Recent comments on posts in the blog:
Hello, Maybe you can help me. I installed the OpenVPN on my tab (Samsung tab4 with Android lollipop) and the connection is OK. I see that there is a connection, I can even ping the tab from my VPNserver (router). The thing is now, not all traffic is flowing through the tunnel. I started a couple of applications and the registered data use is not increasing that much. Also some applications won't work because they only work in my own LAN. So my conclusion the tunnel is not used for several applications.
Questions: 1. How can I check if an application is using the tunnel or nog. 2. How can I config that all applications are using the tunnel. 3. Maybe something else I have to do ??
Thanks in advance.
How about WiGLE Wifi Wardriving as a Free app for seeing local channel use?
In the UK, there's one generation of BT Home Hub which uses only three channels... and you can't colour a map with three colours so if there are too many in an area, welcome to WiFi interference hell.
"Once your devices are set to the right country, you should scan the local environment to pick the least congested wifi channel."
But beware -- the least congested channel may be unused for a reason. In my office I can see the usual mess of overlapping wifi's but nobody uses 5/6/7.
And if you try you soon find out why -- something nearby emits huge amounts of noise at those frequencies and those channels just don't work at that location.
(Makes the "auto select" feature of many AP's useless).
Is there a possibility to getting it work with tap interface? The current openvpn binary doesn't work with Android Lollipop
I'm using it on Lollipop and I was able to set it up with a graphical app, not a command-line one.
turn off daily auto-commits turn off auto-commits before package installs
I'd actually not do that. etckeeper's daily autocommit feature once helped me tracing an intruder in a system that got hijacked by a botnet. Although this shouldn't happen in the first place, it was quite helpful that etckeeper kept a hint on when some important files were changed.
I've used your OpenVPN posts as a starting point for my own openvpn experiments.
I couldn't find much on the differences in the documentation/FAQ of those projects. I've ended up using 'OpenVPN Connect' since it is claimed that it is the 'official' OpenVPN app - and because it is installed/rated by more users.
Do you know some advantages of one over the other?
Regarding the settings on the Android device - I generally dislike the idea of having to navigate complex configuration dialogs in an android app. Fortunately 'OpenVPN Connect' supports importing the settings, keys and certificate from a single
.ovpn profile file ('OpenVPN for Android' supports this, too, it seems). With that you can even include the certificates and keys inline.
Your example settings translated to
.ovpn syntax should look like:
client dev tun proto udp remote openvpn-gateway.example.org 1194 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server comp-lzo cipher AES-256-CBC auth SHA384 <ca> -----BEGIN CERTIFICATE----- [..] -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- [..] -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- [..] -----END PRIVATE KEY----- </key> key-direction 1 <tls-auth> -----BEGIN OpenVPN Static key V1----- [..] -----END OpenVPN Static key V1----- </tls-auth>
I've tested it with 'OpenVPN Connect' on Android 5 and it works as expected.
I should also mention that IPv6 dual-stack works well over OpenVPN for Android on 5.0 and above (it's broken on 4.4).
(Side-note: IPv6 dual-stack also works well with the strongSwan IKEv2 app.)
You might note that Planet Debian allows you to collapse authors? That was my solution to really not wanting to read particular individuals.
Your approach seems good too though