vpn connections" search for it
Sent from my PC36100 using XDA App
I have 4g and gingerbread on cyanogenmod omg!
ipsec vpn Android 2.2 EVO
n3x1s said:
I have successfully connected my Android 2.2 EVO to a Cisco ASA 5520's Remote Access IPSEC VPN many times using VPNC. The problem comes when you actually try and route traffic thru the tunnel. . . Is everything working? eg, DNS lookups via the tunnel?
If it is, would you mind sharing HOW?
Click to expand...
Click to collapse
I'd sure would like to know how you connected to Cisco's ASA via ipsec VPN. In my case DNS would not be critical as making a RDP connection to my servers or workstations via ip address is all I need. Could please share your solution. Assume you are using Group Authentication?
Thanks in advance!
I used VPNC version 07 and have transfered files from my corporate SMB Server and established RDC/RDP sessions with corporate computers while at my home. It works with MIUI 11.19 and cm6snap kernel version 8.1
Screenshots
Per your request. This is not a hoax.
ipsec vpn Android 2.2 EVO
bdawg31 said:
I used VPNC version 07 and have transfered files from my corporate SMB Server and established RDC/RDP sessions with corporate computers while at my home. It works with MIUI 11.19 and cm6snap kernel version 8.1
Click to expand...
Click to collapse
Hey thanks for the quick reply. New to this Android stuff - love it though. Just got my EVO about 2 weeks ago. So just to clarify. When you say -" It works with MIUI 11.19 and cm6snap kernel version 8.1", I'm assuming this is a rooted phone with that specific image. So probably won't work with stock EVO right?
You are very welcome and thank you for your interest and well thoughtout questions/comments. I have only had my evo about 5 weeks. I found it difficult to use at first, even a a IT administrator for a national hotel chain. Hang in there it will get easier.
Your device must be rooted. Use unrevoked. Dude you must root. If you don't, you are not using the device as t was intended by the designers. I will be glad to walk you through the process
Have anyone tried connecting to VPN servers on their Galaxy Tab 7.7?
I have tested more than 3 VPN servers. (They all work on PC, iPhone, iPad, Tab 10.1, Tab 8.9, HP TouchPad). When I try to connect them on Galaxy Tab 7.7, it connects successfully but fail to let me do anything once the connection is made.
I have created 2 test accounts and please feel free to test it using them or your own servers... let me know how it go...
BTW, I tried restoring. no help at all.
PPTP Server 1: pptp.vpn2.hk
PPTP Server 2: pptp.vpn2.us
Login: test
Password: samsung1234
William
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
C3POID said:
Hi,
for PPTP you'll need kernel 2.6.35.x!
Otherwise you'll be able to get a connection but your data transfer will break down after 5sec-3min!
I will edit this post with a link to "Issue 4706: Droid phone PPTP VPN dying after a short while." after I'm allowed to.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
are you saying that i need to upgrade my VPN server to kernel 2.6.35.x just for 7.7? just wondering cos my VPN servers (and many other VPN servers out there that I have tried) work for all other platforms, like Tab 10.1, iPad, Windows, OS X etc etc...
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
C3POID said:
Yes I do. google botched PPTP for VPN.
But you need to upgrade (/downgrade) the kernel of your Android device (client), not the server. Or do you run your VPN server on Android???
You can search for "issue 4706" or "android PPTP VPN problem" and you will find a lot of pi**ed people and maybe some answers like kernel version and needed OS version.
I can confirm that it works with kernel 2.6.35 and since GB2.3.7 / CM7! Some say it works fine with ICS, but I found also that higher kernel versions will not work.
And yes, all other plattforms will work fine with PPTP.
A953 Tapatapatapatalk
Click to expand...
Click to collapse
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM? I couldn't really be bothered with custom ROM as I am waiting for the official ICS upgrade notification ... I guess the furtherest I am willing to go is to root my device and install some replacement kernel (if this is even possible)...
I know linux but my main device is an iPad so I am just too lazy to spend too much time backing up / reinstalling the Android for custom ROM... anyway thanks for your time...
williamli1983 said:
thanks for the info. now for the million dollars question... how do you downgrade the kernel on Android? does this require flashing a new custom ROM?
Click to expand...
