Jump to content


Photo
* * * * * 6 votes

[How-To] [OBSOLETE] AirVPN through stunnel on Android


  • Please log in to reply
37 replies to this topic

#21 pyq

pyq

    Member

  • Members
  • PipPip
  • 18 posts

Posted 26 March 2017 - 06:46 AM

I followed the first guide and it seems everything worked fine, except, that the profile doesn't show up in OpenVPN for Android after running ./antares (I used the antares server). Did I miss something?

 

You have to add the .ovpn in OpenVPN for Android after running ./antares

 

Make sure it's the .ovpn for SSL 443 from the other files you generated in the config generator.

Thanks, I had the feeling I should do that.

However, I cannot connect for some reason. Here's my log from OpenVPN for Android:

 

Spoiler

 

Any idea?
 
I also tried to second guide, but receive an error in OpenVPN Connect saying "Unknown Open VPN event occured: Transport error cn '127.0.0.1: NETWORK_RECV_ERROR. Unfortunately I don't know how to copy the log from that app.


#22 pyq

pyq

    Member

  • Members
  • PipPip
  • 18 posts

Posted 26 March 2017 - 06:59 AM

And my log from Terminal Emulator (somehow I couldn't create a second spoiler above):

 

Spoiler


#23 greenclaydog

greenclaydog

    Advanced Member

  • Members
  • PipPipPip
  • 254 posts

Posted 26 March 2017 - 04:10 PM

The second guide never really worked for me. it would always work once, but requires resetting every time i lost connection. Stick to the first guide.

 

Did you add terminal emulator to the configs exclusion list? Essentially if you don't do that it will sever the SSL connection every time you attempt a connection. Excluding it allows the Terminal Emulator's connection to run via the naked ISP, since that is the app which will in essence be tunneling your encrypted data.



#24 pyq

pyq

    Member

  • Members
  • PipPip
  • 18 posts

Posted 27 March 2017 - 03:32 AM

Did you add terminal emulator to the configs exclusion list?

Not that I knew. Which config are you talking of? Could you please explain how I can do that?

 

Also, supposed it was working, then I would have to run "./servername" in the emulator every time I want to use the VPN, right (like after rebooting my phone)?



#25 pyq

pyq

    Member

  • Members
  • PipPip
  • 18 posts

Posted 14 April 2017 - 11:23 AM

My session via OpenVPN for Android ends after about a minute or so. I have to either manually reconnect or turn the screen off for a short time and on again, which is too annoying to deal with every minute. Is there a way to fix that? First I thought it might have to do with the server, but I tried four different ones, all the same no matter what time of the day. I am not using any google services though, since I'm using the Chinese version OnePlus 3, might that be the problem?

#26 klonzanit

klonzanit

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 23 April 2017 - 06:11 PM

Please help me.

Hi. Help to adjust to me airvpn.
 I have linux unbutu 17.04
I have no openvpn, there is only Point-to-Point
 Tuneling Protokol (PPTP)
I speak Russian, on English I don't understand. Write please the step-by-step instruction.
I transferred dialogue in the translator.



#27 ruraltom

ruraltom

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 22 May 2017 - 02:29 AM

Any way to automate the connect and disconnect process?



#28 Son_Goku98

Son_Goku98

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 21 July 2017 - 01:06 PM

Is there anyway you can make a video about doing it besides typing the instructions?

#29 philairvpn

philairvpn

    Newbie

  • New Members
  • Pip
  • 3 posts

Posted 15 September 2017 - 12:33 AM

Did you add terminal emulator to the configs exclusion list? Essentially if you don't do that it will sever the SSL connection every time you attempt a connection. Excluding it allows the Terminal Emulator's connection to run via the naked ISP, since that is the app which will in essence be tunneling your encrypted data.

 

Thanks! To anyone having problems, I was skeptical but I can confirm this actually resolved my issue.

 

Not that I knew. Which config are you talking of? Could you please explain how I can do that?

 

Within OpenVPN for Android, under the profiles tab, edit the profile (click the pencil to the right of it) -> Allowed Apps tab, scroll down to Terminal Emulator and check the box.



#30 kulboza

kulboza

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 07 October 2017 - 05:45 PM

Goal and obstacles

We want to use AirVPN's SSL tunneling mode on Android. SSL tunneling can be very useful, especially to defeat firewalls that block OpenVPN or SSH on a protocol level. On Android, a few obstacles have to be worked around:

a. there is no AirVPN Eddie client for Android.
Solution: We will use OpenVPN and stunnel directly.

b. there is no stunnel app in any Android appstore.
Solution: we will download the stunnel Android binary (provided by the stunnel project itself) and run it from the commandline.

c. Android does not allow us to execute any programs from the sdcard.
Solution: we will move stunnel to a special location (owned by the Terminal app), which will allow the Terminal app to execute stunnel.

d. stunnel wants to write to /tmp/, but there's no /tmp/ on Android.
Solution: we will modify the .ssl config file to change the pidfile location to a writable directory.
 

