Cisco VPN on EVO? - EVO 4G Q&A, Help & Troubleshooting
I'm using burnt-droid 2.6.32.25 kernal rom rooted and vpn connections and i can't get vpn to work.
http://code.google.com/p/get-a-robo...=Filename+Summary+Uploaded+Size+DownloadCount
it downloaded kun.to fine and i setup my connection
ipsec gateway - ip
ipsec id = group name
ipsec secret = secret
username = username
password = password
tried pass+token digits checked and unchecked
can't seem to connect. has anyone gotten this to work on their evo?
Does it say that it connects? When I tried VPN Connections, it would connect but not send any traffic over the VPN.
There's a couple of patches on the website for vpnc-script Here for example that fixes that problem. Otherwise can you give more details? What error messages do you get, any debugging information available (logcat, etc)?
noxipoo said:
I'm using burnt-droid 2.6.32.25 kernal rom rooted and vpn connections and i can't get vpn to work.
http://code.google.com/p/get-a-robo...=Filename+Summary+Uploaded+Size+DownloadCount
it downloaded kun.to fine and i setup my connection
ipsec gateway - ip
ipsec id = group name
ipsec secret = secret
username = username
password = password
tried pass+token digits checked and unchecked
can't seem to connect. has anyone gotten this to work on their evo?
Click to expand...
Click to collapse
Hi,
I am having this issue as well, but could not find the path to install this script nivron referred to, on the evo.
I am connecting and I can see that I have the tun0 interface and an IP address assigned, but I cannot get applications to use the tunnel.
I even tried to pass the --script flag to the script on the sdcard, but would not connect then.
Any info would be appreciated.
-- Ray
Running :
MikFroYo-v4.4
netarchy-toastmod-4.3.2-cfs-nosbc-havs-less-universal
I asked about this month ago and I would like to see this working.
It seems to work as far as making connections but I cannot get the traffic to use the tunnel.
I did see a post about clearing the ip tables, but not really sure how.
-Ray
Well first you need to make sure you have a kernel that has the correct tun.ko file (its kernel specific) Netarchy has it, I think Ziggy has it. Its in the /system/lib/modules
Second you need to decrypt your group password. Check google for cisco decrypt group password.
Enter all your info in. You should be able to connect.
Once you are connected you maybe able to log in your computer once but then it may not pop up the computer after. you need to run these scripts
I use scripter
to reset 3g connection
busybox ip rule del from all lookup gprs
to reset wifi
busybox ip rule del table wifi
Hope that works, if not pm me
Well I don't have tun.ko ? How ?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
erik077 said:
Well I don't have tun.ko ? How ?
Click to expand...
Click to collapse
Have you tried another Kernel?
No. I am beginner and didn't play with that
erik077 said:
No. I am beginner and didn't play with that
Click to expand...
Click to collapse
nand backup, then try a netarchy http://forum.xda-developers.com/showthread.php?t=719763
Make sure you wipe dalvik and cache before installing
I just removed amon_ra because nandroid backup does not work for me. Working for hour + and screen gets full of dots but no backups are made. Anyway software info says : Karnel version: 2.6.32.17-ck2CFS and [email protected] #011011
I am running Calkulin ROM ... should I try with ROM Manager backup?
so I got it to work by running the commands to clear the gprs and wifi tables (thanks!).
But only the first of my two connections is working. I just disconnected and tried the other of my VPN connections and I keep getting an error when running the script now.
RTNETLINK answers: No such file or directory
I can reconnect to the first, but not the other.
Going to try a reboot and try the second connection.
-Ray
erik077 said:
I just removed amon_ra because nandroid backup does not work for me. Working for hour + and screen gets full of dots but no backups are made. Anyway software info says : Karnel version: 2.6.32.17-ck2CFS and [email protected] #011011
I am running Calkulin ROM ... should I try with ROM Manager backup?
Click to expand...
Click to collapse
When using nand backup, wipe the dalvik cache before the backup.
Ziggys should work for you
It seems like it is still pretty buggy to make connections with VPNC.
