Android VPN – VPNC

29 June 2009

I work in the IT department and we’re just rolling out Cisco VPN (with dongles) to replace our older ISA VPN. Seeing as my G1 is the first “smart” phone I’ve ever owned, I thought I’d get it setup to VPN in to work (So I could use the Android App Remote RDP). Unfortuantely it didn’t appear to be a simple app available to accomplish this feat. About two weeks ago, I stumbled upon this page which described how to configure vpn for Android. Using those directions (with help from the xda developer’s forum here) I was able to get VPN’ed into work, and RDP’ed to my workstation. Here’s what I did.

Requirements

  • A rooted G1 with the tun module available (I used JF 1.51)
  • JF’s Terminal Emulator (included with JF 1.51)
  • Remote RDP
  • Linux knowledge (optional)

Setup

  1. Download the Get-a-Robot VPNC bz2 file from google code
  2. Extract the archive (if on Linux you can use bunzip2, in Windows 7-zip works well) to a known folder. I extracted to c:\android-vpn\
    • Note: I did the bulk of this on Windows, but if you’re smart you can translate this to Linux
  3. Open vpnc.conf located in ./data/data/org.codeandroid.vpnc/etc/vpnc/
  4. Edit the file with information from your Cisco .pcf file. Below is the mapping of variables for vpnc.conf to YourFile.pcf.
    • IPSec gateway = Host
    • IPSec ID =GroupName
    • IPSec secret = GroupPwd (or if GroupPwd is blank, you’ll have to decrypt the enc_GroupPwd variable as shown below)
    • Xauth username = Your login username
    • Xauth password = Nothing. Leave this blank to have VPNC prompt you for your password every time.

    My vpnc.conf file (sanitized and with the wrong username):

    vpnc_config

  5. Edit the vpnc-script and change the first line from #!/system/bin/bash to #!/system/bin/sh
  6. Open a command prompt and push the files using adb push x:\path\to\data /, copying the edited script and config file to the root of your G1.vpnc_push
  7. Mount the microSDHC card and create a new folder in its root called vpnc.
  8. Create two files: go and prep
    go should contain this one line:
    /data/data/org.codeandroid.vpnc/bin/vpnc /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc.conf --script /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-script --pid-file /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-pid --no-detach --debug 1

    prep contains a few lines:
    modprobe tun
    lsmod
    mkdir /dev/net
    ln -s /dev/tun /dev/net/tun

  9. Unmount the microSDHC card and then fire up terminal emulator – we need to chmod a few files to make things work.
    chmod 777 /data/data/org.codeandroid.vpnc/bin/vpnc
    chmod 777 /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-script

Starting the VPN

  1. In Terminal Emulator type su to get root access (Approve if it prompts you to grant permission)
  2. As root (designated by the “#” prompt) run cd /sdrom/vpnc
  3. Run sh prep (Note: this is only required once each time you reboot your phone)
  4. To start the VPN, run sh go. It will prompt your for your password, then attempt to connect:
  5. You can then click the back button to leave the vpn connection running and fire up Remote
    vpnc_remote
  6. To close the VPN, reopen Terminal Emulator, and if it’s still up and running, send the interrupt (ctrl-c) by clicking and holding the mouse ball, then pressing ‘c’
  7. If the vpn is not still running, you can find the process ID number by running ps and looking for /data/data/org/codeandroid.vpnc/bin/vpnc.
    vpnc_kill
  8. Kill the process by running kill -9 [pid], (in our example kill -9 1896)

Final Thoughts

Although this isn’t ideal for an extended VPN connection, if combinded with tethering (something I’m working on next), it could become quite powerful. For quick checks, this works quite well.

Sources:
xda-developer’s forum
Uber Geeky post
Get-A-Robot-VPNC Google Code Page

pezhore Add a comment
Under: G1
Comments (5) Trackback Leave a comment
  1. Wade mealing July 22nd, 2009 at 01:00 | #1
    Reply Quote

    Gday,

    Heads up, new version with graphical user interface available at http://code.google.com/p/get-a-robot-vpnc/

    Requires most of the same tools you have said, we are working on streamlining the process though.

  2. Psylem July 24th, 2009 at 08:36 | #2
    Reply Quote

    The remote desktop app was impressive enough, nice to see someone had a real use for the VPNC on Android. For me it was just an exercise in oneupsmanship with my iPhone wielding colleagues.

    The get-a-robot-vpnc client is now an installable Android package. Just in time too, since I read somewhere the iPhone now also has support for Cisco VPN connection. ;)

  3. Chris September 2nd, 2009 at 04:07 | #3
    Reply Quote

    Hi, I’m looking to make a decision about buying a new Android-based phone (vs an iPhone). I know that the iPhone has applications to support Citrix ICA client and Cisco VPN client, now I’m just comparing that against the Androids. My preference is towards buying an Android, but my decision will unfortunately be dominated by work: I work in an operations environment, and when I’m on call I need to be able to get into work systems quickly, from where ever I am.

    So I’m curious about performance of this app – does it chew your battery? How responsive is it? Particularly when running RDP over the top of the VPN client?

  4. Marc November 11th, 2009 at 06:21 | #4
    Reply Quote

    For Android 2.0 on Motorola Droid, how do you DELETE VPN configs? I’m trying to build a config from my checkpoint desktop client and I can’t seem to find a way to delete or edit incorrect ones. Thanks!

  5. Rafael May 23rd, 2010 at 19:53 | #5
    Reply Quote

    how i do with droid and the new graphical user interface in the android 2.0.1 version?

Allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">
  1. October 12th, 2009 at 10:22 | #1
    HTC Hero und Zyxel P-600 – HTC Hero – Android Forum

    [...] B: vpnc details – http://techha.us/2009/06/android-vpn-vpnc/ C: ROM 2.2 – http://android.modaco.com/content/ht…he-new-update/ D: VPN_Connections: – [...]