 

 

Software Requirements

  • Android 4.0 or newer (device does not have to be rooted)
  • stunnel compiled for Android (FOSS), via project website
  • OpenVPN for Android (FOSS), via F-Droid or Play Store
  • Jack Palevich's Terminal Emulator for Android (FOSS), via F-Droid or Play Store
  • a separate computer to download/edit the necessary config files and binaries (entirely optional, but easier than doing everything on the Android device itself)

 

 

Setup instructions

 

1. Generate config files with AirVPN's config generator

  • choose Linux
  • pick one single server of your choice. I will use Nunki for this tutorial!
  • for Connection Mode, choose SSL Tunnel, port 443 (visible after enabling Advanced Mode)
  • enable Resolved hosts in .ovpn file
  • leave all the other settings at their default values
  • download and unzip the generated zip file
  • this should result in an AirVPN folder, containing three files

 

2. Open the ssl config file (AirVPN_GB-Manchester_Nunki_SSL-443.ssl) in a text editor.

Find the line:

pid = /tmp/stunnel4.pid

Change it to:

pid = /data/data/jackpal.androidterm/app_HOME/stunnel4.pid

Save and close the file.

 

 

3. In a text editor, create a new file with the following contents:

#!/system/bin/sh
cd /data/data/jackpal.androidterm/app_HOME
./stunnel AirVPN_GB-Manchester_Nunki_SSL-443.ssl

Save it to a file named nunki (no file extension).
Put the file into the AirVPN folder, next to our other config files.

 

 

4. Download and unzip stunnel for Android from the stunnel website (stunnel-X.XX-android.zip)

Put the stunnel file (only the file, not the folder) into the AirVPN folder.


5. Make sure your AirVPN folder now contains the following files:

AirVPN_GB-Manchester_Nunki_SSL-443.ovpn
AirVPN_GB-Manchester_Nunki_SSL-443.ssl
nunki
stunnel
stunnel.crt

 

6. Copy the whole AirVPN folder to your Android's SD card.

 

The path should be:

/sdcard/AirVPN/

 

7. Install OpenVPN for Android via F-Droid or Play Store and import the .ovpn config file located at

/sdcard/AirVPN/AirVPN_GB-Manchester_Nunki_SSL-443.ovpn

Don't try to connect just yet.

 

8. Install Terminal Emulator for Android, via F-Droid or Play Store

 

 

9. Open Terminal Emulator and successively run the following commands:

cd

The simple cd command should take you to the app's home directory (/data/data/jackpal.androidterm/app_HOME).

This is where we need to put our config files and the stunnel binary. Let's move them over by running:

mv /sdcard/AirVPN/* .

It's important to type every character correctly (commandline is case sensitive); the "*" is a wildcard expanding to all files in the AirVPN folder, and the "." is a placeholder for the current directory /data/data/jackpal.androidterm/app_HOME. Typing commands on Android is a big pain, so I try to keep them as short as possible!

Finally, we need to modify permissions for the binary and the script, allowing us to execute them:

chmod 555 stunnel nunki

 

We should be ready to go!

 

 

Usage instructions

 

I. Open Terminal Emulator and run the following two commands:
 

cd
./nunki

A log message should appear: Configuration successful
Great! Keep the Terminal app running, but use the Home button to get out.

 

II. Open OpenVPN for Android and connect to the profile AirVPN_GB_Manchester_Nunki_SSL-443

Unless something went wrong, you should get Initialization Sequence Completed - great!

I recommend performing the usual leak tests and perhaps diving into OpenVPN's profile settings before relying on your configuration to work as you expect it to.

 

 

III. To disconnect:

  • Disconnect VPN in OpenVPN
  • open Terminal Emulator, press VOLUME_DOWN + C to kill stunnel
  • press the X button to close the terminal session

 

IV. If stunnel isn't shutdown properly, you may see an error if you try to run stunnel again:
 

[!] Error binding service [openvpn] to 127.0.0.1:1413
[!] bind: Address already in use (98)
[ ] Closing service [openvpn]
[ ] Service [openvpn] closed

 

This means stunnel is still running in the background. You can kill it by running:

 

killall stunnel

 

 

 

 

Footnotes

 

I successfully followed my own tutorial using:

CyanogenMod 12.1 nightly (≈ Android 5.1)
stunnel 5.23
OpenVPN for Android 0.6.35 (F-Droid)
Terminal Emulator 1.0.70 (F-Droid)

Testers welcome, especially if you're using different Android and software versions.

 

Credits:

 

i make all the steps but this  step "./nunki " did not work 

Screen shot : https://drive.google.com/open?id=0BxLl0pieiia6aEdZLV9vUm9scUk



#31 hugomueller

hugomueller

    Advanced Member

  • Members
  • PipPipPip
  • 120 posts

Posted 04 December 2017 - 06:45 PM

I could establish a stunnel connection on android (light is green) but if if I start open vpn and try to connect I get:

NETWORK EOF ERROR

 

See attache files:

2017-12-04 19_43_58.png

 

Happens with openvpn for android and openvpn connect.



