Archive:Posts Tagged ‘VPN’

Android VPN – VPNC

June 29th, 2009

I work in the IT department and we’re just rolling out Cisco VPN (with dongles) to replace our older ISA VPN. Seeing as my G1 is the first “smart” phone I’ve ever owned, I thought I’d get it setup to VPN in to work (So I could use the Android App Remote RDP). Unfortuantely it didn’t appear to be a simple app available to accomplish this feat. About two weeks ago, I stumbled upon this page which described how to configure vpn for Android. Using those directions (with help from the xda developer’s forum here) I was able to get VPN’ed into work, and RDP’ed to my workstation. Here’s what I did.

Requirements

  • A rooted G1 with the tun module available (I used JF 1.51)
  • JF’s Terminal Emulator (included with JF 1.51)
  • Remote RDP
  • Linux knowledge (optional)

Setup

  1. Download the Get-a-Robot VPNC bz2 file from google code
  2. Extract the archive (if on Linux you can use bunzip2, in Windows 7-zip works well) to a known folder. I extracted to c:\android-vpn\
    • Note: I did the bulk of this on Windows, but if you’re smart you can translate this to Linux
  3. Open vpnc.conf located in ./data/data/org.codeandroid.vpnc/etc/vpnc/
  4. Edit the file with information from your Cisco .pcf file. Below is the mapping of variables for vpnc.conf to YourFile.pcf.
    • IPSec gateway = Host
    • IPSec ID =GroupName
    • IPSec secret = GroupPwd (or if GroupPwd is blank, you’ll have to decrypt the enc_GroupPwd variable as shown below)
    • Xauth username = Your login username
    • Xauth password = Nothing. Leave this blank to have VPNC prompt you for your password every time.

    My vpnc.conf file (sanitized and with the wrong username):

    vpnc_config

  5. Edit the vpnc-script and change the first line from #!/system/bin/bash to #!/system/bin/sh
  6. Open a command prompt and push the files using adb push x:\path\to\data /, copying the edited script and config file to the root of your G1.vpnc_push
  7. Mount the microSDHC card and create a new folder in its root called vpnc.
  8. Create two files: go and prep
    go should contain this one line:
    /data/data/org.codeandroid.vpnc/bin/vpnc /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc.conf --script /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-script --pid-file /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-pid --no-detach --debug 1

    prep contains a few lines:
    modprobe tun
    lsmod
    mkdir /dev/net
    ln -s /dev/tun /dev/net/tun

  9. Unmount the microSDHC card and then fire up terminal emulator – we need to chmod a few files to make things work.
    chmod 777 /data/data/org.codeandroid.vpnc/bin/vpnc
    chmod 777 /data/data/org.codeandroid.vpnc/etc/vpnc/vpnc-script

Starting the VPN

  1. In Terminal Emulator type su to get root access (Approve if it prompts you to grant permission)
  2. As root (designated by the “#” prompt) run cd /sdrom/vpnc
  3. Run sh prep (Note: this is only required once each time you reboot your phone)
  4. To start the VPN, run sh go. It will prompt your for your password, then attempt to connect:
  5. You can then click the back button to leave the vpn connection running and fire up Remote
    vpnc_remote
  6. To close the VPN, reopen Terminal Emulator, and if it’s still up and running, send the interrupt (ctrl-c) by clicking and holding the mouse ball, then pressing ‘c’
  7. If the vpn is not still running, you can find the process ID number by running ps and looking for /data/data/org/codeandroid.vpnc/bin/vpnc.
    vpnc_kill
  8. Kill the process by running kill -9 [pid], (in our example kill -9 1896)

Final Thoughts

Although this isn’t ideal for an extended VPN connection, if combinded with tethering (something I’m working on next), it could become quite powerful. For quick checks, this works quite well.

Sources:
xda-developer’s forum
Uber Geeky post
Get-A-Robot-VPNC Google Code Page

pezhore Comments: 6
Under: G1