I can connect and disconnect, but I need to cycle either 3G or WiFi in order to reset. That is not too bad on its own, but I was having issues accessing the local LAN on another of my connections, so not very consistent.
I also tried the WiFi hotspot on 3G while vpn'd and could not get my laptop to connect to the internal website that I could connect to on the phone browser.
Thanks for the help.
I don't think that OpenVPN can connect to a cisco ipsec vpn that uses group names yet, or can it?
-Ray A.
ultra74 said:
It seems like it is still pretty buggy to make connections with VPNC.
I can connect and disconnect, but I need to cycle either 3G or WiFi in order to reset. That is not too bad on its own, but I was having issues accessing the local LAN on another of my connections, so not very consistent.
I also tried the WiFi hotspot on 3G while vpn'd and could not get my laptop to connect to the internal website that I could connect to on the phone browser.
Thanks for the help.
I don't think that OpenVPN can connect to a cisco ipsec vpn that uses group names yet, or can it?
-Ray A.
Click to expand...
Click to collapse
Correct, I dont believe OpenVPN will connect to Cisco VPN using IPSec.
I am not sure I understood what you are saying but instead of cycling through Wifi and 3g, run the script. Using the scriptor I just click it.
The easiest way to connect to a Cisco VPN is to use a kernel that has the module built in. I've tried a lot of kernels and only Netarchy's had it built-in. Flash whatever ROM you like, then flash one of Net's kernels. Install the VPN connections app and configure it for your VPN.
I admin a Cisco VPN at work, and this has worked for me.
Sent from my PC36100 using XDA App
dwertz,
when I run the script the first time with scriptor, it goes fine. I make my connection and go.
Because I do work between two separate networks, I need to disconnect and connect to the other network. This does not work after I have connected to another network already. I can disconnect, disable/enable VPN, etc. The other connection says connection failed.
Running your commands again, gives me the error "RTNETLINK answers: No such file or directory".
The only thing that works, is to turn off then on 3G or WiFi then the scrips will not fail and I can then connect to the other network fine. It is like cycling the radio recreates a file and the script can clear it.
jerich007,
Yes, I tried the install and configure, and was able to connect, but was not able to get the traffic to use the tunnel, until I ran the script from dwertz, but with mixed results as I stated above.
I saw an entry from the second post by nivron that mentioned the vpnc-script was modified to fix this problem, but I was unable to find the location on android where I could replace the script for the modified one.
ultra74 said:
dwertz,
when I run the script the first time with scriptor, it goes fine. I make my connection and go.
Because I do work between two separate networks, I need to disconnect and connect to the other network. This does not work after I have connected to another network already. I can disconnect, disable/enable VPN, etc. The other connection says connection failed.
Running your commands again, gives me the error "RTNETLINK answers: No such file or directory".
The only thing that works, is to turn off then on 3G or WiFi then the scrips will not fail and I can then connect to the other network fine. It is like cycling the radio recreates a file and the script can clear it.
jerich007,
Yes, I tried the install and configure, and was able to connect, but was not able to get the traffic to use the tunnel, until I ran the script from dwertz, but with mixed results as I stated above.
I saw an entry from the second post by nivron that mentioned the vpnc-script was modified to fix this problem, but I was unable to find the location on android where I could replace the script for the modified one.
Click to expand...
Click to collapse
Did you try running the script before connecting to the different network? When you connect to a network it gets the ip table. When you try to connect to another network you need to clear the ip tables thus running the script.
Also I dont think DNS works so you might need to hard type the internal web address.
dwertz,
Yes, it seems to work correctly when connecting to the newer ASA, but the older vpn concentrator is not letting me access the remote lan intranet. Not sure exactly where the problem with that one is.
I do get dns resolution for the ASA network, but we did configure the dns settings in the vpn group in the asa, so that might be why. I will try the direct IP address for the other network.
I know that the cisco vpnclient for my laptop has an option for "Allow Local LAN Access", but not sure how that changes the client configuration.
