Problem With Android Configuration
Andrea Squeri
andrea.squeri at gmail.com
Wed Mar 25 11:15:23 CET 2015
Hi, First sorry for my bad English.
I made a vpn wtih tinc for link my home and my two office. In Addition I want to configure my android device to link with my vpn.
The topology of the net is this:
cubox(a linux machine in my home with vpn address 192.168.0.20)
groppalbero (a linux machine in my second office with vpn address 192.168.0.40)
imac(a mac machine in my first office with vpn address 192.168.0.50)
nexus5(my android device with vpn address 192.168.0.80)
I have configurate all machine and now they all works except the android device.
On this I use “Tinc Gui” app for configure it. When I start the tinc daemon it connect to the configured host and the tun0 interface in created and configured, but i can ping with any hosts
and any host can ping my android device. the result of ping IS NOT a network unavailable response. In fact it block un operation and from the tinc gui log I can see that the packet are received by my android device.
I suspect that can be a problem for the route but I can’t understand which the problem is.
For information paste the configuration from cubic and android device:
CUBOX :
--------------------------------------------------------------------------------------------------------
andre at cubox vpnalma]$ cat tinc.conf
# Sample tinc configuration file
# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The name of this tinc host. Required.
Name = cubox
# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
#ConnectTo = vaio
#ConnectTo = groppalbero
#ConnectTo = imac
#ConnectTo = servermarcy
# The tap device tinc will use.
# Default is /dev/tap0 for ethertap or FreeBSD,
# /dev/tun0 for Solaris and OpenBSD,
# and /dev/net/tun for Linux tun/tap device.
Device = /dev/net/tun
[andre at cubox vpnalma]$ cat tinc-up
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# The environment variable $INTERFACE is set to the right name
# on most platforms, but if it doesn't work try to set it manually.
# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.0.20 netmask 255.255.255.0
#ip link set $INTERFACE up
#ip addr add 192.168.0.20/32 dev $INTERFACE
#ip route add 192.168.0.0/24 dev $INTERFACE
[andre at cubox vpnalma]$ cat hosts/cubox
#iample host configuration file
# This file was generated by host beta.
# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 10.0.0.7
Address = almaliberty.duckdns.org
# Portnumber for incoming connections. Default is 655.
Port = 655
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.0.20/32
————————————————————————————————————————————————————
The network is so configurated:
——————————————————————————————————————————————————————————————————————————————
[andre at cubox vpnalma]$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.7 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::d263:b4ff:fe00:6a6b prefixlen 64 scopeid 0x20<link>
ether d0:63:b4:00:6a:6b txqueuelen 1000 (Ethernet)
RX packets 63975281 bytes 142504956 (135.9 MiB)
RX errors 0 dropped 2 overruns 0 frame 0
TX packets 35826176 bytes 2648965717 (2.4 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 167609 bytes 76370891 (72.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 167609 bytes 76370891 (72.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vpnalma: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 192.168.0.20 netmask 255.255.255.0 destination 192.168.0.20
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 8876 bytes 1765584 (1.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5939 bytes 2394177 (2.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[andre at cubox vpnalma]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default router.asus.com 0.0.0.0 UG 1024 0 0 eth0
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0
router.asus.com * 255.255.255.255 UH 1024 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 vpnalma
[andre at cubox vpnalma]$
——————————————————————————————————————————————————————————————————
ON THE ANDROIDE DEVICE SIDE I HAVE THIS CONFG:
u0_a167 at hammerhead:/ $ su
root at hammerhead:/ # cd sdcard/tinc/vpnalma
at tinc.conf <
# Sample tinc configuration file
# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.