Click to collapse
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
C3POID said:
Yeah, that's it, BUT I would wait - like you mentioned - for the ICS upgrade and try than again.
Or you try another protocoll like L2TP over IPSec…
A953 Tapatapatapatalk
Click to expand...
Click to collapse
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work. God figures! oh well good thing it's not my main device so I won't stress much over it.
williamli1983 said:
oh well good thing it's not my main device so I won't stress much over it.
Click to expand...
Click to collapse
You are lucky, my MS2 is my main device and has a locked bootloader and only a 2.6.32 kernel .
I solved the VPN problem by changing to CM7, which wasn't possible for a long time, and using OpenVPN/SSL now.
Lucky me.
A953 Tapatapatapatalk
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
wilsonj said:
The Samsung Galaxy Tab with Android includes support for Virtual Private Network (VPN) connectivity. Here we show you, step by step, how to setup a VPN connection.
Add a new VPN connection:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
Tap Add VPN
Select the type of VPN to add (PPTP, L2TP, L2TP/IPSec PSK VPN, L2TP/IPsec CRT VPN)
Fill in VPN details such as VPN name, VPN server, etc (the required settings will depend on type of VPN selected)
Connecting to the VPN:
Press the Home icon, press Menu, and tap Settings
Tap Wireless & networks
Tap VPN settings
The VPN connections you have added are now listed
Tap the VPN you wish to connect to
A dialog box will open asking for your credentials, enter them and touch connect
When connected to a VPN, you will see an ongoing notification in the Status bar on your Samsung Galaxy Tab. If you should get disconnected, you will receive a notification and an option to go back to the VPN settings section.
Click to expand...
Click to collapse
mmm... we know how to setup the VPN here. just saying that the VPN never worked on any PPTP servers I tried
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
pinkowl said:
I have the 6800 and pptp for me works well over wifi. On mobile, I have the same problem you encountered, meaning while I can connect fine I cannot initiate any data transfer. Hope ICS will fix this problem.
Click to expand...
Click to collapse
thanks for the info. for me (on the wifi only version) vpn won't work on wifi
I also have the wifi only version, I connect de VPN, works for a while and suddenly stops transfering data althought the connection appears as established. To make it work again i have to disconnect and reconnect.
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
teegee17 said:
Just for your info - I got a L2TP VPN connection working just fine on my P6810 Wifi-only Tab. Not sure whether it is just the VPN service (AceVPN) I'm using, or whether I was just lucky.
My wifi tab is an import from HK, Kernal version 2.6.36-P6810ZSLA1
Click to expand...
Click to collapse
i didn't spend as much time looking into L2TP on mine as my main vpn servers are PPTP based.... mine also came from HK (well i m living in it right now )
hope ICS will be out soon! really want to try chrome
you should contact to your service provider. they will help you better
marksmithbvs said:
you should contact to your service provider. they will help you better
Click to expand...
Click to collapse
i m the service provider!
but i also tried a few other providers out there as well. none of them work on 7.7
i just got a galaxy nexus and everything works fine on it.
as mentioned somewhere above this post. it is a bug in the 7.7 code
williamli1983 said:
L2TP over IPSec was a bit weird too. the server address has to be an internal IP for it to connect, giving it an external IP or domain won't work.
Click to expand...
Click to collapse
Rubbish -- I use it all the time w/ gotrusted...
tl;dr Google Talk/AndFTP/SIP can't connect over an OpenVPN connection in CM7.2
My OpenVPN configuration has worked for several months. But since 7.2 came out, I've been troubleshooting a problem with my phone's VPN connection to my home server. The symptom I'm seeing is that apps besides the web browser cannot connect to anything over the VPN, including the VPN host itself. When I use tcpdump to watch traffic going over my server's tun0 adapter, I don't see packets sent from AndFTP and SIP (the phone dialer's SIP) ever reach the server. Strangely, the web browser works just fine over the VPN. I'm able to view websites normal, and even connect to my webserver on port 8080.
