OpenVPN and Android
-
I'm having a hard time setting up Android to connect to work's OpenVPN server. Right now, the client I picked (OpenVPN for Android) can successfully connect to the VPN. But that's about it.
I had a similar problem when I set up an OpenVPN client for Ubuntu, using Network Manager. There, I was able to connect to servers in the home network, but couldn't connect to resources outside of the home network (like google.com, for example). I dug around for a bit and clicked on the "Only use this tunnel for resources in its network", which I'm pretty sure just turned on split tunneling at the client.
OK, great. But the OpenVPN for Android client doesn't seem to have a split tunneling option to select. I'm also having a hard time finding information that could be useful for debugging the connection. After all, OpenVPN connects successfully, it's just that packets aren't getting routed (I think).
How do you all deal with Android and OpenVPN?
-
I don't know about OpenVPN or what it supports, but have you tried Android's built-in VPN settings? IME it works 100% with no fiddling required with PPTP, and the setting lists a few other options that I haven't tried.
-
Unfortunately, the state of VPNs sucks. PPTP is old and uses insecure transport encryption. L2TP/IPSec is a lot better, but Android doesn't support it. (It's also a pain in the ass to set up for my remote LANs). OpenVPN is cross platform enough for all our needs.
-
@Captain I see L2TP/IPSec PSK and RSA in my list of options, as well as three other IPSec ones (Xauth PSK, Xauth RSA and Hybrid RSA), so it at least appears to be supported as of 6.0.1 (unless OnePlus added their own support for it, which seems unlikely)
-
tunnel yo bears?
TunnelBear VPN - Apps on Google Play
One-tap Access VPN. Protect Your Mobile Privacy with Encrypted Internet Security
also wtf?
i get l2tp.
-
@accalia I'll try TunnelBear. Apparently I don't remember why I went with OpenVPN instead of SoftEther (It's coming back to me now... SoftEther's site to site protocol doesn't play nice with the site LAN routers). I'd definitely prefer sticking to one protocol for VPNs than two.
-
@Captain said in OpenVPN and Android:
@accalia I'll try TunnelBear.
tunnelbear is easy "Me to internet (possibly in a different country)" VPN, if you're looking to prevent your ISP from being able to track your traffic or if you want to bypass global regionlocks, Tunnelbear's for you, if you need a site to site VPN then tunnelbear's not for you
-
OK. That's not what I'm looking for. I want the tablets to be able to connect to the file servers in our LAN (ideally while letting the tablets
directly to the rest of the web)
-
@Captain said in OpenVPN and Android:
OK. That's not what I'm looking for. I want the tablets to be able to connect to the file servers in our LAN (ideally while letting the tablets
directly to the rest of the web)oh...... you want the HARD kind of vpn..... and you want to do it on tablets.......
good luck mate. i'll stand you a round at the pub when you get free.
-
@accalia I'll take you up on that. :-)
-
UPDATE: I built a client configuration file and imported it into the official OpenVPN client. The tablet is still exhibiting the same behavior.
Which sucks bigly. I must be missing something in setting up the environment.
-
UPDATE: I added a route to the main site's LAN and now it's all working! I'll pick an OpenVPN client based on its UI. Apparently, another option would have been to make the OpenVPN server machine do NAT masquerading. This wasn't an issue for the site-to-site VPNs because the site LANs do masquerading for me (so no machine in the client LAN ever sees the 10.8.0.0 address OpenVPN gives its clients)
