Android OpenVPN Setup



  • Does any one know a step by step guide for setting up the android client. I folled this guide http://blog.stefcho.eu/?p=492 for my laptop but now I have an Asus TF700 that I would like to use with open VPN. Thanks for the help.



  • I have it working on my android phone just fine. I actually have the featvpn client from the market. I paid for it a while back before I was rooted and it did the job just fine and I continue using it after I am rooted.
    Since it appears you already have the open vpn server up and running then just get the client.

    I am using cert + pass and all i did was export the cert in pfsense and then installed it in the settings of feat vpn.

    If you dont use a cert you can just manually put in your info, ip/url username and pass and it will connect just fine. The good thing about featvpn is you can use it on non rooted devices. if you are using ICS you will need to visit thier site and get the beta version of their software. Right now they are providing the full version free since its beta.. It been working fine on two devices so far for me.


  • Rebel Alliance Developer Netgate

    No need to pay for a client - the free one works great.

    Full how-to is up here:
    http://doc.pfsense.org/index.php/Android_VPN_Connectivity#OpenVPN_on_Android_.28Non-Root.29



  • I had everything working but the I moved from an embedded to a hard drive install now after following the guide again when I go to up load the cert on the android app it says:
    option tls- remote has 4 parameters, expected between 1 and 1

    and it fails to set up the VPN

    Any ideas



  • Does your server CN contain spaces? You may have to use the new "Quote Server CN" option.



  • I found even the quote spaces option didn't work with Android, the FEAT client reparsed the spaces to -, then complained it didn't match the quoted string.  No spaces in the certs and it works.


  • Rebel Alliance Developer Netgate

    It works fine with the OpenVPN client linked in the doc wiki article I posted above.

    I haven't tried the FEAT client since the free one works perfectly.

    Though it is best to avoid using spaces in the CN anyhow.



  • FYI for Gingerbread (Android 2.3.x):  I couldn't find any non-rooted ie: 'no hack' vpn client other than the FEAT client.  If the open source one linked upstream works prior to Android 4.0 it's not in the online android store.  I suppose it's time to research whether there is more joy than grief in 'root access enabling' android phones.


  • Rebel Alliance Developer Netgate

    On Android 4.x the client I listed works, for older ones I thought you had to root no matter what.



  • Hi Jim:  The HTC Thunderbolt / Gingerbread 2.3.4 here works with the FEAT vpn client which hasn't been modified at all.  From their website: "FEAT VPN is an Android app that brings OpenVPN to Android versions 2.1 through 3.2. In contrast to existing apps, FEAT VPN does not require you to root your Android phone or tablet and thus void its warranty. FEAT VPN works on unmodified off-the-shelf devices."

    How?  "They've cleverly included an L2TP server in with it, which bridges the build-in L2TP client to the OpenVPN client via the localhost/loopback device"


  • Rebel Alliance Developer Netgate

    Ah, I didn't realize they had hacked it up to work on older Android versions. In that case, do what you gotta do…



  • Hi All,

    Just want to share how I configure my Samsung Galaxy Y to connect to my PFsense 2.0.1 Firewall

    ========================
    OpenVPN Installer By: Fredricj Shauffelhut
    OpenVPN Settings
    Busy Box

    I don't to install tun.ko since galaxy y has already built-in

    Note: Tested using Galaxy Y (rooted)
    Model: GT-S5360
    Kernel: 2.6.35.7
    Build number: Gingerbread.dxkl2

    just create folder for config on sdcard/openvpn

    1. First Install busybox if encounter error saying not compatible just select lower version from the list
    2. install Openvpn Installer
    when you see Binary not installed (make sure you busybox is installed succcessfully)

    Click install

    You will see "Binary Installed"

    Just tap on exit

    2. Install OpenVPn Settings App from google play same author
    3. Create folder for config on sdcard/openvpn and copy your openvn config files in there.
    4. now you will see the config you just save on the list.
    5. Just put a check mark on the list of vpn connection you would like to connect wait for it to connect. it won't prompt for password I just have to click on the notifications area to display the user/password prompt.

    That's it….

    Regards,
    Rocel


Log in to reply