Like you (probably), my first assumption is that a problem like this is due to misconfiguration somewhere. However I'm starting to think that's not the case this time. My VPN configuration is very simple, and I don't use any iptables netfilter rules anywhere (the server is behind a nat router). These apps work just fine over my VPN when I'm using the old CM7-12112011-nightly-olympus build. My Ubuntu laptop also has no issues using the VPN. I have observed the route table (# busybox route -n) after the VPN connection is made using the latest nightly, and the old build which works. Both routes are the same (for whatever reason, the default gateway isn't removed, but it works on the old build anyway).
So I have only seen this issue when I'm running CM7.2 RC1 or the latest nightly: update-cm-7-20120409-NIGHTLY-olympus-signed.zip
For now I'm back on the CM7-12112011-nightly build, and my apps work on my VPN again. But I wanted to post this here incase this issue affected anyone else. I'm not sure how to continue troubleshooting it, or whether it might even be related to a bug.
I can use Pandora just fine over VPN, as well as download stuff from the Market/Play and use GTalk.
Here's my server config if you want to compare it
Code:
$ cat /etc/openvpn/server.conf
port 12345
proto udp
dev tun
ca /etc/openvpn/blahblah.crt
cert /etc/openvpn/blahblah.crt
key /etc/openvpn/blahblah.key
dh /etc/openvpn/blahblah.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.220.220"
push "dhcp-option DNS 208.67.222.222"
client-to-client
duplicate-cn
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 3
Ok if these builds are working for you, that does indicate it's just some misconfiguration on my end.
update: I did fresh installs of the last atrix-dev-team build and the latest cm7.2 nightly. On both builds apps are working over the VPN just fine. The only thing that doesn't work is the dialer's built in SIP, it won't connect over the VPN. It works when I'm on the same lan as the server, but not otherwise over the vpn. Watching tcdump, I never see packets coming from the phone when I enable "Receive incoming calls."
So I just gave up trying to get the SIP dialer to work on my VPN, and installed CSipSimple and SIPDroid. Both work just fine over VPN. While both these apps are popular, I was only avoiding using them since I didn't think they would be necessary. I've used the dialer's SIP to proxy calls over asterisk in the past with my original A855 Droid. Not sure why it doesn't work anymore, but not a big deal either.
I am also having some difficulty with openvpn. I am running CM7.2 RC3 on my Atrix. I have never had it working before on the Atrix (recent convert to CM7), but have had it working on laptops and an iphone. Was intrigued that it appears to be built in. I just cannot get it to work.
My issues are:
1) I cannot use the tun device. If I try, it appears to connect, then errors out.
Code:
N read UDPv4 [ECONNREFUSED]: Connection refused (code=146)
If I select tap, it will connect, but then it tells me that there are fragment errors
Code:
FRAG_IN error flags=0xfa3333ff: FRAG_TEST not implemented
2) I cannot add the 'extra arguments' under the advanced settings. I try tp put "fragment 1400" and . I'd like to add mssfix as well, but cannot figure out how to use this input block. If I try "fragment 1400" same thing:
Code:
MANAGEMENT: Client disconnected
When I use tap and keep the extra arguments clear, it appears to connect, but I get nothing: andsmb cannot see smb shares, I cannot get to the router web page, etc.
I have also configured pptp and that will allow me to connect (access shares and see the router web interface (ddwrt). I would prefer openvpn, though. Any help appreciated.
My connect script with a laptop is:
Code:
remote xxxx.dyndns-office.com 1194
client
dev tap0
proto udp
mssfix 1400
fragment 1400
resolv-retry infinite
nobind
persist-key
persist-tun
float
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
Keith
For anyone interested in data security the ability to encrypt network traffic is obviously important-- especially in light of the myriad of recent well publicized reports of private and government electronic snooping. It is also relevant to mention that to date no one has come close to cracking "TwoFish" encryption which can be used by SSH. With this in mind, consider the following tutorial which describes a method for encrypting all 3g, 4g, and Wi-Fi data, thus beefing up phone and personal data security.
Setting up a global SSH Tunnel on Android phones
This tutorial assumes the reader possesses a fully configured SSH server and rooted phone. In lieu of a server, (eg., the reader only has only a Windows-based operating system), research into CYGWIN is recommended. I use CYGWIN to run my SSH server and I have found that it is the most robust option for Windows users; however, setting this up on Windows can be a daunting task.
