Make path to ifconfig and route configurable upon installation

[GoogleCodeExporter]

Original post from:
http://github.com/fries/android-external-openvpn/issues#issue/2

I have a problem with OpenVPN Settings and my HTC Hero / T-Mobile G2 - i
have installed the MoDaCo custom ROM 3.2.

So Busybox is integrated, but i have no /system/xbin/bb/ifconfig - if i ask
'which ifconfig' i get /system/xbin/ifconfig (which links to busybox)

if i want to start my openvpn config, after entering the password i get
this error:
FATAL: Linux ifconfig failed: could not execute external program

Can you fix this for the MoDaCo Hero users? :)

Let me know if i can help you in any way!

Original issue reported on code.google.com by friedrich.schaeuffelhut on 15 Mar 2010 at 9:57

[GoogleCodeExporter]

Added a dialog to choose path to ifconfig and route.

Original comment by friedrich.schaeuffelhut on 15 Mar 2010 at 9:59

Attachments:

• OpenVPN-Installer-0.2.2test1.apk

[GoogleCodeExporter]

thank you for this release!

so in the OpenVPN Settings it is "Connected to [IP] as" - that worked now! :)

but still it looks lik i'm not in the VPN - the up: and down: values are not 
changing
when i make some traffic with f.e. the browser or the youtube app (up: 0.02kBps 
-
down: 0.02 kBps).

when i do a ifconfig on the console of my hero i get the following devices, with
openvpn running and without:
lo, rmnet0

so there is no tun0 - but there should be, right?

so i restarted my phone, made an 
 lsmod
 "tun 11172 0 - Live 0xbf000000"

then i tried to:
 su
 ifconfig tun0 up
 "ifconfig: SIOCGIFFLAGS: No such device"

so OpenVPN Settings shows me a valid IP where it is connected, but the traffice 
is
not going thought the VPN. Whats the problem with my HTC Hero? :)

Original comment by stefan.l...@gmail.com on 17 Mar 2010 at 8:32

[GoogleCodeExporter]

First we should make sure the vpn connection is established and the interface is
configured correctly. Could you please start openvpn from the commandline and 
see if
there are any errors when it configures the interface? Then try to ping your 
peer. If
this works the interface should be configured correctly (You should also see the
up/down counters changing while pinging). You may also check the configuration 
using
ifconfig. But make sure you are using ifconfig from busybox, by using the full 
path.

No traffic will be redirected through the tunnel. This only happens if you use 
the
redirect-gateway option in your openvpn config, which I have not tested so far.

Original comment by friedrich.schaeuffelhut on 18 Mar 2010 at 10:35

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

i did as superuser:
# openvpn /sdcard/openvpn/user.conf
Fri Mar 19 10:48:56 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built
on Feb  2 2010
Fri Mar 19 10:48:56 2010 NOTE: 
OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined 
scripts or
executables
Fri Mar 19 10:48:57 2010 
WARNING: this configuration may cache passwords in memory -- use the 
auth-nocache
option to prevent this
Fri Mar 19 10:48:57 2010 Cannot load private key file 
/sdcard/openvpn/user.okey: 
error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib
Fri Mar 19 10:48:57 2010 Error: 
private key password verification failed
Fri Mar 19 10:48:57 2010 Exiting

strange, i was not asked for a 
password...

Original comment by stefan.l...@gmail.com on 19 Mar 2010 at 1:35

[GoogleCodeExporter]

Ah, I remember. Android libc (bionic) does not support the getpass function 
which
openvpn seems to use when asking for the passphrase. When I ported openvpn I 
created
a stub just returning the empty string. (It's defined here: 
http://github.com/fries/android-external-openvpn/blob/master/missing.c). That's 
the
reason you where not asked for a passphrase. 

OpenVPN-Settings will advice openvpn to ask for a passphrases via the management
interface.

Original comment by friedrich.schaeuffelhut on 19 Mar 2010 at 9:11

[GoogleCodeExporter]

thank you for the detailed explanation!

so actually i can't test if openvpn on console is working, right?

Original comment by stefan.l...@gmail.com on 19 Mar 2010 at 10:02

[GoogleCodeExporter]

Actually you could use the '--askpass [file]' option. This would read the 
passphrase
from a file. This should be good enough for testing. 

Original comment by friedrich.schaeuffelhut on 19 Mar 2010 at 10:19

[GoogleCodeExporter]

ok, thanks for the hint!

