Android PPTP
-
Thanks for the info. I added that note to http://doc.pfsense.org/index.php/Android_VPN_Connectivity
-
My Atrix which is also running 2.2.1 will connect but doesn't receive any traffic back over the tunnel. I wasted most of yesterday chasing problems with setting up pptp on 2.0 RC1 b/c I was using my phone to test the server. Only to go home and try from my laptop to have it work. So I spent most of last night looking into pptp issues with Android and it appears as though it still doesn't properly support MPPE.
There's a long bug thread/report on it here which includes people using Android 2.3.3 devices.
http://code.google.com/p/android/issues/detail?id=4706Can you verify that you are able to get data across the connection?
-
My Atrix which is also running 2.2.1 will connect but doesn't receive any traffic back over the tunnel. I wasted most of yesterday chasing problems with setting up pptp on 2.0 RC1 b/c I was using my phone to test the server. Only to go home and try from my laptop to have it work. So I spent most of last night looking into pptp issues with Android and it appears as though it still doesn't properly support MPPE.
There's a long bug thread/report on it here which includes people using Android 2.3.3 devices.
http://code.google.com/p/android/issues/detail?id=4706Can you verify that you are able to get data across the connection?
As per the google bug thread, I can establish a connection with pfSense 2.0-RC1 but it only works for somewhere less than a minute and then traffic stops flowing (both to LAN and WAN). As per the last post in that thread (which happens to be mine), the same thing happened on DD-WRT …with encryption disabled OR enabled (it appears that you can't use an unencrypted PPTP client with pfSense 2.0). I believe others in that thread have indicated problems even with encryption disabled as well.
Whatever the exact cause(s), I think it's safe to say that many folks are experiencing difficulty with the Android PPTP client.
-
I posted in another thread about this, and will add it here, but I am experiencing this issue too. (I can establish a connection, get 1-2 minutes of internet) I can however connect to the VPN at my jobsite (running webmin) just fine, access network resources.
An interesting note is in the firewall logs I'll see my phone's public IP as a source instead of the internal IP I assigned via PPTP. When I am home tonight I will post all my log information. Another interesting tid-bit is, if I establish a connection, and try to access pfsense, I immediately can no longer access the web or anything else. The same is true if I try to access my web server on the LAN interface. I do have allow all under the PPTP rules * * * * * all across.
Using L2TP, my android works flawlessly.
I originally thought it was something I was doing wrong as to why I could not communicate with network resources. Also the same as the above posted, using a workstation PPTP works flawlessly.
-
@heavy1metal:
Using L2TP, my android works flawlessly.
Be careful with that, L2TP doesn't encrypt, just tunnel.
-
@heavy1metal:
An interesting note is in the firewall logs I'll see my phone's public IP as a source instead of the internal IP I assigned via PPTP. When I am home tonight I will post all my log information. Another interesting tid-bit is, if I establish a connection, and try to access pfsense, I immediately can no longer access the web or anything else. The same is true if I try to access my web server on the LAN interface. I do have allow all under the PPTP rules * * * * * all across.
Using L2TP, my android works flawlessly.
With PPTP, when traffic stops flowing it stops for everything on my Android device. All network traffic stops. I have to disable the VPN client to get things back to normal. In addition to possible encryption problems, I've seen mention of possible problems with the routing tables ….they may be getting mucked up when the VPN client is enabled.
Regarding L2TP ...can you please tell me specifically what you have configured to get it to work? I can successfully connect and access LAN resources, but I can't access any WAN resources. I've tried a combination of firewall rule settings but with no luck. The minimum configuration that allows me to access the LAN is to pass UDP 1701 to any on the WAN interface, and pass any TCP/UDP to any on the L2TP interface. What else have you enabled to make it work for both LAN and WAN access on the client? Thanks...
-
I know :-) It's disabled, I was just seeing what did and did not work. Haven't tried IPSEC or OpenVPN just yet. Haven't had the time to install OpenVPN onto the phone, looks like there's a couple steps involved lol. Ultimately this is what I will end up doing.
@heavy1metal:
Using L2TP, my android works flawlessly.
Be careful with that, L2TP doesn't encrypt, just tunnel.
-
This is the same for me, if I try websites such as m.cnn.com, I might have < 2 minutes of access, afterwhich my phone is dead in the water. Otherwise, I connect, try to access a LAN resource, and it immediately stops all network traffic.
For L2TP, Server address was 10.1.1.1, Remote range was 10.1.0.0/18. Encryptiong : CHAP (Which I understand to be nothing more than a challange - handshake protocol, no actual encryption algorithm is used.) No radius server. Create a user under "users."
I did not specify a secret.
I'm pretty sure WAN/LAN both worked, I will try again tonight. The building I'm in is shielded from damn near every wave frequency, so my cell phone no-worky inside :-(
@heavy1metal:
An interesting note is in the firewall logs I'll see my phone's public IP as a source instead of the internal IP I assigned via PPTP. When I am home tonight I will post all my log information. Another interesting tid-bit is, if I establish a connection, and try to access pfsense, I immediately can no longer access the web or anything else. The same is true if I try to access my web server on the LAN interface. I do have allow all under the PPTP rules * * * * * all across.
Using L2TP, my android works flawlessly.
With PPTP, when traffic stops flowing it stops for everything on my Android device. All network traffic stops. I have to disable the VPN client to get things back to normal. In addition to possible encryption problems, I've seen mention of possible problems with the routing tables ….they may be getting mucked up when the VPN client is enabled.
Regarding L2TP ...can you please tell me specifically what you have configured to get it to work? I can successfully connect and access LAN resources, but I can't access any WAN resources. I've tried a combination of firewall rule settings but with no luck. The minimum configuration that allows me to access the LAN is to pass UDP 1701 to any on the WAN interface, and pass any TCP/UDP to any on the L2TP interface. What else have you enabled to make it work for both LAN and WAN access on the client? Thanks...
-
I guess I found the right thread. I have two pfsense 2.0 RC1 over Alix box, both of them connected over open VPN and voip works just fine. I tried connecting from nexuss/android 2.3 using pptp and the connection went through, my sip client registered with the asterisk server, but I've a one way voice communication. All this while, I was wondering why would I have symptoms similar to NAT issues over VPN. :)
Will try L2TP today & see if that works for me.
EDIT: For some reason I'm not able to make a successful L2TP connection using android 2.3
-
I can confirm that both L2TP and PPTP is working for me using Acrobit SIP clients. I'm using Nexus S, rooted, running stock 2.3.4. I was not able to connect with L2TP before as I think it was not automatically opening L2TP ports on the WAN interface as with PPTP.