Are you able to use wireless tether or the "modified" hotspot app while connected to the vpn?
-Ray
ultra74 said:
dwertz,
Yes, it seems to work correctly when connecting to the newer ASA, but the older vpn concentrator is not letting me access the remote lan intranet. Not sure exactly where the problem with that one is.
I know that the cisco vpnclient for my laptop has an option for "Allow Local LAN Access", but not sure how that changes the client configuration.
Are you able to use wireless tether or the "modified" hotspot app while connected to the vpn?
-Ray
Click to expand...
Click to collapse
I have never have tried to use wireless tether and vpn to get to my network. I wireless tether and VPN through my Mac but not the phone
Related
New Dopod rom - WPA-PSK problem
I've installed new Dopod rom on my HTC P3600. Everything works fine but I cannot connect to my AP using WPA-PSK TKIP. There is connection established but no data transfer. I've tried to connect to the same network using my laptop and everything if ok. Unsecured network also works fine. Any solution? andy76
WPA-PSK Did you make sure you typed in the same wpa code? Sometimes it can drive us nuts,seems like that could be one of the issues.Check on the MAC filter,DHCP server,make a file with the wpa-psk code that is on the pc and store it in the SDcard after that copy and paste when you set up the wifi on the HTC.
I use the same WPA-PSK TKIP, and I have no problem at all... Work fine for me...
I've a WPA-PSK Tkip and a WPA-PSK AES working. Did you correctly setup date and time on your device? Ciao
Same problem here. 'WPA2 PSK Mixed Mode (TKIP+AES)' not working with the new ROM. It tries to connect then the AP becomes 'Available' again. Kris
Kris404 said: Same problem here. 'WPA2 PSK Mixed Mode (TKIP+AES)' not working with the new ROM. It tries to connect then the AP becomes 'Available' again. Kris Click to expand... Click to collapse Sorry but I can't confirm your issue: one of mine AP is setup in mixed mode and I can connect with WPA2/AES without any problems. If it is a device issue, check if any program has overwritten a system dll wih an old version... But a behavior like this let me think about a wrong password or a system time problem... Ciao
my trinity is not connecting to the ap when i use dhcp. if i use a static ip address the connection works.
Thank You all for your replies. The data and time is set properly. The password is ok. I've changed router settings - cipher from TKIP to mix mode. It's helped. Regards, andy76
WiFi is broken after rooting
After I rooted, my phone won't connect to WiFi anymore. I started with the Cyanogen Mod (6.0.2). When I try to connect to a WiFi network, it tries to connect and gets to the "obtaining ip address" message, and finally fails to connect. I figured I should try a different mod and completely wipe the card. So, I did this via Rom Manager. I had it backup and wipe, then install Skyraider w/ Sense. The same problem persists. Does anyone have any ideas how I can troubleshoot this problem? Thanks!
Dumb question, but you did re-select the WiFi network you want to connect to, and re-entered the password for that network (if one is required)?
RMarkwald said: Dumb question, but you did re-select the WiFi network you want to connect to, and re-entered the password for that network (if one is required)? Click to expand... Click to collapse Yeah I have. I've tested this with multiple WiFi networks on each mod. It always gets to the point of "obtaining ip address" which to my understanding means the password has worked. Either way, I'll always long press to forget the password, and re-connect. Even disabling the password on the router still causes the same issue.