# su
# echo [mypassword] > /sdcard/pw
# openvpn --askpass /sdcard/pw /sdcard/openvpn/user.conf
Options error: You must define TUN/TAP device (--dev)
Use --help for more information

well, is the following right?

# openvpn --askpass /sdcard/pw --dev tun0 /sdcard/openvpn/user.conf
Sat Mar 20 09:29:04 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built
on Feb  2 2010
Sat Mar 20 09:29:04 2010 WARNING: file '/sdcard/pw' is group or others 
accessible
Sat Mar 20 09:29:04 2010 IMPORTANT: OpenVPN's default port number is now 1194, 
based
on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier 
used
5000 as the default port.
Sat Mar 20 09:29:04 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher
to call user-defined scripts or executables
Sat Mar 20 09:29:04 2010 ******* WARNING *******: all encryption and 
authentication
features disabled -- all data will be tunnelled as cleartext
Sat Mar 20 09:29:04 2010 TUN/TAP device tun0 opened
Sat Mar 20 09:29:04 2010 UDPv4 link local (bound): [undef]:1194
Sat Mar 20 09:29:04 2010 UDPv4 link remote: [undef]

Now the cursor waits there... i tried to reach some server on my VPN but there 
are
just timeouts...

Actually it does not matter if the text in the file is is the right password or 
not,
i get the same output as above... any hints?

Original comment by stefan.l...@gmail.com on 20 Mar 2010 at 8:53

[GoogleCodeExporter]

Hmm, could you post your config?
The command line seems to be correct. But I would first cd into 
/sdcard/openvpn/ and
then call 'openvpn --askpass /sdcard/pw --dev tun0 user.conf'. You might also 
add
--verb 4 or --verb 5 to get more verbose debugging output.

Original comment by friedrich.schaeuffelhut on 22 Mar 2010 at 2:20

• Added labels: Type-Task
• Removed labels: Type-Enhancement

[GoogleCodeExporter]

ok, i did what you told :)

cd /sdcard/openvpn
openvpn --askpass /sdcard/pw --dev tun0 --verb 5 user.conf > openvpn.txt

hope that helps!

Original comment by stefan.l...@gmail.com on 28 Mar 2010 at 8:56

Attachments:

• openvpn.txt
• user.conf

[GoogleCodeExporter]

Here's my problem, the 2.1.1 version is having some problem with ifconfig.  
However
ifconfig is located in these places:

./system/bin/ifconfig
./system/xbin/bb/ifconfig
./system/xbin/ifconfig

and 'which ifconfig' shows:  /system/xbin/ifconfig

Here's the log showing the error.  Any ideas?  I'm running DroidMod 1.0 on a 
Motorola
Droid.  OpenVPN 2.1_rc15 which comes installed with the rom works just fine.

[root@droid] openvpn # openvpn home.ovpn
openvpn home.ovpn
Mon Mar 29 12:12:26 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] bu
ilt on Feb  2 2010
Mon Mar 29 12:12:26 2010 WARNING: Make sure you understand the semantics of --tl
s-remote before using it (see the man page).
Mon Mar 29 12:12:26 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Mon Mar 29 12:12:26 2010 WARNING: file 'laptop.key' is group or others accessibl
e
Mon Mar 29 12:12:26 2010 WARNING: file 'ta.key' is group or others accessible
Mon Mar 29 12:12:26 2010 Control Channel Authentication: using 'ta.key' as a Ope
nVPN static key file
Mon Mar 29 12:12:26 2010 LZO compression initialized
Mon Mar 29 12:12:26 2010 UDPv4 link local: [undef]
Mon Mar 29 12:12:26 2010 UDPv4 link remote: xxxxxx
Mon Mar 29 12:12:33 2010 [server] Peer Connection Initiated with xxxxxxx
Mon Mar 29 12:12:35 2010 Options error: Unrecognized option or missing parameter
(s) in [PUSH-OPTIONS]:6: ifconfig (2.1.1)
Mon Mar 29 12:12:35 2010 TUN/TAP device tap0 opened
route: SIOCADDRT: Network is unreachable
Mon Mar 29 12:12:35 2010 ERROR: Linux route add command failed: external program
 exited with error status: 1
route: SIOCADDRT: Network is unreachable
Mon Mar 29 12:12:35 2010 ERROR: Linux route add command failed: external program
 exited with error status: 1
Mon Mar 29 12:12:35 2010 Initialization Sequence Completed

Original comment by epils...@gmail.com on 29 Mar 2010 at 5:23

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

i'm now running N1 FroYo with cyanogen rooter, which gives root and busybox

My server config works with about a dozen Win/OSX/Linux clients.