# The name of this tinc host. Required.
Name = nexus5
# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
ConnectTo = cubox
ConnectTo = groppalbero
ConnectTo = imac
# The tap device tinc will use.
# Default is /dev/tap0 for ethertap or FreeBSD,
# /dev/tun0 for Solaris and OpenBSD,
# and /dev/net/tun for Linux tun/tap device.
#Mode = switch
Device = /dev/tun
#DeviceType = tap
#Interface = tap0
#echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter
ScriptsInterpreter = /system/bin/sh
root at hammerhead:/sdcard/tinc/vpnalma # cat tinc-up
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# The environment variable $INTERFACE is set to the right name
# on most platforms, but if it doesn't work try to set it manually.
# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.0.80 netmask 255.255.255.0
#echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter
#ip link set $INTERFACE up
#ip addr add 192.168.0.80/24 (http://192.168.0.80/24) dev $INTERFACE
#ip route add 192.168.0.0/24 (http://192.168.0.0/24) dev $INTERFACE
root at hammerhead:/sdcard/tinc/vpnalma # hosts/nexus5
sh: hosts/nexus5: can't execute: Permission denied
at hosts/nexus5 <
# Sample host configuration file
# The real IP address of this tinc host. Can be used by other tinc hosts.
# Portnumber for incoming connections. Default is 655.
#Port = 655
# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.0.80/32 (http://192.168.0.80/32)
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
root at hammerhead:/sdcard/tinc/vpnalma # ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 (http://127.0.0.1/8) scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: rmnet0: <UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/[530]
inet 10.183.70.124/29 (http://10.183.70.124/29) scope global rmnet0
inet6 fe80::7561:c093:ea26:5781/64 scope link
valid_lft forever preferred_lft forever
3: rmnet1: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
4: rmnet2: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
5: rmnet3: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
6: rmnet4: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
7: rmnet5: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
8: rmnet6: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
9: rmnet7: <> mtu 2000 qdisc noop state DOWN qlen 1000
link/[530]
10: rev_rmnet0: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether a2:f5:64:5f:9d:05 brd ff:ff:ff:ff:ff:ff
11: rev_rmnet1: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether ea:f8:93:71:83:a1 brd ff:ff:ff:ff:ff:ff
12: rev_rmnet2: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 2a:84:3a:f5:3b:f0 brd ff:ff:ff:ff:ff:ff
13: rev_rmnet3: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 4a:d5:f8:77:cb:80 brd ff:ff:ff:ff:ff:ff
14: rev_rmnet4: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 16:db:e7:e3:f4:39 brd ff:ff:ff:ff:ff:ff
15: rev_rmnet5: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 46:3a:94:70:f0:5f brd ff:ff:ff:ff:ff:ff
16: rev_rmnet6: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 62:2c:a9:03:e9:4d brd ff:ff:ff:ff:ff:ff
17: rev_rmnet7: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether f6:8e:08:a1:aa:10 brd ff:ff:ff:ff:ff:ff
18: rev_rmnet8: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000
link/ether 72:92:60:5c:e6:7c brd ff:ff:ff:ff:ff:ff
19: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
20: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 8e:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff
21: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 8c:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff
23: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/none
inet 192.168.0.80/24 (http://192.168.0.80/24) scope global tun0
root at hammerhead:/sdcard/tinc/vpnalma # ip route
10.183.70.120/29 (http://10.183.70.120/29) dev rmnet0 proto kernel scope link src 10.183.70.124
10.206.56.132 via 10.183.70.125 dev rmnet0 src 10.183.70.124
10.207.43.46 via 10.183.70.125 dev rmnet0 src 10.183.70.124
192.168.0.0/24 (http://192.168.0.0/24) dev tun0 proto kernel scope link src 192.168.0.80
root at hammerhead:/sdcard/tinc/vpnalma # ping 192.168.0.20
PING 192.168.0.20 (192.168.0.20) 56(84) bytes of data.
^C
--- 192.168.0.20 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9003ms
1|root at hammerhead:/sdcard/tinc/vpnalma #
————————————————————————————————————————————————————————————————————————————————
From the tinc gui log that I can’t copy and paste , I see that the device in connected to cubic but i can’t ping with it.
--
Andrea Squeri
Inviato con Sparrow (http://www.sparrowmailapp.com/?sig)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150325/8443916d/attachment-0001.html>
More information about the tinc
mailing list