In my company we have a VPN set up to route only internal traffic through VPN, but all other traffic remains on the regular connection. This works for me on my Mac, and on my old Galaxy S4, but with S8 when I connect to VPN, it routes all traffic through VPN which means I can't see any outside world since routes there haven't been set up that way (I can see VPN machines just fine). Is anyone else experiencing these issues? I use built-in IPSec Xauth PSK VPN.
I think this is a bug in Samsung's ROM, but getting this info to them is impossible, at least in a small European country like mine.
Are you trying to access Tor network?
If yes then open the Orbot browser disable app VPN mode if not then download VPN Master from app store and try connecting through it.
Related
Hi,
I have a little problem that I am sure there must be an easy solution to!
I have set up a VPN on my Universal to connect to work. The problem is that my work's VPN server allocates me an ip address in the 10.x.x.x address range. All servers that I need to access behind the VPN have addresses in this range as well. Unfortunately, my ISP (T-Mobile UK), also allocates an address in the same range. Therefore, whenever I try to acccess a server at work, WM5 suffers confusion since it doesn't know whether to route the message through the VPN or directly out to the internet through the cellular modem.
I have been able to verify that the VPN thing works if my work network was on a different network address since initially, I was unable to VPN into my PC at home for the reason described above. I changed the ip addresses of all machines on my home network and now everything works fine at home.
Unfortuantely, I am unlikely to convince the IT people at work to change the address of all their machines. Similarly, I don't think I will have much success with T-Mobile and so is there anything I can change at my end to avoid this problem?
Thanks in advance for any help.
Mark
Narrowing the ip address may help, eg 10.0.0.1 is different to 10.1.0.1.
are you using this over wifi or gprs? if the phone provider is involved, I assume its gprs.
you could try and esablish your ip address as fixed rather than part of the pool, so the it guys assign a range for remote connections as say 10.0.0.100 to 10.0.0.150 as remote dial in connections, thus giving you a separate number.
the best way though I would have thought is for you to a fixed ip address known to you and the servers, and then hard type the ip address as your vpn settings, then establish that ip address as part of the exceptions settings.
in order to use exceptions though you have to know the range, or the exact ip address you will be assigned, and must be different to your telco.
not much of a solution, just some suggested areas to look at.
cheers
s.
hi guys, just out of curiosity what software are you using for VPN? on my laptop my company has installed cisco vpn, does it need to be a cisco vpn for wm5?? :?
From bad to worse...
Thanks for the reply Simon.
Unfortunately, I just went to try out some of your ideas and discovered that I can't get the VPN to connect at all now. It used to connect OK but then have routing problems whenever I tried to access anything. And my home VPN worked perfectly. Now, I can connect to neither.
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Yesterday I "upgraded" my GPRS account from T-Mobile's Web'N'Walk to Web'N'Walk Professional and now I find I have this problem. Is this just a coincidence, or could it be that the Pro version has more severe restrictions than the consumer version?
I have emailed Customer Services to see what they have to say.
I will post back when I get a reply from T-Mobile.
mstar, I am no VPN expert, but for me, using a Windows XP hosted PPTP VPN it works after a fashion (above problems excepted!). I am using the VPN client built into Windows Mobile 5. I think you stand a good chance of getting it working using the built-in client.
Mark
I simply switched over to an O2 sim and with minimal configuration changes could verify that my setup still works OK and so it must be something to do with T-Mobile blocking ports. They weren't blocked yesterday!!!
Click to expand...
Click to collapse
I've heard on the grapevine that T-mobile have explicitly refused certain types of traffic on the web-n-walk
VOIP is the biggy...
I was seriously thinking about getting signed up - but no point if IPSEC is a prob, as well as VOIP.
Not sure how they can tell it's Skype traffic :?
http://www.reghardware.co.uk/2006/05/09/t-mobile_bans_voip/
for more info
An Update
An update on my VPN problem. Yesterday after total failure to get the VPN to connect, I emailed T-Mobile customer services.
Although they have not replied, when I tried it this afternoon I found that it was working again as before even though it had not been working first thing this morining. Of course I have not changed anythng at my end to cause it to break and then start working again (but they all say that, don't they!).
So, I don't know whether this was just a momentary fault, or whether T-Mobile have changed something to re-enable the VPN ports for me. I can now VPN in to my home PC, but the problem connecting to my work VPN with the 10.x.x.x address remains.