The client config I am using worked with 5.0.6 (built-in openvpn binary) + 
OpenVPN Settings (couldn't get the 
"redirect-gateway def1" to work using 5.0.6 built-in openvpn gui).

# which ifconfig
/system/bin/ifconfig

# find / -name ifconfig
/system/xbin/ifconfig
/system/bin/ifconfig

I know that the BusyBox ifconfig is in /system/xbin/ifconfig so I used this 
location during OpenVPN-Installer 
binary installation.

I get this, as su:

# cd /sdcard/openvpn
# openvpn myvpn.ovpn &
# Thu May 27 11:02:57 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built on Feb  2 2010
Thu May 27 11:02:57 2010 IMPORTANT: OpenVPN's default port number is now 1194, 
based on an official 
port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as 
the default port.
Thu May 27 11:02:57 2010 WARNING: No server certificate verification method has 
been enabled.  See 
http://openvpn.net/howto.html#mitm for more info.
Thu May 27 11:02:57 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher to call user-defined 
scripts or executables
Thu May 27 11:02:57 2010 WARNING: file 'client1.key' is group or others 
accessible
Thu May 27 11:02:57 2010 LZO compression initialized
Thu May 27 11:02:57 2010 UDPv4 link local (bound): [undef]:1194
Thu May 27 11:02:57 2010 UDPv4 link remote: MY.SERVER.IP.ADDRESS:1194
Thu May 27 11:03:02 2010 [server] Peer Connection Initiated with 
MY.SERVER.IP.ADDRESS:1194
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:4: 
route (2.1.1)
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:7: 
ifconfig (2.1.1)
Thu May 27 11:03:05 2010 TUN/TAP device tun0 opened
Thu May 27 11:03:05 2010 NOTE: unable to redirect default gateway -- VPN 
gateway parameter (--route-
gateway or --ifconfig) is missing
Thu May 27 11:03:05 2010 Initialization Sequence Completed

So then I check if the interface is up:
# /system/xbin/ifconfig
eth0 (details omitted)
lo (details omitted)

No TUN interface seems to be up, no IP addresses assigned (from 
OpenVPN-Settings).

So then I do this (just like my desktop client does):

#/system/xbin/ifconfig tun0 delete
#/system/xbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 
up

OK, tun0 shows up:
tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.5  P-t-P:10.8.0.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:19 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:1456 (1.4 KiB)  TX bytes:0 (0.0 B)

I can ping 10.8.0.5
I can not ping 10.8.0.6 (not a problem, I can't ping it from the desktop 
either).

I can not ping the server 10.8.0.1

Why not? No route? Duh.
# /system/xbin/route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.199.0   *               255.255.255.0   U     0      0        0 eth0
default         tomato          0.0.0.0         UG    0      0        0 eth0

In summary, I am inclined to conclude that neither ifconfig nor route location 
hard-coding has the desired 
effect :(

I am willing to troubleshoot this till no tomorrow as I NEED to be able to 
openvpn.

Original comment by bina...@gmail.com on 27 May 2010 at 7:49

[GoogleCodeExporter]

Was there any resolution to that.
I am having exact same problem with Villan10 rom on hero...

Original comment by ceylan...@gmail.com on 5 Jun 2010 at 7:09

[GoogleCodeExporter]

I noticed that, p-t-p ip assignment to tun0 is actually wrong...

tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.5  P-t-P:10.8.0.5  Mask:255.255.255.255
                    ^^^^^^^^        ^^^^^^^^

actually the first one should read 10.0.0.6.

I am guessing that should be the problem.

By the way, is ifconfig and route ripped off from this openvpn binary?

Original comment by ceylan...@gmail.com on 6 Jun 2010 at 5:28

[GoogleCodeExporter]

Problem solved....

This binary doesn't work with busybox:
http://github.com/downloads/fries/android-external-openvpn/openvpn-static-2.1.1.
bz2

However this does:
http://github.com/downloads/fries/android-external-openvpn/openvpn-static.bz2

By the way there should be pointtopoint in between the ips for the ifconfig 
problem...

Original comment by ceylan...@gmail.com on 6 Jun 2010 at 5:58

[GoogleCodeExporter]

which binary is integrated into android-openvpn-installer ?

