Topazstix / sandrop

Automatically exported from code.google.com/p/sandrop
0 stars 0 forks source link

Anyconnect SSL VPN doesn't work with Secure Android Proxy #78

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Configure sandrop according to instructions
2. Remote connect to Anyconnect VPN using 3.0.x client for Android
3. Attempt to browse using Android web browser or Android apps

What is the expected output? What do you see instead?
I'd expect the SSL VPN connection to use the sandrop settings, but I confirmed 
after connecting that all external web sites were going direct and blocked by 
the corporate firewall instead of connecting through the configured proxy 
settings.

What version of the product are you using? On what operating system?
I'm using the SandroProxy version 1.4.7.4 on my HTC EVO 4g LTE running Droid OS 
version 4.1.1.

Please provide any additional information below.
I also confirmed using the sandrop built-in 'netstat' feature that during the 
VPN connection, no connections were attempted to connect to my proxyserver:port 
destination.  Once I disconnect the SSL VPN connection, the connection attempts 
to the corporate internal proxyserver:port occur immediately.

Original issue reported on code.google.com by christop...@gmail.com on 3 Jun 2013 at 7:27

GoogleCodeExporter commented 8 years ago
Will investigate. I must say that did not really tested with any vpn tunneling.

But seems to me that this is more android os feature that global proxy settings 
are not respect than SandroProxy problem.
Maybe add another vote for this issue :)
http://code.google.com/p/android/issues/detail?id=33935

If you have rooted phone you can try to redirect traffic with sandroproxy app 
tab.
It will generate iptables rules.

Original comment by supp.san...@gmail.com on 3 Jun 2013 at 7:43

GoogleCodeExporter commented 8 years ago

Original comment by supp.san...@gmail.com on 3 Jun 2013 at 7:43

GoogleCodeExporter commented 8 years ago
http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/rele
ase/notes/rn-ac3.0-android.html

Table 1 AnyConnect Android Features
Private-side proxy support:No: No, WiFi proxies are disabled when the VPN is 
established. 

Original comment by supp.san...@gmail.com on 3 Jun 2013 at 8:30

GoogleCodeExporter commented 8 years ago
That's definitely the problem.  I didnt realize the VPN client disabled the 
wifi proxy settings.  Thanks for the follow-up.

I'll use sandoproxy for the corporate wifi connection and wait for a more more 
permenant solution  for the VPN use case.

Thanks!

Original comment by christop...@gmail.com on 4 Jun 2013 at 12:47

GoogleCodeExporter commented 8 years ago

Original comment by supp.san...@gmail.com on 4 Jun 2013 at 7:29