So, Sikkutz, depending on the address of the remote network, you may or may not be able to get a VPN to work using T-Mobile's Web'N'Walk.
By the way, my VPNs both use Microsoft's PPTP and not IPSec and so there may be different issues with that protocol.
I have discovered that O2 provides a separate acccess point, vpn.o2.co.uk, that causes a public ip address to be allocated to the device, ie not on the 10.x.x.x network. It would seem that this is designed to address this very problem. Does anyone know if T-Mobile can provide something similar?
Mark
There must be a solution
Hi!
I have the same problem with my Qtek 9000 (VPA IV). I can connect to my VPN Gateway but the routing into LAN failed. I get a 10.x.x.x address from Vodafone Germany and my LAN uses 10.98.8.X. :-(
But there must be a solution! My previous Qtek 9010 (VPA III) had the same problem, but it was able to route between the 10.-networks after a firmware-upgrade to version 1.40.01! But I don't no why!
What was changed in firmware to enable routing???
Daniel
i have the same issue aswell, I am reluctant to change the IP range of my machines as that usually causes trouble for the servers
Any other ideas?
Thanks
maybe stupid thing, but did you guys try dna forwarding (that is what I use from home office, not on pda to be honest..
Maybe I just did not get your point....
What kind of VPN server do you use? I'am using a Cisco PIX and use a PPTP VPN almost everyday. I can use the 10.1.x.x network at the location the PIX is located (this PIX is directly connected to the 10.1.x.x network).
I can't however use any of the remote offices using 10.2/10.3.x.x etc.
This is becaus of the lack of routing abilities in the PPTP implementation.
With an IPSEC tunnel (additional software needed) the remote offices can be reached without any problems.
I know that some IP implementation disallow routing between a public address and any 10.x address. To solve this you could give your VPN clients an address from a 10.x subnet .
hi sorry been away awhile,
I use the routing and remote admin snapin of Windows server 2003 to manage my VPN, I can connect fine using the phone as a modem with my notebook but as soon as I try accessing any URL/resource on my network it fails, e.g. we have a intranet site on http://servername but it wont open this up.
Any Ideas?
HI there,
Has anyone experienced an issue whereby bluefire or similar contivity VPN client connects seamlessly over WIFI and 3G however will only allow RDP or VNC over WIFI.
I am currently running bluefire and am able to authenticate through 3G but thats it, I have no other functionality.
Any help would be great!
Thx
I've seen it where specific ports are blocked on the 3G providers network, but given that you're establishing a vpn tunnel, that should be irrelevent, as all the traffic should be tunneled via the VPN. I wonder if the Device isn't picking up the new route to send the traffic via the VPN, and is instead sending it via the 3g connection to a non-existant device.
Does your VPN-endpoint give you any logs to show if its actually receiving the traffic from the device? Are you able to ping anything within the remote network (assuming ping is allowed) from the device?
One thing I have noticed is that if you have a 3G connection open, then establish a wifi connection, the routing table doesn't seem to update to use the wifi connection and you actually have to kill the 3G session. I wonder if something like that is happening here - the 3g session establishes a default route, the VPN session then comes up but the device doesn't realise to send traffic via the VPN session. Or are you getting any traffic through the 3G/VPN connection?
I have the option to turn on verbose logging. I ll give that a go and see if it highlights anything really obvious.
hi all,
I want to use PPTP vpn connection to my work
The PPTP vpn connection is established successfully.
However if I switch to an application which would generate internet traffic (such as internet explorer) my PPTP connection drops.
What is the problem ?
thanks
That's normal. Happens to me everytime. When you access your providers' ISP through updating weather, stocks or starting IE, it will boot your VPN connection. For me, it is do to my service provider.
so there is nothing to do to resolve this issue ? i would like to use VPN access to my work to check email with Internet Explorer ..
You need to add work network exceptions to force required types of traffic to go through the VPN tunnel. Plenty of relevant discussions around, just google it. Here's a link to one particular overview:
http://www.glenscott.net/2008/11/04/windows-mobile-56-networking-profiles-proxy-and-vpn-setup/
I've got a unique situation, and I thought I'd ask to see if anyone else has been able to deal with this situation.
I've got an unlocked MyTouch 3G working on a network in South America. I am presently behind a proxy, and running a wireless router in my home. I can't afford a 3G connection, but of course I want to download apps from the Market, etc.