[Q] Rom with working VPN (PPTP) support
As stated in the topic I'm looking for a rom with working (!!) VPN support. I currently have cm7.0.3 installed and can't connect to my VPN via PPTP or OpenVPN. Actually that is not correct... The icon in the statusbar states that I'm connected but no data will get through. I.e. doing a 'ping google.com' from the terminal emulator gives me an 'unable to resolve ...' error. same with any url in the browser and so on (no data connection). one additional detail: via pptp i have to use encrypted connection ... thanks for your time reading
[Q] Wifi tether won't work, rooted KF and Evo 4G
I've searched several threads, but can't figure out what I'm doing wrong. Both devices definitely 100% rooted with superuser working fine, permissions granted for all apps. I installed wifi_tether_v3_1-beta14.apk on the phone. Device Profile: Evo 4G Setup-Method: Initially I tried Softap (master). That's the same as infrastructure mode, correct? Default SSID (AndroidTether) MSS Clamping checked Routing Fix checked If I attempt to run it with these settings, I get a popup informing me the wifi hotspot started, but with errors. The log just says most of the wifi steps failed, I can post details if needed. I don't think it's really running - no upload/download indicator showing at the bottom of the app. My PC can't see the hotspot. If I switch Setup-Method to Ad-hoc, it runs fine, no errors, PC can see it and connect to it. But KF can't connect to Ad-hoc... so lame. So, I got ZT-180 Adhoc Switcher.apk for the kindle fire, to switch it to ad-hoc mode. Went to settings, told it to connect to AndroidTether. Switched to Ad-Hoc mode. It says "attempting to connect" ... after a minute it gives up and keeps retrying. The hotspot shows in the list of wifi networks, but it's hanging at "Obtaining IP address". So, what's the issue? Infrastructure mode not working? Need to flash a custom rom? I read something about maybe needing a non-stock kernel? Upgrade or downgrade my radio?
I finally found a method that works, barely. Wifi Tether (app listed above) failed. Adhoc Switcher failed. Wifi Hotspot Widget failed. Elixir2's hotspot widget failed (connected but no surf). The one that worked is free and doesn't even need root apparently: Foxfi. I say it "barely" worked because even this has issues. When I tried to create a password, it wouldn't connect. But if I leave the password blank (no password) it does work. http://foxfi.com/bin/ I just told it to start running, and left the SSID at the default (FoxFi98 I believe).
[Guide] Enabling DIAG for QPST (updated)
Hi everyone, I have finally figured out how to get proper diag support on our device. This will allow us to use QPST and such. It will be a pretty short guide as it's quite simple, but it does enable us to do a whole lot of things we couldn't do before. Downloads * QPST * AsusVoLTE app Prerequsities * Both methods require root, at least initially. There are several threads on how to do that, so look those up if you need help. USB method Downloads * Qualcomm USB drivers Step 1 Install the drivers and QPST from above. If you've already done this from my VoLTE/VoWiFi guide there's no need to reinstall them. Step 2 When you've done that, install the AsusVoLTE app and connect the phone to the computer and open up it up. Press the Enable DIAG button, and you should hear/see a new device attaching. This should hopefully be enough, but if not, try rebooting the phone. If that still doesn't work try the Remote method below. Remote method Prerequsities * Both your computer and phone have to be connected to the same network. You may also need to allow port 2500 in your firewall. Step 1 Start by downloading and installing QPST from the link above, no drivers or such required. If you've already done this from following my VoLTE/VoWiFi guide you can safely skip this step. Step 2 Now run QPSTConfig.exe from the bin folder of the QPST install and wait for it to open up. Head to the IP Server tab and tick the Accept client connections box - we need to do this as we will be connecting to QPST remotely. Take a note of the Server IP Address (this should simply be the ip address of your computer), and potentially the Server Port below if you have changed it from the default value of 2500. Step 3 Open up the AsusVoLTE app on the phone, and enter the IP address from the Server IP Address in the field, and optionally, change the port number. After this you can simply press the Start button. Now that you have done this, you should, momentarily, see a new port appear in QPST Configuration under the Ports tab with a Port number like COM30001 and the Phone column should hopefully say SDM855 (0). If you do see this you are good to go! You can now start exploring EFS and such. Troubleshooting Some people have had issues connecting to the diag port, with EfsTools from the VoLTE guide returning BadCmd and QPST not working either. If you have this problem, try restoring modem settings by running this in bootloader (adb reboot bootloader, or press volume up while rebooting): Warning: This may cause issues with no service for some, do not run this without a full backup of all of the partitions (in particular, modemst1, modemst2, fsg and fsc) on the device! Code: REDACTED because people still run these commands without taking a backup Do note that this will reset any changes you may have done (like enabling VoLTE through PDC). Thanks to @xbamaris1` for troubleshooting this with me, and for confirming this worked! Let me know if this has worked for you, and if you have any questions!
