We want to use AirVPN's SSL tunneling mode on Android. SSL tunneling can be very useful, especially to defeat firewalls that block OpenVPN or SSH on a protocol level. On Android, a few obstacles have to be worked around:Ī. there is no AirVPN Eddie client for Android. Solution: We will use OpenVPN and stunnel directly.ī. there is no stunnel app in any Android appstore. Solution: we will download the stunnel Android binary (provided by the stunnel project itself) and run it from the commandline.Ĭ. Android does not allow us to execute any programs from the sdcard. Solution: we will move stunnel to a special location (owned by the Terminal app), which will allow the Terminal app to execute stunnel.ĭ. stunnel wants to write to /tmp/, but there's no /tmp/ on Android. Generate config files with AirVPN's config generator a separate computer to download/edit the necessary config files and binaries (entirely optional, but easier than doing everything on the Android device itself)ġ.Jack Palevich's Terminal Emulator for Android (FOSS), via F-Droid or Play Store.OpenVPN for Android (FOSS), via F-Droid or Play Store.stunnel compiled for Android (FOSS), via project website.Android 4.0 or newer (device does not have to be rooted).ssl config file to change the pidfile location to a writable directory. for Connection Mode, choose SSL Tunnel, port 443 (visible after enabling Advanced Mode).leave all the other settings at their default values.download and unzip the generated zip file.this should result in an AirVPN folder, containing three filesĢ. Open the ssl config file (AirVPN_GB-Manchester_Nunki_SSL-443.ssl) in a text editor. #!/system/bin/shcd /data/data/jackpal.androidterm/app_HOME./stunnel AirVPN_GB-Manchester_Nunki_SSL-443.ssl In a text editor, create a new file with the following contents: Pid = /data/data/jackpal.androidterm/app_HOME/stunnel4.pidģ. Save it to a file named nunki (no file extension). Download and unzip stunnel for Android from the stunnel website () Put the file into the AirVPN folder, next to our other config files.Ĥ. Put the stunnel file (only the file, not the folder) into the AirVPN folder.ĥ. Make sure your AirVPN folder now contains the following files:ĪirVPN_GB-Manchester_Nunki_SSL-443.ovpnAirVPN_GB-Manchester_Nunki_Ħ. Copy the whole AirVPN folder to your Android's SD card.ħ. Install OpenVPN for Android via F-Droid or Play Store and import the. sdcard/AirVPN/AirVPN_GB-Manchester_Nunki_SSL-443.ovpnĨ. Install Terminal Emulator for Android, via F-Droid or Play Storeĩ. Open Terminal Emulator and successively run the following commands: #STUNNEL CMD COMANDS INSTALL# The simple cd command should take you to the app's home directory ( /data/data/jackpal.androidterm/app_HOME). This is where we need to put our config files and the stunnel binary. Open Terminal Emulator and run the following two commands:Ī log message should appear: Configuration successful Typing commands on Android is a big pain, so I try to keep them as short as possible!įinally, we need to modify permissions for the binary and the script, allowing us to execute them: It's important to type every character correctly (commandline is case sensitive) the "*" is a wildcard expanding to all files in the AirVPN folder, and the "." is a placeholder for the current directory /data/data/jackpal.androidterm/app_HOME. All other non-option arguments after the first are ignored.Open OpenVPN for Android and connect to the profile AirVPN_GB_Manchester_Nunki_SSL-443 Great! Keep the Terminal app running, but use the Home button to get out. "Įcho "The first non-option argument is the name of the input file if no input file is specified, then the standard input is read. "Įcho " -i, -in-place= Edit the file in place (makes backup if extension supplied), ignored if no input file is supplied. "Įcho " -r, -remote-random Add remote-random to the AirVPN config (this will cause OpenVPN to randomize the server order when connecting). "Įcho " -c, -count= Change the amount of pings ran by fping for more accurate ping sorting. "Įcho " -s, -server= The name server you wish to query the records against. "Įcho " -q, -query= Supply the DNS record you wish to query to use the IPs from. "Įcho " $PACKAGE "Įcho " -p, -port= Override the port supplied on each remote line. Remotes are placed in order of lowest ping to highest. If ] thenĮcho " Use dig and fping generate multiple remotes for an AirVPN config, replacing existing remote(s), and ignoring IPs that aren't responding. If ! command -v fping & > /dev/null thenĮcho " $PACKAGE: fping is not installed.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |