OpenVPN on ICS (Android 4, without root) - now even easier!
-
I have a OpenVPN server RoadWarrior with TLS and User Auth set up following the guide here:
http://blog.stefcho.eu/?p=492I can't seem to get this to work with the above app. I have been following the wikihttp://doc.pfsense.org/index.php/Android_VPN_Connectivity#OpenVPN_on_Android_4.0_.28Non-Root.29
Does this support TLS?
When I import the config I get the following message:
Could not find file pfsense-udp-1194-tls. key mentioned in the imported config file
Your configuration have a few options that could be parsed. These options were added as custom configuration options. The custom configuration is displayed below:
resolv-rety infiniteAny help appreciated
-
It works fine for me with TLS enabled. It embeds the TLS key in the inline config I export/import and it shows up fine.
-
Ignore my previous error. I didn't have the latest client export package. I have now updated to v0.20.
New problem; When I click to download the "Inline Configuration" I get a single .ovpn file (as expected). But if I open it with notepad it only contains the following line:
/tmp/client.tarExporting using the other options seems to produce valid .ovpn files, but not the inline config. Any idea?
-
Interesting - let me test it here and get back to you.
-
ok give it 5-10 mins and when 0.21 shows up, reinstall the pkg.
-
jimp your a star. All connected working perfectly. Man you work fastย ;D
-
I have found a bug or maybe its not a bug but my own naming error (just thought I would mention it).
So I added one VPN and it connected fine. Added a second which is near identical to the first.
first file has this line:
tls-remote charliesecond file has this line:
tls-remote Road Warrior Server CertOn importing I got an error reading config file:
Option tls-remote has 4 parameters, expected between 1 and 1I'm sure I can just rename my cert from "Road Warrior Server Cert" to "RWcert" and it will be fine as my other .ovpn file is only a single parameter.
-
if you edit the config and put "Road Warrior Server Cert" in quotes (just like that) does it work?
-
yeh it does, obvious really. Thanks
-
ok I'll enclose that in quotes when I update the exporter next time
-
Here comes 0.22 with that in quotesโฆshould fix it up.
-
This works great!ย Thanks for the update.
This works on Jelly Bean 4.1.1 as well.
-th3r3isnospoon
-
Note this thread in Packages http://forum.pfsense.org/index.php/topic,52600.0.html that indicates that putting the string in quotes does not work for some client platforms. Needs a bit of investigation to see exactly what syntax is valid for which clients.
-
Perhaps, the real fix is of course to not use spaces in CA/cert names to begin with, but either way, it should work with the quotes I thought.
We may just need a newer build of OpenVPN in the export package and that may be sufficient.
-
Perhaps, the real fix is of course to not use spaces in CA/cert names to begin with, but either way, it should work with the quotes I thought.
I do agree. Not sure why that one cert of mine had a space in it, none of the others do. As a linux user I don't normally use spaces.