Setting up global SSH Tunnel on Android
1. Download 2 apps from the Google Playstore: ConnectBot and ProxyDroid
2. Install ConnectBot and ProxyDroid on your phone.
3. In ConnectBot set up Port forwards for your SSH connection. For "Type" field use "Dynamic (SOCKS)." For “Source Port” use 56001 or any local port not being used. The reasoning behind using port 56001 is this: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535)
4. Open ProxyDroid and configure as follows:
Host: 127.0.0.1
Port: 56001 (or the port you chose to use in step 3)
Proxy Type: SOCKS5
Global Proxy: Check the box
The above procedure accomplishes several things. First, ConnectBot remotely connects to your SSH server. Next, the ConnectBot connection forwards to the local port 56001. ProxyDroid then redirects all network traffic through the localhost on port 56001. Once you are connected through ConnectBot and ProxyDroid is activated all of your data will be tunneled through the encrypted ConnectBot session. This is an excellent way to set up a global proxy because it does not require manual configuration of any applications to connect through the proxy. You can test the functionality of the connection by opening up your phone browser and performing the Google search: What is my IP. If the proxy is functional you will see the WAN IP of the network of your SSH server. Additional and more thorough testing can be done with packet sniffers such as WireShark.
An application called "SSH Tunnel" is an alternative to accomplishing the above. However, I find ConnectBot and ProxyDroid is more elegant and gives better control-- not to mention being more sophisticated/chic. When correctly performed the ConnectBot and ProxyDroid method encrypts all 3g, 4g and Wi-Fi data on your phone. This is obviously useful for phone access of sensitive materials especially using unfamiliar or alien network connections. With the current proliferation of identity theft via electronic snooping on mobile devices I do not advocate using cellular phones for any banking or electronic transactions without setting up a robust and reliable encrypted connection.
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Android 4.3?
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
Unfortunately, I have not done any testing with android 4.3 yet so I'm not sure why the dns request wouldn't be proxied. I'll look into it and get back to you.
DNS proxy on android 4.3
strifej said:
I'm having trouble with this exact setup on Android 4.3 with DNS Proxy (proxydroid) enabled in China. When DNS Proxy is enabled, no traffic will come through at all. If I disable DNS Proxy, it works but without proxied DNS requests, I can't get to Youtube/twitter/FB.
Any ideas?
SSHTunnel for 4.2.2 is a much better alternative than running 2 separate apps and I still use it on my 4.2.2 tablet. But I don't want to downgrade my phone to 4.2.2 just for this
Click to expand...
Click to collapse
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
4.4
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
Tested on kitkat and is working fine. Ssh tunnel app not working however.
Dr.Tautology said:
So I finally had a chance to upgrade to 4.3 this week. I tested the dns proxy with proxydroid and it seems to be working fine. What rom are you using? I'm on Sacs rom and I would highly recommend it. Heres the link:
http://forum.xda-developers.com/showthread.php?t=2512983
Click to expand...
Click to collapse
I use pacman rom on nexus 4.
thank you for this tutorial!
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Thank you Dr.Tautology
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Glad to help!
DWroadrunner said:
Thank you Dr.Tautology
I was searching a big time for the solution you gave me.
First I was using SSHtunnel app from google play and it worked on my note 3 SM-N9005 (rooted) with jb 4.3. After upgrade to 4.4.2 kitkat (rooted) I could connect but there was no changing to my home ip in the browsers that I use with surfing by example to whatmyip . I also have a tablet "nexus 7" 2012 version upgraded also to 4.4.2 and on this device SSHTunnel is functional and the ip is changing??? I did not understand. Now I was searching for alternatives for my galaxy note 3 and I've found ssh connectbot and proxydroid. After I added the settings that I always used with dyn socks5 port 11723 on both programs.... -> connection to my DD-WRT router (with connectbot) was also possible. I also booted proxydroid and again after running chrome or firefox I still had the same ip so it didn't work.... Now I've found your post and read that the socks5 port must be above 49152. I changed the ports on both programs to 56001 in ('connectbot and proxydroid) and BAM! Connected with my home IP from outside my home :laugh:
The weird thing is that it worked on JB 4.3 with socks5 port 11723.
Now my woking SSH tunnel config -> Host = home-ip:7500 (default port = 22 in DDWRT)
user to connect to DD-WRT router = Root
password = Router password
dyn proxy socks5 port = 56001 as you suggest.