So far, I've been able to set up a transparent proxy on my desktop (cntlm) to receive traffic and redirect it to the proxy (to avoid the authentication pop-ups), so the browser is fine. Also, Gmail and GTalk work fine, since they transmit on different ports. But the rest of the apps hit a brick wall. Market, Maps, Mapdroyd, etc all zilch.
Since I've been able to do something similar with my *iPod* (yes, I know that's a curse word here), I wonder if there is a way to somehow redirect all web traffic to my desktop, so that it can authenticate with the proxy.
My phone is rooted, running Cyanogenmod-5, with the proxy settings directed to my desktop. But only the browser recognizes the settings. Can other apps be persuaded to use it as well?
Just to add to the previous post...
I did a little more digging, and it seems that the Android Market connects on port 5228. Unfortunately, I don't have control over which ports can be opened in my situation. However, since my *ahem* iPod *ahem* also has Google Maps, I tied connecting and it works fine. I can only assume that it is using the proxy setting, whereas the MT3G is ignoring it.
This is a linux system, and there has to be a way to force it to use the proxy, am I right?
Should the wireless router not take care of the proxy???
The router should take care of all wan-side communication...
So the lan-side devices just connects to the router and have internet!!!
If your router cannot handle this, you could buy some rather cheap wireless network adapter... and in linux you could set it up as hotspot... making sure that all devices just connects to it and have internet while you take care of the proxy problem!!!!
I'm sorry for the confusion, I should have explained my situation better. I actually live in a complex that provides internet by means of a proxy. I have no control over the proxy, and all I have to connect to it is a LAN connection. I have my cheap wireless router hooked up to it, and my computers are configured to direct traffic to it. (I understand that this is similar to many business-like setups.) What this means is that my MT3G can communicate through to the proxy by means of the transparent proxy, but it seems that not all apps are designed to apply the system-wide proxy setting.
If you are able to help, I would gladly provide more details...
From my desktop i am using BeeVPN and would love to have my phone connection using the VPN protocol protecting my traffic on my phone as well.
So now i am hoping someone here are using either beevpn or a similar service and have setup a secure vpn on their note and would share their experience in doing so?
I've setup a VPN to my home using Windows 7's built in VPN server. I used Dyndns to sort out the physical IP address to my home (since I don't have a static IP) and then set up the port forwarding on my router to forward VPN connections to the PC I have running the VPN service.
Works like a charm (PPTP protocol being used.)
I have openvpn on my XP home machine and also on my (rooted) note. It is a bit fiddly to get the note's internet traffic routing via the home XP box - that does not happen by default on an openvpn connection, you have to set it up in the openvpn server config file. Should then be OK but unfortunately, pushing the default gateway doesn't seem to work on Android in practice. The openvpn client on the note has a workaround for this - a menu option to "fix DNS problems" which does the job after the VPN is established.
I use this method for any stuff I do on public wifi other than basic web surfing where I have no security concerns. So, banking, utilities etc. all goes over VPN. I also use it when I need to present my home IP address rather than thet of the connection I'm currently on: eg. for watching UK TV streams whilst outwith UK, and for remote access to 3rd party systems that sit behind firewalls which allow my static home IP through but nothing else).
Connecting to the VPN from public wifi/3G is very easy (once I've woken the XP box with Wake on LAN). The only real downside is that your download speed over the VPN in this configuration is limited to the UPLOAD speed of your home broadband. I get 800Kbps which is sufficient for decent video streaming (skygo/TVcatchup).
The other major benefit of VPN is that you can remotely access your home PC's and services on them via internal ip addreses without having to open up ports on your router on the WAN interface.
I've had a Vpn set up on my note for about 4 months now with no problems.
I use vpnaccounts.com as the server very easy and simple to setup.
I just wish the Vpn would work using my data connection and not just Wifi but we can't have everything!
georgios73 said:
I've had a Vpn set up on my note for about 4 months now with no problems.
I use vpnaccounts.com as the server very easy and simple to setup.
I just wish the Vpn would work using my data connection and not just Wifi but we can't have everything!
Click to expand...
Click to collapse
I'm located in Brazil and also use vpnaccounts.com on my laptop, pc, Galaxy Note and Nexus S. The server I connect to is in Dallas Tx.
I also use the 1 VPN app which gives you 1 click logon.
Everything works great!
Yes but don't you have to enter your VPN password every time you want to turn on the VPN?
I can't find a way to keep the password remembered by the device.