I'm getting this: Code: ASUS_I001_1:/ # diag_socket_log -a 10.30.1.10 -p 2500 diag_socket_log: Diag_LSM_Init succeeded. diag: In diag_register_socket_cb, registered socket callback function diag_socket_log: Translating address: 10.30.1.10 diag_socket_log: Trying to connect to address: 10.30.1.10, port: 2500 diag_socket_log: Error calling connect: Operation already in progress, errno: 114 I'll try to restart my computer and phone. Maybe there were some remnants of tools running still.
dennis96411 said: I'm getting this: Code: ASUS_I001_1:/ # diag_socket_log -a 10.30.1.10 -p 2500 diag_socket_log: Diag_LSM_Init succeeded. diag: In diag_register_socket_cb, registered socket callback function diag_socket_log: Translating address: 10.30.1.10 diag_socket_log: Trying to connect to address: 10.30.1.10, port: 2500 diag_socket_log: Error calling connect: Operation already in progress, errno: 114 I'll try to restart my computer and phone. Maybe there were some remnants of tools running still. Click to expand... Click to collapse I had this problem to until I realized that its network based and your phone should be connected to your WIFI (at least thats what fixed it for me). However, Despite this, i am still not getting data from it. COM30001 from an IP of 192.168.1.211 (which is my phone) and it is still not able to browse data from QPST
Wait, I think I got it. I had to use the USB tethering feature of my phone to bypass whatever my router's doing. I also had to run ipconfig to grab the IP address that was assigned to my computer, and manually set that in the "Use specified IP address" box.
Is this IP-based method necessary? I can already see my phone in normal USB mode.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Update: It turns out I didn't need the IP-based method as my phone's already seen through USB. I'm not sure how I managed that.
dennis96411 said: Wait, I think I got it. I had to use the USB tethering feature of my phone to bypass whatever my router's doing. I also had to run ipconfig to grab the IP address that was assigned to my computer, and manually set that in the "Use specified IP address" box. Is this IP-based method necessary? I can already see my phone in normal USB mode. Update 2: It turns out I didn't need the IP-based method as my phone's already seen through USB. I'm not sure how I managed that. Click to expand... Click to collapse I really hope we can get QPST fully working. I'm in the same boat as you, was able to get SDM855(0) but nothing after that with QPST. Glad you got it to work though! I really want to try enabling some LTE bands (just want two as a start, 12 / 17. And MAYBE 66.
xbamaris1` said: I really hope we can get QPST fully working. I'm in the same boat as you, was able to get SDM855(0) but nothing after that with QPST. Glad you got it to work though! I really want to try enabling some LTE bands (just want two as a start, 12 / 17. And MAYBE 66. Click to expand... Click to collapse Does your phone not show up as a USB device like mine? I wonder how I got it to show up. It would be nice to find out so it would be easier to use QPST.
dennis96411 said: Does your phone not show up as a USB device like mine? I wonder how I got it to show up. It would be nice to find out so it would be easier to use QPST. Click to expand... Click to collapse Yeah it shows up as a USB device with SDM855(0) as the device. I actually had a different diagnostic driver that was the ANDROID Diag mode at some point, not sure if that was useful at all, but still no QPST data. Not sure how I managed to get the Qualcomm ANDROID Diag to show up (The exact interface / driver that showed up was: Qualcomm HS-USB Android DIAG 901D) it just magically appeared after trying to change the sys.usb.config at some point. Haven't been able to recreate it and not sure of the significance of it. But I believe QPST still registered it.
