Android Client
-
Not completely sure this is the correct forum….
I am testing the 2.1 snapshot series (going well so far) and have succesfully built an IPSEC VPN and am trying to build an OPENVPN server that will accept links from mobiles - particularly Samsung running Android 4 - have tried a variety of apps on the phones and pads and the VPN connects OK - but am unable to access anything on the network.
I have the PUSH "Route ........." in custom options but all the android apps report is an IP address that is correct for the network - but no DNS/ROUTE info.
I am sure I have missed something obvious - just not sure what! Unless the fact I have an IPSEC VPN as well is causing confusion?
Thanks
Andrew
-
IPsec would only conflict if the networks overlapped exactly. (e.g. same tunnel network on OpenVPN as you have in IPsec Phase 2 going to LAN)
The Android client works well, it should normally work fine, assuming your OpenVPN firewall rules pass the traffic and the client is getting the correct routes.
-
Main network is 192.168.80.0/24 - Ipsec vpn is to 192.168.88.0/24 and openvpn clients are on 192.168.82.0/24 so should be no problem
Will check firewall rules again - maybe if I make the ranges even more different??
Thanks
Andrew
-
Those are different enough it shouldn't be a problem.
If fixing the rules doesn't seem to help, then seeing the log from the android end of the VPN client might help, and the rules on your OpenVPN interface.
-
Well the OpenVPN tab has only one rule and that is to pass all IPv4 traffic from any source to any destination using any protocol.
Am also adding explicit rules to track all traffic on the mobile subnet
No error messages in android log as far as I can see - will try and get the output to a file
Andrew
-
Interesting - but confused.
Changed the mobile network to 10.0.8.0 so as to be VERY different to all other networks - and it works! No entries in firewall for blocked packets (as you would expect)
Only slight funny is on Status/Openvpn - if you click the routing button it shows the connection details but it says that there should be a "C" if currently connected - there is not - is this a funny from the 2.1 snapshot (using yesterday morning version)
At this time I have only included etails of the local lan, defaut domain name and a DNS server together with the push route - is the general advice to inculde netbios/wins etc or just leave well alone?
Andrew