Original comment by bina...@gmail.com on 8 Jun 2010 at 1:22

[GoogleCodeExporter]

The current version is OpenVPN 2.1.1

Original comment by friedrich.schaeuffelhut on 9 Jun 2010 at 11:08

[GoogleCodeExporter]

Both links cited in #17 use /system/xbin/bb/ifconfig and /system/xbin/bb/route.

The difference is that openvpn-static.bz2 contains OpenVPN 2.1_rc15 whereas 
openvpn-static-2.1.1.bz2 contains OpenVPN 2.1.1.

Original comment by friedrich.schaeuffelhut on 9 Jun 2010 at 11:23

[GoogleCodeExporter]

Is there a way to fix this or have I been doing smth wrong in comment 14?

Original comment by bina...@gmail.com on 9 Jun 2010 at 11:40

[GoogleCodeExporter]

I'm puzzled by those two lines. What is thair cause?

Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:4: route (2.1.1)
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:7: ifconfig (2.1.1)

Original comment by friedrich.schaeuffelhut on 11 Jun 2010 at 4:09

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

on the server log i see:
 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,ping 10,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'

it seems the android binary doesn't like PUSH OPTIONS:
route 10.8.0.1
ifconfig 10.8.0.6 10.8.0.5

Original comment by bina...@gmail.com on 11 Jun 2010 at 4:48

[GoogleCodeExporter]

Does anyone have the openvpn-installer & openvpn-settings working on froyo?

what images did you use to install froyo? cyanogen rooter?

should i try reflash and install the apps again?

Original comment by bina...@gmail.com on 21 Jun 2010 at 11:26

[GoogleCodeExporter]

I'm attempting to get this to work on my Droid. I had this same issue where I 
wouldn't get the route on a 2.1 rom but never tried starting from the command 
line. Now I'm running a 2.2 rom and I'm having the same issue, the routes don't 
get pushed. 

Details:
Phone: MotoDroid
ifconfig selected during install: /system/xbin/

when I run it from the command line I see this output that someone else here 
also had.

Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:1: route (2.1.1)
Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:3: route (2.1.1)
Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:6: ifconfig (2.1.1)

that's just the bitthat didn't seem to work, if you need the whole log I post 
that.

Original comment by novalidt...@gmail.com on 28 Jun 2010 at 3:35

[GoogleCodeExporter]

I get the same as above. Any ideas? BB.4

Thanks,
Don

Original comment by don.harp...@gmail.com on 1 Jul 2010 at 10:10

[GoogleCodeExporter]

Froyo FRF91 on Nexus1 + root + busybox.

No VPN IP gets added on the device.
No route gets added.

# openvpn myvpn.ovpn &
# Sat Jul  3 13:30:50 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built on Feb  2 2010
Sat Jul  3 13:30:50 2010 IMPORTANT: OpenVPN's default port number is now 1194, 
based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and 
earlier used 5000 as the default port.
Sat Jul  3 13:30:50 2010 WARNING: No server certificate verification method has 
been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Sat Jul  3 13:30:50 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher to call user-defined scripts or executables
Sat Jul  3 13:30:50 2010 WARNING: file 'client1.key' is group or others 
accessible
Sat Jul  3 13:30:50 2010 LZO compression initialized
Sat Jul  3 13:30:50 2010 UDPv4 link local (bound): [undef]:1194
Sat Jul  3 13:30:50 2010 UDPv4 link remote: MY.SERVER.IP.ADDRESS:1194
Sat Jul  3 13:30:55 2010 [server] Peer Connection Initiated with 
MY.SERVER.IP.ADDRESS:1194
Sat Jul  3 13:30:58 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:4: route (2.1.1)
Sat Jul  3 13:30:58 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:7: ifconfig (2.1.1)
Sat Jul  3 13:30:58 2010 TUN/TAP device tun0 opened
Sat Jul  3 13:30:58 2010 NOTE: unable to redirect default gateway -- VPN 
gateway parameter (--route-gateway or --ifconfig) is missing
Sat Jul  3 13:30:58 2010 Initialization Sequence Completed

ifconfig hardcoding during installation does not seem to work: 
/system/xbin/ifconfig outputs only eth0 and lo.

route hardcoding during installation does not seem to work:
# /system/xbin/route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.199.0   *               255.255.255.0   U     0      0        0 eth0
default         tomato          0.0.0.0         UG    0      0        0 eth0

