Bypassing proxy authentication by creating Wi-Fi hotspot - Networking

One of the limitation of non-rooted Android devices is not being able to handle network proxy in non HTTP aware (basically web browser) applications. As an example, there is an option to set Wi-Fi proxy address and port in Network Settings. Browsers do respect such proxies.However, other apps, e.g. WhatsApp, GMail, Play Store; are completely unaware of network proxies. Hence, it imposes a severe limitation.
I am behind my university proxy using basic authentication. I use an Wi-Fi router to connect to their network. To remediate, I thought of creating another Wi-Fi hotspot using Virtual Wifi Hotspot or something similar. But there should be some mechanism so that connecting to this hotspot need NOT require a proxy setting. To elaborate, apps connecting to this hotspot must be completely unaware of proxy through which traffic is being routed. Does anybody have any idea on implementing this?

You can try Drony or SandroProxy
Holmes.Sherlock said:
One of the limitation of non-rooted Android devices is not being able to handle network proxy in non HTTP aware (basically web browser) applications. As an example, there is an option to set Wi-Fi proxy address and port in Network Settings. Browsers do respect such proxies.However, other apps, e.g. WhatsApp, GMail, Play Store; are completely unaware of network proxies. Hence, it imposes a severe limitation.
I am behind my university proxy using basic authentication. I use an Wi-Fi router to connect to their network. To remediate, I thought of creating another Wi-Fi hotspot using Virtual Wifi Hotspot or something similar. But there should be some mechanism so that connecting to this hotspot need NOT require a proxy setting. To elaborate, apps connecting to this hotspot must be completely unaware of proxy through which traffic is being routed. Does anybody have any idea on implementing this?
Click to expand...
Click to collapse

SandroBSupp said:
You can try Drony or SandroProxy
Click to expand...
Click to collapse
With these apps, programs that respect android OS proxy settings will work. I couldn't make any apps other than browsers work with this technique.

My phone connects to virtual hotspot but unable to browse, download etc.
I connected my lenovo a 516 thru wifi using virtual router and a wifi dongle on my pc.. The wifi connection is established sucessfully but i can't use internet, no data is received.
tried with another phone, same outcome.
tried several network and sharing settings posted online, no fruit..
I am not an expert in networking, so can't figure out where's the problem on my own.
please help..
This is what my connections look like, after creating hotspot using virtual router..(in the attachements)

Related

GPRS and Static IP with VPN

HI guys,
Does anyone know how to get a static IP address when using the GPRS connection to the internet. The reason being is because our corporate firewall has to recognise the device through it's IP. Is there any other possible methods for recognising the user?
Also does a VPN work well over GPRS and is there any extra configuration involved on the VPN server
Cheers
Any answers would be great.
Unfortunately there is no simple answer to your question. AFAIK you cant get a fixed ip on gprs, but if your using the right firewall and the right vpn host you dont need to.
I use and supply windows sbs 2003 servers and vpn into them regularly. I have also used citrix to achieve similar results. Might be a bit difficult to persuade your firms it dept to set up something like that for 1 person though.
PM me if youd like any advice.
BillyB said:
HI guys,
Does anyone know how to get a static IP address when using the GPRS connection to the internet. The reason being is because our corporate firewall has to recognise the device through it's IP. Is there any other possible methods for recognising the user?
Also does a VPN work well over GPRS and is there any extra configuration involved on the VPN server
Cheers
Any answers would be great.
Click to expand...
Click to collapse
Hello Billy,
You ask a good question, but the answer isn't simple. Most carriers do have two types of APN (Access Point Name) provision for your SIM: "private" APN (which provides a non-routable IP assignment from behind a NAT, for basic browsing and e-mail functionality) and "public" APN (that provides a routable IP assignment, which is the Minimum Requirement for a more sophisticated connection type, such as VPN, etc). However, both of them are assigned by a DHCP (Dynamic Host Configuration Protocol) Server on a GGSN (Gateway GPRS Support Node) of your particular GPRS network operator. In either case, the end result will obviously be a DYNAMIC IP address on your GPRS terminal (be it a laptop PC, a PDA, or phone)
Some carriers do offer what is called a "dedicated APN" provision, which gives the subscriber their own IP range to choose from (almost like a small subnet), but it is only available to corporate giants like Pepsi (for example).
Now, to sum it up, you must have the proper APN provisioned on your Mobile SIM account (which the provider will normally call something like a "VPN data package" in billing terms). Then, you must obviously establish a GPRS session before you can connect your VPN client (but remember that most basic VPN clients work the best). It is pretty sad to say, but Microsoft Windows-embedded VPN client on Win2k/XP Pro so far has performed the best with no quirks whatsoever. It has to be via PPTP...L2TP has also worked for me..otherwise, the fancier (and more secure) the VPN tunneling protocol, the more its likely to fail. Normally all you need for a basic MS WIndows VPN client config is the Server name (or IP address), the user name, and the password.
Hope this helps,
Let me know how it goes,
Alex
PS. PM me if you have further questions.
VPN and TS Its like pulling teeth
hi all this has got to be the most anoying problem ever. i can connect to O2 vpn access point and hence i can connect to my work vpn server. however as soon as i try to open a TS connection to my desktop (through the vpn) the VPN connection is dropped and i never connect. Can anybody tell me why? if i have a vpn connection to my work server why does TS try to make another connection and bomb out the original. Is there a fix or another way of doing this i.e. does a external IP have to be nat'd to my desktop IP on port 3389? all help greatly appreciated. Ian