#32 sheivoko

sheivoko

    Advanced Member

  • Members
  • PipPipPip
  • 213 posts
  • LocationPGP 0x823762e626318758

Posted 04 December 2017 - 10:38 PM

I could establish a stunnel connection on android (light is green) but if if I start open vpn and try to connect I get:

NETWORK EOF ERROR

 

See attache files:

attachicon.gif2017-12-04 19_43_58.png

 

Happens with openvpn for android and openvpn connect.

 

Are you on Android 7.0 or newer? It looks like Android 7.0 introduced some changes that make it impossible to use OpenVPN through stunnel. Unfortunately, this tutorial is obsolete unless a solution is found.

 

Related bug reports:

https://www.stunnel.org/pipermail/stunnel-users/2017-October/005845.html

https://github.com/schwabe/ics-openvpn/issues/740

https://productforums.google.com/forum/#!topic/nexus/8SybHHQoEDg


all of my content is released under CC-BY-SA 2.0

PGP: A6440E1F195A962035455B22823762E626318758


#33 DarkSpace-Harbinger

DarkSpace-Harbinger

    Advanced Member

  • Members
  • PipPipPip
  • 67 posts
  • LocationThe Bleak Lands

Posted 05 December 2017 - 02:19 AM

I could establish a stunnel connection on android (light is green) but if if I start open vpn and try to connect I get:

NETWORK EOF ERROR

 

See attache files:

attachicon.gif2017-12-04 19_43_58.png

 

Happens with openvpn for android and openvpn connect.

 

Are you on Android 7.0 or newer? It looks like Android 7.0 introduced some changes that make it impossible to use OpenVPN through stunnel. Unfortunately, this tutorial is obsolete unless a solution is found.

 

Related bug reports:

https://www.stunnel.org/pipermail/stunnel-users/2017-October/005845.html

https://github.com/schwabe/ics-openvpn/issues/740

https://productforums.google.com/forum/#!topic/nexus/8SybHHQoEDg

 

 

I must be out of the loop. I've been using Stunnel and OpenVPN on my Google Pixel with no issues, and it released with Nougat pre-installed.

 

The only thing you need to do is exclude Terminal Emulator from the VPN tunnel using OpenVPN for Android.

 

The problem is, when you don't do this it tries to route Stunnel through OpenVPN, and OpenVPN is trying to route through Stunnel. By excluding Termninal Emulator you allow Stunnel to remain unrouted by OpenVPN, and OpenVPN can make it's connection with Stunnel properly.



#34 hugomueller

hugomueller

    Advanced Member

  • Members
  • PipPipPip
  • 120 posts

Posted 05 December 2017 - 07:18 AM

I must be out of the loop. I've been using Stunnel and OpenVPN on my Google Pixel with no issues, and it released with Nougat pre-installed.

 

The only thing you need to do is exclude Terminal Emulator from the VPN tunnel using OpenVPN for Android.

 

The problem is, when you don't do this it tries to route Stunnel through OpenVPN, and OpenVPN is trying to route through Stunnel. By excluding Termninal Emulator you allow Stunnel to remain unrouted by OpenVPN, and OpenVPN can make it's connection with Stunnel properly.

 

This did the trick! Thanks a lot! I was not using terminal emulator but the SSL/TLS Tunnel app. I had to put it on the exclusion list and it worked!



#35 sheivoko

sheivoko

    Advanced Member

  • Members
  • PipPipPip
  • 213 posts
  • LocationPGP 0x823762e626318758

Posted 05 December 2017 - 04:28 PM

DarkSpace-Harbinger's solution works, thanks! This whole tutorial needs a make-over, it contains too many outdated statements. I'll work on a new version soon, unless somebody else wants to take over which would be much appreciated. I'm not an Android power user at all.

all of my content is released under CC-BY-SA 2.0

PGP: A6440E1F195A962035455B22823762E626318758


#36 PirstK

PirstK

    Newbie

  • New Members
  • Pip
  • 1 posts

Posted 05 December 2017 - 05:15 PM

When will the next update? I have a hard time starting on my system.

Any ideas?


My pc: I5 3660k,gtx 1060,16 gb ram.
New hobby.

#37 sheivoko

sheivoko

    Advanced Member

  • Members
  • PipPipPip
  • 213 posts
  • LocationPGP 0x823762e626318758

Posted 05 December 2017 - 06:02 PM

When will the next update? I have a hard time starting on my system.

Any ideas?

 

 

Thursday/Friday unless somebody else beats me to it.


all of my content is released under CC-BY-SA 2.0

PGP: A6440E1F195A962035455B22823762E626318758


#38 sheivoko

sheivoko

    Advanced Member

  • Members
  • PipPipPip
  • 213 posts
  • LocationPGP 0x823762e626318758

Posted 07 December 2017 - 08:25 PM

Attention everybody: A new and improved version of this tutorial  can be found here:

https://airvpn.org/topic/24349-how-to-airvpn-via-sslstunnel-on-android-678/


  • LZ1 likes this

all of my content is released under CC-BY-SA 2.0

PGP: A6440E1F195A962035455B22823762E626318758






Similar Topics Collapse

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 14428 - BW: 49578 Mbit/sYour IP: 54.92.153.90Guest Access.