Original comment by bina...@gmail.com on 3 Jul 2010 at 9:35

[GoogleCodeExporter]

FYI, I know it is a horrible, horrible hack, but I at least got to the point 
now where I am getting an internal IP address.  Next step is to figure out the 
proper routes.

how I did it:
0. I also have Froyo FRF91 on Nexus1 + root + busybox (from MoDaCo).
1. I had to use the statically linked openvpn listed above 
(http://github.com/downloads/fries/android-external-openvpn/openvpn-static.bz2)
2. Unzip and copy openvpn-static-2.1.1 to files to device. (I renamed mine 
/system/xbin/openvpn)
(for those who don't know how to copy, use adb remount, then adb shell <insert 
command here> to get around the "read only file system")
3. Make folder /system/xbin/bb
  Example: adb remount; adb shell mkdir /system/xbin/bb
4. Make symbolic links to ifconfig and route
  Example: adb shell ln -s /system/xbin/ifconfig /system/xbin/bb/ifconfig
           adb shell ln -s /system/xbin/route /system/xbin/bb/route

//Now I'm stuck at not being able to ping anybody (including google)
sh-3.2# ping INTERNAL.SITE
PING INTERNAL.SITE (XXX.XXX.XXX.XXX) 56(84) bytes of data.
From VPN.IPADDRESS icmp_seq=2 Destination Host Unreachable
From VPN.IPADDRESS icmp_seq=3 Destination Host Unreachable

Original comment by nkasarea...@gmail.com on 10 Jul 2010 at 7:25

[GoogleCodeExporter]

OK, work around tested and works!! I can now tunnel all my traffic to inside 
and outside networks.

This has been tested using TAP.  Your mileage may vary.

Problem: route added to internet IP address of my vpn server.
Solution: delete route after routing has occured.

Implementation:
1.  Create a simple script to delete router.  Example (/sdcard/openvpn/up.sh)

#!/system/bin/sh
/system/xbin/route del YOUR_VPN_INTERNET_IPADDRESS

2. Make the file executable.  chmod +x /sdcard/openvpn/up.sh
3.  Modify your openvpn.conf to call script after routing, or pass it in as a 
command line argument.  I did the modification to script file.
     route-up "/system/bin/sh /sdcard/openvpn/up.sh"

Original comment by nkasarea...@gmail.com on 10 Jul 2010 at 3:12

[GoogleCodeExporter]

You write that you have a route created on the server

How do you get your client (N1) to come up with a route, so as to have traffic 
routing through the server?

Original comment by bina...@gmail.com on 10 Jul 2010 at 4:17

[GoogleCodeExporter]

Made a nice summary at 
http://forum.xda-developers.com/showpost.php?p=7132889&postcount=56

Original comment by nkasarea...@gmail.com on 10 Jul 2010 at 4:30

[GoogleCodeExporter]

Let me summarize that IFCONFIG/ROUTE location hardcoding during installation of 
openvpn-installer DOES NOT WORK (at least not to /system/xbin)!!!

To get openvpn-installer to work as expected, one needs to:
-install openvpn-installer
-during installation point to busybox (ifconfig/route) at /system/xbin/bb
-create the symbolic links in those locations as per post 30

After this everything (openvpn-settings) works as expected (if configured 
properly ;) )!!

Original comment by bina...@gmail.com on 10 Jul 2010 at 5:04

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Followed posts 30 & 34 - not working on fully rooted Evo 4G 1.47.651.1.

Connects but External IP & Ext. Hostname are still issued by isp, not vpn 
provider.

Same .conf working on pc.

Original comment by eastbe...@gmail.com on 25 Jul 2010 at 12:50

[GoogleCodeExporter]

I have the same problem with #12, finally got it solved by using the method 
provided by #30.
I just installed OpenVPN Installer and OpenVPN Settings from Android Market, 
and excuted the commands in #30, finally got it done.
If all the files and operations are correct, follow #30 has no problem.
My phone is HTC G3 Hero, ROM is 3.2-update-hero-modacocustomrom-core-signed.zip

Original comment by d830a...@gmail.com on 2 Aug 2010 at 10:33

[GoogleCodeExporter]

I have no more idea so I hope to get help here.
Installation is ok.
VPN connects and a ping to google.com works but I can t ping internal (e.g. 
192.168.1.30) IPs.