vpn connection (pptp) disconnects

I want to use PPTP vpn connection to my work together with Remote Desktop (Teminal Service) application.
The PPTP vpn connection is established successfully.
From my work PC I can ping the pptp ip address of my PPC.
However if I switch to an application which would generate internet traffic (such as terminal services, internet explorer) my PPTP connection drops.
On my vpn server I get the logs and see the disconnect reason as "user requested)
What is the problem ?
Thanks...
hi,
I guess nobody has such experience with vpn connections.
where can I find information about this problem ?
thanks
Hi, I have the same problem more or less
see http://forum.xda-developers.com/showthread.php?t=291208
I have the same problem when trying to use Skype. My office also requires the use of a VPN (PPTP) when connecting via the wifi.
Skype connects, I can make calls, but the connection is dropped after 30s (the VPN is closed). Oddly enough, it I have the impression I prevent the VPN connection from dropping by using Pocket Internet Explorer at the same time (I have tried creating a website that automatically refreshes every 10s, but this didn't keep the VPN open). The Messaging client als shows odd VPN behaviour: it always closes the VPN, and opens it every time send/receive is selected.
I suspect not all programs keep the VPN open, even despite the fact that those programs are generating traffic over the connection.
Any hints or suggestions are greatly appreciated!
Jorg
(sorry, I can't edit posts in Opera Mini)
MarsRover: I have changed the AlwaysOn registry setting in the registry (in the folder of my work vpn). Ii appears to have changed the Messaging behaviour (but I need further testing to be sure). Tomorrow I'll see if it changed the Skype connection.
Thanks for the suggestion, if it works it ought to be put in the FAQ.
Jorg
Hi,
MarsRover,
I couldn't understand the solution. Can you explain ?
My situation is :
I am using Wifi connection to access internet. This connection is selected as my internet connection.
My pptp vpn connection is set under my Work connection.
So when I use the pptp connection I connect to Work over Internet.
But then it gets dropped if I open internet explorer.
If I set "*/*" to my intranet addresses, I have to connect to everywhere over my VPN connection. This is not good because I don't want to use VPN connection for Web browsing etc.
There must be another way ? Don't you think so ?
Btw, if I set AlwaysOn to "1" in registry , and then check it back after a connection is made, I see it is "0" again.
Hi
You do not have to redirect all traffic through the VPN you can pick and choose under settings>connections>advanced>exceptions just add the urls you need. ie so instead of */* use the specfic range ie 10.0.0.*/* or whatever range your work uses. One more issue however if the wirless ip range overlaps the internal VPN work range you may still have isssues. ie if your wireless ip address range is 10.0.0.x and your vpn range is 10.0.0.x then even if you add 10.0.0.*/* in the exceptions it may still try the wireless link rather than the vpn link for your TS etc. If you get my drift. There is a discussion on this here:
http://forum.xda-developers.com/archive/index.php/t-217422.html
Stephen
Thank you Stephen.
In fact, I am aware of how the exception list works. I can add the IP addresses which I want to reach via work vpn.
However, I still wish that there was a way to use VPN connection manually without using an exception list.
Isn't this possible ?
mrmrmrmr said:
.... This is not good because I don't want to use VPN connection for Web browsing etc....
Click to expand...
Click to collapse
This is good for me because I DO WANT to use VPN for all network access.
mrmrmrmr said:
Btw, if I set AlwaysOn to "1" in registry , and then check it back after a connection is made, I see it is "0" again.
Click to expand...
Click to collapse
It happens if you use settings->connections to view/change settings
hello...
i haven't a clue if this helps...
in my firm theres a cisco vpn connection... i search a long time for a programm that i can use with that vpn connection...
finally i find one... NCP Secure Client... works for me... maybe it helps you...
futureshock said:
hello...
finally i find one... NCP Secure Client... works for me... maybe it helps you...
Click to expand...
Click to collapse
where can I find it ?
does it connect to cisco vpn concentrator / ASA ?
there is also AnthaVPN from AnthaSoft but it's not very reliable.
PPTP
Bluefire seems to work fine with IPSec, but I need PPTP (IPSec requires NAT-T in most cases with GPRS/3G).