I have an app from my isp that I only can use with my home ip so I had to be home and connect by wifi. Now it's possible again with tunneling
Now the only thing that I have to do is thank you. :victory:
Never thought that the port number should be the problem.
Best regards DWroadrunner
Click to expand...
Click to collapse
Hey DWroadrunner,
That's great news! I'm very happy that my post helped you, as my intention was to provide all the necessary information to do this in one place. It's not always the case that a user port wont work, but unless you are big on port level security it's not easy to determine if/when the port is being used. This is probably why 11723 did work for you, however it's always better to go with a dynamic/private port range. Also, if you want a simple way to improve the security of your ssh server change the default port from 22 to something else. You'd be surprised how many attempts to connect will be made by attackers on a daily basis.
Regards,
DocTaut
droidshadow said:
I have been looking for a new way to setup SSH tunneling since the app "ssh tunnel" from the Google Play store stopped working with Android 4.2+
I can't wait to try this out..
I have two phones both SGS4's one running CM 10.2 and the other stock on 4.3 so i will try both of them out and report back here how it works out.
Thanks again for the tutorial!
-droidshadow
Click to expand...
Click to collapse
Let me know if this is working on CM. I have tested on stock 4.3 with no issues.
Any luck yet?
rintinfinn said:
I managed to set this up using SSH Tunnel for android. However I would like to use SSH Autotunnel as it's supposed to handle network changes better and is also more light weight. Does anybody know what type of private key this programm accepts? I have had no luck using putty keygen and the id_rsa I created in ubuntu does not seem to work either.
Click to expand...
Click to collapse
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Dr.Tautology said:
Hello,
I've used auto tunnel a handful of times. Just wanted to check to see if you figured out what key it accepts. I will test it out when I get a chance.
Click to expand...
Click to collapse
Hi, the developer send me a mail saying that autotunnel should accept both private key types. None of them worked for me, though. He also suggested to try and paste the content of the private key into the bracket. I might give that a try. Edit: I can confirm copying and pasting the private key works. But it does not seem to transfer traffic via the the server, at least not the 3g traffic while using chrome. Edit 2: Turns out SSH Autotunnel does not use a socks proxy. Therefore secure browsing is not an option. The app is for secure pop3/ftp-server/smtp-server connections only. Thanks go to Matej for his kind support.
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
You can use ssh tunnels also with Drony if some proxy with authentication is involved. Works also on non rooted devices.
Automation
khaytsus said:
I've been using OpenVPN but I'd prefer to use ssh, as I have several ssh servers around the world, plus their pipes are bigger than my home line I have openvpn running on.
I have yet to get SSH Tunnel (apk) to work reliably; it randomly stops working and it's just a dead connection.
Using ProxyDroid unfortunately requires me to launch ConnectBot, connect ssh, then start the proxy. It'd be nice if ConnectBot could bring up the connection automatically, or ProxyDroid could do it. What I do right now is VPN unknown wifi connections and I can automate that with Tasker. I might look to see if I can automate connecting with ConnectBot then enable the ProxyDroid connection.
Click to expand...
Click to collapse
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
I think so, it's just firewall settings etc.. Unfortunately for me, I need stuff that doesn't support SOCKS so I've gone back to looking into a faster OpenVPN service.
But this is good for browsing and things that use http etc.
Dr.Tautology said:
I think a simple bash script could be used to automate this task. I'm going to look into it; seems like an interesting/useful project.
Click to expand...
Click to collapse
hi have you figured out an automated script for this task via tasker, iv tried to create something but ended up no where lol.
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
sam.jaat said:
Hi my collage wifi connection is proxy based
Whenever i surfed internet on that connection only some basic application are connected through that connection
But many 3rd party apps doses't connect by that connection like games
Any solution like connection tunnel apps or else
I don't want to root my device
Thanks
Click to expand...
Click to collapse
Do you have to login to the proxy or is it an open proxy? If it's open, you could see if you can find a OpenVPN server that listens on 80 or 443. Then use any OpenVPN client on Android and you can add/update config to match the directions here: https://openvpn.net/index.php/open-source/documentation/howto.html#http