xbamaris1` said: Yeah it shows up as a USB device with SDM855(0) as the device. I actually had a different diagnostic driver that was the ANDROID Diag mode at some point, not sure if that was useful at all, but still no QPST data. Not sure how I managed to get the Qualcomm ANDROID Diag to show up (The exact interface / driver that showed up was: Qualcomm HS-USB Android DIAG 901D) it just magically appeared after trying to change the sys.usb.config at some point. Haven't been able to recreate it and not sure of the significance of it. But I believe QPST still registered it. Click to expand... Click to collapse Try these drivers: https://androidfilehost.com/?fid=11410963190603864074 This is what mine shows up as after running "setprop sys.usb.diag2 1":
dennis96411 said: Try these drivers: https://androidfilehost.com/?fid=11410963190603864074 This is what mine shows up as after running "setprop sys.usb.diag2 1": Click to expand... Click to collapse Thats what I have now, and usually do have when I enable it. I just thought it was strange when I suddenly got that other interface to connect. Again, not sure the significance of what I had since QPST still didn't work. But just was something I came across while trying to tinker.
xbamaris1` said: Thats what I have now, and usually do have when I enable it. I just thought it was strange when I suddenly got that other interface to connect. Again, not sure the significance of what I had since QPST still didn't work. But just was something I came across while trying to tinker. Click to expand... Click to collapse Which version of QPST Configuration do you have? This is mine.
dennis96411 said: Wait, I think I got it. I had to use the USB tethering feature of my phone to bypass whatever my router's doing. I also had to run ipconfig to grab the IP address that was assigned to my computer, and manually set that in the "Use specified IP address" box. Is this IP-based method necessary? I can already see my phone in normal USB mode. Update: It turns out I didn't need the IP-based method as my phone's already seen through USB. I'm not sure how I managed that. Click to expand... Click to collapse It's not necessary, no - if you get it to show up in usb you won't need to do any of this. I could, however, never get the phone to connect in usb mode - it just shows as No phone. I will try those drivers you posted and update the guide.
I've updated the guide in the first post - it now has both the usb method and remote method. I managed to get diag working through USB, but it seems to be a bit fiddly and sometimes required that I reboot the phone before it started working. If you don't want to use the app to enable diag you can simply run this in a root shell: setprop sys.usb.diag 2
HomerSp said: I've updated the guide in the first post - it now has both the usb method and remote method. I managed to get diag working through USB, but it seems to be a bit fiddly and sometimes required that I reboot the phone before it started working. If you don't want to use the app to enable diag you can simply run this in a root shell: setprop sys.usb.diag 2 Click to expand... Click to collapse Oh did those drivers make a difference for you?
HomerSp said: I've updated the guide in the first post - it now has both the usb method and remote method. I managed to get diag working through USB, but it seems to be a bit fiddly and sometimes required that I reboot the phone before it started working. If you don't want to use the app to enable diag you can simply run this in a root shell: setprop sys.usb.diag 2 Click to expand... Click to collapse How to change imei with EFS
QPST via remote using your guide worked for me. I am able to use EFS Explorer. Thank you @HomerSp!
Will doing this, to eventually turn on VoLTE and VoWiFi, lock me out of Google Pay and similar services? Sorry if it's a stupid question, I've not toyed around with rooting since it began disabling pay and bank features that I have enjoyed using.
XavierBK said: Will doing this, to eventually turn on VoLTE and VoWiFi, lock me out of Google Pay and similar services? Sorry if it's a stupid question, I've not toyed around with rooting since it began disabling pay and bank features that I have enjoyed using. Click to expand... Click to collapse Magisk (the root method) hides itself from bank apps and such, but you can do a SafetyNet check in the magisk manager app, and if that passes so you should be good to go. Only thing you won't be able to get with the bootloader unlocked is HD video in Netflix and Amazon video.
This is very interesting. I read in another thread that with nvram access you can try to enable bands (but it may not work). Is this to the point where that can be tried?
ChronoReverse said: This is very interesting. I read in another thread that with nvram access you can try to enable bands (but it may not work). Is this to the point where that can be tried? Click to expand... Click to collapse Yes indeed, but we have yet to find a way to enable additional bands. We are working on it though, so hopefully we'll have something soon.
Hi, can we use QPST to unlock LTE band on 8G/128G version?