Proxy auto-config PAC file?

Hi guys, I'm one of the many people having problems connecting to the internet over wifi with a proxy. I just can't get it to work. I am using my university wifi network, and I can connect to the network fine, access the login pages, and browse the university intranet fine, but cannot connect to any outside pages.
The uni provides a PAC file (and strongly recommends it's use) but there doesn't seem to be any way to use this in 6.1. Does anyone know of an app or anything that can configure proxy using a PAC file?
(I have tried connections-connection-advanved-select networks-new and entering the proxy manually but just doesn't work.)
Cheers.
Same problem here...
Not sure about the PAC file but you can use TransProxy or AutoProxy to configure the proxies in your phone. Open the PAC file using a Notepad and it should show you the Port and IP address of your Proxy Server. Use that information while configuring the proxy software.
I know this is old, but this is an ongoing problem and I figured out how to use a .pac proxy file! After reading about proxy's and what .pac files are, I stumbled upon a little hint and after a little tinkering I was able to use my work's wifi that uses an auto-config .pac file and my phone and tablet has full internet access with browser, apps etc including Netflix for example.
Here are the steps you need:
1) Your phone has to be rooted to take advantage of the proxy apps on the market, I personally use ProxyDroid, which is free and has a feature to bind certain proxy profiles to automatically turn on when a certain wifi network is connected.
2) Usually there is an option that gives you an http proxy pac file to manually input to your browsers or what not, so whatever the link is, put it an active internet browser to download the pac file (an example of the url with the pac file would be something like http://internet.xxxxx.com/proxy.pac)
3) Where ever you download the pac file, open it with notepad or wordpad and this will reveal all the proxy info you need in order to access the proxy enable wifi. What the ProxyDroid app needs from the PAC file is the Host url and Port number. When you open a PAC file in notepad, you'll see something like this near the top along with a bunch of other things under it:
"Cisco Remote Envelope Service
if (dstHost=="internet.e-mail") {
return "PROXY internet-x-x.xxxxxx.com:9090""
- So in "Host" under Proxy Settings in the ProxyDroid app you would input: internet-x-x.xxxx.com
- For the "Port" you would put input: 9090
4) After inputting those 2 pieces of info into the ProxyDroid app, turn the wifi on for your Android Device then enable to ProxyDroid app, you should able to connect to the proxy enabled wifi!
*Some notes for the ProxyDroid app.
- It allows for Authentication, but since my work wifi does not use that, I'm not sure how it would work
- For Proxy type, I set it as an HTTP
- I binded the specific proxy profile to my work wifi so it would ProxyDroid would automatically enable when work wifi was detected
Hope this bit of info helps other that have Android devices and were unable to use a proxy enable wifi to finally access them. Hopefully in the future, Android will make using proxy and pac files a lot easier like how it's done on the ipad where they allow you to manually set up proxy settings by having the device download the PAC file.
This works on both a rooted AT&T HTC Inspire and a HP Touchpad running CM7 Alpha
If anyone is reading this, there is an easier way. Check out Autoproxy on the market. You can add a new proxy, put in the address to the proxy.pac file, and it will connect to the correct proxy everytime.
That's also useful if you're on a network where they keep changing the proxy (like the place I work). It auto-connects to the proxy when you're on that network, so it's set and forget.
Thank you, dtothesquare. I finally managed to connect my Galaxy S to my university's wi-fi, something that I couldn't do for over a year. The university doesn't officially support Android. I must have done dozens of Google searches to find this. Your advice really works, I'm so happy!