This is the Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.0.70     *               255.255.255.255 UH    0      0        0 tun0
172.16.0.1      172.16.0.70     255.255.255.255 UGH   0      0        0 tun0
109.85.241.116  *               255.255.255.252 U     0      0        0 rmnet0
192.168.1.0     172.16.0.70     255.255.255.0   UG    0      0        0 tun0
default         109.85.241.118  0.0.0.0         UG    0      0        0 rmnet0

thanx a lot for your help

Original comment by toh...@googlemail.com on 5 Aug 2010 at 1:02

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Hi, i used the procedure #30..and for my case doesn't work, any suggestions to 
check what is wrong with my configuration..?just my openvpn installation, not 
my openvpn configs files..thanks in advance...

Original comment by diego.ve...@gmail.com on 19 Oct 2010 at 3:43

[GoogleCodeExporter]

Hi, i put my situation here: 
http://forum.xda-developers.com/showthread.php?t=814082

Original comment by diego.ve...@gmail.com on 20 Oct 2010 at 2:55

[GoogleCodeExporter]

Number 34 solved my problem. I wasn't received an ip address, and no tun0 
interface was being created, and no routes were being added. 

All I needed to do was:

1.Point the openvpn installer to the /system/xbin/bb directory for ifconfig
2. Create /system/xbin/bb
3. Create links in /system/xbin/bb that point to /system/xbin

I don't really understand what the difference is between having it use links 
and using the path, but I'm happy it's working. Turnkey would be nice, but 
free's nicer. :)

Original comment by KyleP...@gmail.com on 1 Nov 2010 at 4:31

[GoogleCodeExporter]

For the traffic routing issue, if you do this
# ip ru show
0:  from all lookup local 
3001:   from all lookup wifi 
32766:  from all lookup main 
32767:  from all lookup default 
you have a few tables.

connect to your vpn network

ping <an internal vpn ip> -- if that works then great, but i doubt it would
ping -I tun0 <an internal vpn ip> -- If this works then that means that your 
traffic isn't being routed through the tunnel tun0

If you're on wifi connecting through vpn try this:
ip ru del wifi
then ping <an internal vpn ip> -- that worked for me

If you're on gprs then: ip ru del gprs.

I'm still trying to find out how to make the route work without having to do 
that though.

Original comment by kevin....@gmail.com on 21 Nov 2010 at 7:56

[GoogleCodeExporter]

sorrowly i have to confirm 34 and 43 solved it...
its nesesarry to point installer to bb dir .. but it wasnt there ...
perhebs the installer could do then while installing .. 

Original comment by phi...@googlemail.com on 26 Nov 2010 at 12:51

[GoogleCodeExporter]

Is this application being monitored and updated? Openvpn is now 2.3 but the 
installer is still using 2.1.1 which is still having the ifconfig/route issue. 
I hope there will be a permanent fix rather that work around.

Original comment by aminuddi...@gmail.com on 28 Dec 2010 at 4:21

[GoogleCodeExporter]

i don't expect a permanent fix.

your best bet is to install cyanogenmod which has openvpn built-in

Original comment by bina...@gmail.com on 28 Dec 2010 at 4:51

[GoogleCodeExporter]

Nexus One MIUI ROM v1.1.7
Had to do the same as #34 and #43. Even if in route and ifconfig in 
/system/xbin are links to busibox, the openvpn installed by openvpn installer 
only works if one creates /system/xbin/bb and links /system/xbin/route and 
/system/xbin/ifconfig there.

Original comment by jose.ban...@gmail.com on 8 Jan 2011 at 10:33

[GoogleCodeExporter]

Thanks KylePond!!! Comment #43 did the trick for me.

Original comment by edwar...@gmail.com on 12 Jan 2011 at 5:34

[GoogleCodeExporter]

@friedrich
please can you change it and update it on market ?
maybe you can change the settings , that the path to route and ifconfig is 
always /system/xbin (there are the apps be sure..) and cahnge the code, so that 
route and ifconfig use always the /system/xbin/ path, then it would be ok, and 
noone must create apath manually ... for newbies it would be easier to know .. 
this::

only to be sure - here in summary:
it works if it will be done in this way:

1.) install binaries to /system/xbin
2.) select path to ifconfig and route -> /system/xbin/bb
3.) make a link to xbin -> "ln -s /system/xbin /system/xbin/bb"

then it works fine :)

Original comment by erwin.ts...@gmail.com on 5 Mar 2011 at 1:19