Jump to content

[SOLVED] Help Connecting Android 4.1.1 to Untangle OpenVPN


Recommended Posts

First off, I love the show. Thanks to all the Hak5 production team.

I've been following allong the SSH episodes and have been successfully using Bitvise to tunnel my web browsing when on the road. When I saw episode 1405 I wanted to set up a OpenVPN server using Untangle as a VM. I followed allong Daren's guide and set the server up. Here are the specs of the setup:

Host Machine: Windows 7 Ultimate 64-bit

VirtualBox version 4.2.16

Untangle 9.41 x32

Tablet: Samsung Galazy Tab 2 7.0 GT-P3113

Android: 4.1.1 (Rooted stock ROM)

Router: Netgear WNR-3500L v1 running Tomato ver 1.28 by Shibby

I created a test server in Untangle VM and distributed the certificates to my tablet via scp. All the files (testuntangle-ca.crt, testuntangle-testtablet.crt, testuntangle-testtablet.key, testuntangle.conf, testuntangle.ovpn) are located in the internal SD card in a folder called "/untangle-vpn". The router is set to forward port 1194 to the Untangle VM (internal IP

I've gotten to the point where I can connect the tablet to the Untangle server from an external IP (i.e. using my phone as a hotspot). The only thing is that whenever I check my IP address on the tablet (www.whatsmyip.org) I keep on getting the same IP that my cell phone carrier assigns me and not my home IP. I've tried rebooting all the listed devices to no avail. What am I missing.

Here is the testuntangle.ovpn file contents (all mentions of my home IP have been X'ed out):


# OpenVPN(v2.0) configuration script

proto udp
resolv-retry 20
keepalive 10 120
cipher AES-128-CBC
ns-cert-type server
verb 2
verb 1
dev tun0
cert untangle-vpn/testuntangle-testtablet.crt
key untangle-vpn/testuntangle-testtablet.key
ca untangle-vpn/testuntangle-ca.crt
remote X.X.X.X 1194

Here is the log file from the OpenVPN app on my tablet:

10:09:55:690 -- EVENT: PROFILE_IMPORT_SUCCESS info='X.X.X.X [testuntangle]'
10:10:03:709 -- ----OpenVPN Start ----
10:10:03:739 -- EVENT: RESOLVE
10:10:03:811 -- LZO-ASYM initswap=0 asym=0
10:10:03:811 -- Contacting X.X.X.X:1194 via UDP
10:10:03:812 -- EVENT:WAIT
10:10:10:818 -- Connecting to X.X.X.X:1194 (X.X.X.X) via UDPv4
10:10:10:362 -- EVENT: DISCONNECTED
10:10:10:377 -- -----OpenVPN Stop -----
10:14:44:521 -- -----OpenVPN Start -----
10:14:44:540 -- EVENT:RESOLVE
10:14:44:543 -- LZO-ASYM init swap=0 asym=0
10:14:44:544 -- Contacting X.X.X.X:1194 via UDP
10:14:44:545 -- EVENT:WAIT
10:14:44:551 -- Connecting to X.X.X.X:1194 (X.X.X.X) via UDPv4
10:14:46:656 -- EVENT: CONNECTING
10:14:46:672 -- Tunnel Options: V4.dev-type tun.link-mtu 1500.proto UDPv4.comp-lzo.cipher AES-128-CBC.auth SHA1.keysize 128.key-method2.tls-client
10:14:46:674 -- Peer info:

10:14:48:738 -- VERIFY OK: depth=0
cert version:3
serial number: 2A:AC:29:81
issuer name: CN=ca does not esist. C=US, ST=CA, L=SF, O=TestUntangle, OU=2ce38bec7228fce7, 0x2E=certificateAuthority
subject name: CN=ca does not esist. C=US, ST=CA, L=SF, O=TestUntangle, OU=2ce38bec7228fce7, 0x2E=certificateAuthority
issued on : 2013-07-12 -3:47:42
expires on : 2023-07-10 03:47:42
signed using: RSA+SH1
RSA key size: 1536 bits

10:14:49:851 -- SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
10:14:49:852 -- Session is ACTIVE
10:14:50:853 -- EVENT: GET_CONFIG
10:14:50:869 -- Sending PUSH_REQUEST to server...
10:14:51:042 -- OPTIONS:
0 [route] []
1 [route] [] []
2 [route] [ping] [10]
3 [route] [ping-restart] [120]
4 [ifconfig] [] []

10:14:51:043 -- LZO-ASYM init swap=0 asym=0
10:14:51:051 -- EVENT: ASSIGN_IP
10:14:51:099 -- TunPersist: saving tun context:
Session Name: X.X.X.X
MTU: 1500
REmote Address: X.X.X.X
Tunnel Addresses:
Reroute Gateway: IPv4=0 IPv6=0 flags=[ IPv4]
Add Routes:
Exclude Route:
DNS Servers:
Search Domains

10:14:51:100 -- Connected via tun
10:14:51:107 -- EVENT: CONNECTED info=X.X.X.X:1194 (X.X.X.X) via /UDPv4 on tun/' trans=TO_CONNECTED
10:18:57:009 -- UDP send error: send: invalid argument
10:18:57:032 -- EVENT: PAUSE trans=TO_DISCONNECTED
10:19:37:561 -- EVENT: DISCONNECTED
10:19:37:594 -- ------OpenVPN Stop-----

Any help will be appreciated. Thank you in advance.

Edited by RoofTurbo
Link to comment
Share on other sites

I went over to the Untangle Forums and posed my question there. They explained that I had to enable "Full Tunnel". To do this I clicked on the "Settings" button on the OpenVPN "rack", "Advance" Tab, click on the Document icon under the "Edit" column, and ticked the "Full Tunnel" option.

Now when I open up www.whatsmyip.org on the tablet it shows my home IP after OpenVPN app is connected to the Untangle server. I hope this helps anyone who may have forgoten this step too.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...