.pac proxy

anyway to use a .pac proxy URL on android?
don't think you can do this,think the phone os not able to understand, why do you need to use pac files?
Sent from my GT-I9000 using XDA App
Global Pandora
I know this is old, but this is an ongoing problem and I figured out how to use a .pac proxy file! After reading about proxy's and what .pac files are, I stumbled upon a little hint and after a little tinkering I was able to use my work's wifi that uses an auto-config .pac file and my phone and tablet has full internet access with browser, apps etc including Netflix for example.
Here are the steps you need:
1) Your phone has to be rooted to take advantage of the proxy apps on the market, I personally use ProxyDroid, which is free and has a feature to bind certain proxy profiles to automatically turn on when a certain wifi network is connected.
2) Usually there is an option that gives you an http proxy pac file to manually input to your browsers or what not, so whatever the link is, put it an active internet browser to download the pac file (an example of the url with the pac file would be something like http://internet.xxxxx.com/proxy.pac)
3) Where ever you download the pac file, open it with notepad or wordpad and this will reveal all the proxy info you need in order to access the proxy enable wifi. What the ProxyDroid app needs from the PAC file is the Host url and Port number. When you open a PAC file in notepad, you'll see something like this near the top along with a bunch of other things under it:
"Cisco Remote Envelope Service
if (dstHost=="internet.e-mail") {
return "PROXY internet-x-x.xxxxxx.com:9090""
- So in "Host" under Proxy Settings in the ProxyDroid app you would input: internet-x-x.xxxx.com
- For the "Port" you would put input: 9090
4) After inputting those 2 pieces of info into the ProxyDroid app, turn the wifi on for your Android Device then enable to ProxyDroid app, you should able to connect to the proxy enabled wifi!
*Some notes for the ProxyDroid app.
- It allows for Authentication, but since my work wifi does not use that, I'm not sure how it would work
- For Proxy type, I set it as an HTTP
- I binded the specific proxy profile to my work wifi so it would ProxyDroid would automatically enable when work wifi was detected
Hope this bit of info helps other that have Android devices and were unable to use a proxy enable wifi to finally access them. Hopefully in the future, Android will make using proxy and pac files a lot easier like how it's done on the ipad where they allow you to manually set up proxy settings by having the device download the PAC file.
I've tested and this works on both a rooted AT&T HTC Inspire and a HP Touchpad running CM7 Alpha
shaunm1989 said:
anyway to use a .pac proxy URL on android?
Click to expand...
Click to collapse
Check out autoproxy on the market. It's my app and it's new. It's the only app that supports proxy.pac proxies directly. Just put the address to the file there, and click connect. It will also auto-connect when you're on the same network again (and disconnect when you're off it) so it's set and forget. It will allow you to use any apps, as long as the port is not blocked by the proxy.
Dtothesquare, that technique will work for simple proxy implementations but some organizations have a cluster of proxy servers that may serve different clients (closer to client without using anycast) or destinations. For example, a proxy server may be set up to just handle *.com while another could handle just internal hosts. It can also be used for sending clients to an alternate proxy server should the primary one be down for some reason.
Our proxy server has ACLs that only let it proxy certain URLs and returns an error if it receives something that's not allowed on that server.

When VPN down, block app - When VPN up, allow app

Hello...
I have a Mi Box S device. It has the lastest updates.
Basically - what I am trying to do is when my VPN is up, an app is allowed to run (so do nothing). When the VPN is down, block the app.
I do not have ROOT.
I have tried various firewalls on the device that do not need ROOT and blocks apps - but they work by creating a separate VPN connection for the device. When I switch on my VPN, the firewall stops working. When I switch my VPN off, the firewall needs to be manually started.
If I had ROOT, I would edit IPTABLES to block everything except the IP \ PORTS needed for my VPN to work, and that would solve the issue. No apps would have Internet access until my VPN was active.
Ideas welcome. I am not against rooting the device - however - for the newest versions of the Android TV boxes, it seems to cause many more issues and does not seem to be worth the risk.
THANK YOU!
I do NOT know the answer to your question and I don't have Android TV, so ignore this if it doesn't help...
On the PC there are various VPN killswitch batch files that simply remove the LAN gateway, which works PERFECTLY to do what you ask on a PC:
Start VPN and then start the VPN killswitch
If the VPN is on, the LAN and WAN are accessed
The instant the VPN drops, the WAN is dropped
But the LAN remains intact
Maybe something like that is available for Android?
Googling, we get a lot of hits for Android VPN-specific killswitches.
Each Android public VPN server seems to have their own killswitch.
For example, here's one for private vpn on Android.
But there should be a killswitch for Android WITHOUT having to use any given VPN public server.
This hit implies it's a part of the Android settings.
But unfortunately my Android 12 doesn't have those VPN killswitch settings.
Does yours?
Solved. Admittedly - this solution works for me but might not work for others.
I host my own VPN server 'in the cloud' and, as part of that server, it's own DNS server.
Manually set the IP and DNS on the Mi Box S. Set the DNS to an INTERNAL DNS address that is only available when the VPN is running.
The app in question needs DNS to function. When the VPN is down, no functioning DNS, app does not function.
When the VPN is up, DNS functions, the app functions.
Good enough for me...

Categories

Resources