CM9 Alpha 3 for Epic 4G Touch
Opened this issue · 1 comments
GoogleCodeExporter commented
What steps will reproduce the problem? Please be descriptive.
1.Install get-a-robot-vpnc
2.Install cisco anyconnect for rooted phones (I think this adds some tun
support symbolic links)
3.chmod /dev/tun and /dev/net 777 (why should I have to do that?)
4.Try to connect to a cisco concentrator
5.Look at the logs. DHCP assigns a DNS server, the tun interface gets an IP but
traffic does not reach the VPN. Have tried combinations of 4g, 3g and
--natt-mode cisco-udp
What is the expected output? What do you see instead?
To be able to use the VPN
What version of the product are you using?
get-a-robot-vpnc .99
Epic Touch CM9 Alpha 3
Please provide any additional information below. Attach a logcat if
possible.
netcfg before running vpnc:
lo UP 127.0.0.1/8 0x00000049
00:00:00:00:00:00
ppp0 UP 21.195.235.228/32 0x000010d1
00:00:00:00:00:00
sit0 DOWN 0.0.0.0/0 0x00000080
00:00:00:00:00:00
ip6tnl0 DOWN 0.0.0.0/0 0x00000080
00:00:00:00:00:00
getprop net.dns1 before running vpnc:
66.1.0.132
netcfg after running vpnc:
lo UP 127.0.0.1/8 0x00000049
00:00:00:00:00:00
ppp0 UP 21.195.235.228/32 0x000010d1
00:00:00:00:00:00
sit0 DOWN 0.0.0.0/0 0x00000080
00:00:00:00:00:00
ip6tnl0 DOWN 0.0.0.0/0 0x00000080
00:00:00:00:00:00
tun0 UP 192.168.67.131/32 0x000010d1
00:00:00:00:00:00
getprop net.dns1 before running vpnc:
192.168.67.1
ip show route
default dev tun0 scope link
66.1.0.193 dev ppp0 scope link
66.1.0.192 dev ppp0 proto kernel scope link src 21.194.40.20
192.168.67.1/23 dev tun0 scope link
What is going wrong? Can anyone else get this to work? It worked on the
gunslinger kernel with vpnc .99 on Calkulin's E4GT v2.8.1
Original issue reported on code.google.com by nichols....@gmail.com
on 22 Apr 2012 at 7:40
GoogleCodeExporter commented
An update... It looks like not all output is redirected to lasConnection.log
I ran vpnc-script from the terminal and got this:
quick mode response rejected: (ISAKMP_N_INVALID_PAYLOAD_TYPE)(1)
this means the concentrator did not like what we had to offer.
Possible reasons are:
* concentrator configured to require a firewall
this locks out even Cisco clients on any platform expect windows
which is an obvious security improvment. There is no workaround (yet).
* concentrator configured to require IP compression
this is not yet supported by vpnc.
Note: the Cisco Concentrator Documentation recommends against using
compression, expect on low-bandwith (read: ISDN) links, because it
uses much CPU-resources on the concentrator
Anyone?
Original comment by nichols....@gmail.com
on 22 Apr 2012 at 7:58