OpenVPN on A500

sm4rtr3tard

Member
Apr 29, 2011
9
0
Don't know if anyone else has tried this yet, but I am seeing if anyone else has gotten tun.ko working on their A500 for the openvpn? Evertime I insmod tun.ko it gives me the error "init_module 'tun.ko' failed (Exec format error)".

I am assuming (from the other threads and webpages I've gone to) that we need to have one made specifcally for the a500?
:confused: I also tried one that was said to be made for the xoom, that didn't work either.

Things I've done...

  • Rooted A500
  • Installed from Market "OpenVPN Installer"
  • Installed Binary
  • Installed from Market "OpenVPN Settings"
  • Created Folder for ovpn settings and certs and copied files there.
  • Installed Busybox
  • Downloaded tun.ko (from get-a-robot-vpnc)
  • Moved the file to the /system/lib/modules/ folder by remounting system with RW
  • Insmod tun.ko (Result: init_module 'tun.ko' failed (Exec format error)
Any help would be greatly appreciated

UPDATED:

Ok, so I am kind of a noob when it comes to working with Linux, but I got my OpenVPN to work on the A500. So figured I would share my process, by all means if I am wrong somewhere let me know but it's all working for me.

Root First:
xda-developers - View Single Post - *ROOTED*Rooting acer a500
Nice little step by step there, thanks monki-magic!

Downloads:
** I put all of these unarchived into a folder on a USB thumb drive and transferred them that way. Huzzah for USB ports!

A500 Modules ( Thanks to thor2002ro )
[DEV] A500 Kernel Modules - xda-developers

Static OpenVPN
http://github.com/downloads/fries/android-external-openvpn/openvpn-static.bz2

BusyBox
If you did the root right you should already have this installed.

OpenVPN Installer
Obtained from Market

OpenVPN Settings
Obtained from Market

Connectbot ( my preferred terminal access, you can use whatever you want for local commands )
Obtained from Market

Step 1:


Install OpenVPN Installer (Not sure if it's needed but I did it anyways because we're over-writing the library later)


Step 2:
Make needed Folders.

Code:
mkdir /system/xbin/bb
mkdir /sdcard/openvpn
Step 3:
Remount your system folder rw

First locate which block /system is mounted (mine was /dev/block/mmcblk0p3)

Code:
cat /proc/mounts | grep system
Then remount as RW
Code:
mount -o remount,rw /dev/block/mmcblk0p3 /system
Then to check if its right, you should see a RW in there...
Code:
cat /proc/mounts | grep system
Step 4:
Rename files that are about to be written over ( you never know ):p

Code:
mv /system/xbin/openvpn /system/xbin/openvpn_old
Step 5:
Copy files over, this is assuming you're using a thumbdrive. Otherwise copy from wherever your files are.


In this step we'll copy over your openvpn config files too.

Code:
cp /mnt/usb_storage/tun.ko /system/lib/modules/tun.ko
cp /mnt/usb_storage/openvpn-static-2.1 /system/xbin/openvpn
cp /mnt/usb_storage/myserver.opvn /sdcard/openvpn/myserver.ovpn
cp /mnt/usb_storage/myserver.conf /sdcard/openvpn/myserver.conf
Step 6:
Change permissions (not sure if necessary but did it anyways)


Code:
chmod 755 /system/xbin/openvpn
chmod 644 /system/lib/modules/tun.ko
Step 7:
Symbolic links to fix ifconfig/route issues...

Code:
ln -s /system/xbin/ifconfig /system/xbin/bb/ifconfig
ln -s /system/xbin/route /system/xbin/bb/route


Step 8:
OpenVPN settings, this may vary depending on your OpenVPN server deployment...

  • Open OpenVPN settings
  • Press Menu button to get to "advanced"
  • Check "Load tun kernel module"
  • Open TUN module settings and set "load module using" to insmod
  • Open TUN module settings and ensure path " /system/lib/modules/tun.ko "
  • Check path to configurations " /sdcard/openvpn " (these are your .ovpn/.conf files)
  • Check path to library " /system/xbin/openvpn "
Once that is all configured and pointing to the correct locations. Drop back to the main menu of the OpenVPN settings.

Check OpenVPN to start it up and then check the .conf file to start the connection up. Thats it!
;)

Note: One signifier that I noticed that ensured my connection was connected AND routing correctly is that I saw under the .conf file in OpenVPN settings the info " connected to <server ip> as <client ip> ". When I was troubleshooting it showed connected but the client ip wasn't showing and the routing wasn't working. When I got it all working both IP's showed up.

Have fun!
 
Last edited:

sm4rtr3tard

Member
Apr 29, 2011
9
0
Got the openvpn working now my initial post is updated with instructions.

Sent from my A500 using Android Tablet Forum
 

ChiTriGuy

Member
Apr 27, 2011
58
1
Ok, I admit it, I'm lost. Yes, I'm a noob on Android so please excuse some questions.

On step 3: mount -o remount,rw /dev/block/mmcblk0p3 /system I got an "Operation not permitted" using the Terminal Emulator. I did an su and it seemed to run after that...I think. Does that sound right?

On step 5: my openvpn-static.bz2, is this a compressed file or should I rename it to openvpn-static-2.1? Also, where did you get the myserver.ovpn and myserver.conf files, did you create them yourself, is there a format for them if you did?

I appreciate the time you took to put this together, but I'm a bit lost.

Thanks again!
 

sm4rtr3tard

Member
Apr 29, 2011
9
0
Ok, I admit it, I'm lost. Yes, I'm a noob on Android so please excuse some questions.

On step 3: mount -o remount,rw /dev/block/mmcblk0p3 /system I got an "Operation not permitted" using the Terminal Emulator. I did an su and it seemed to run after that...I think. Does that sound right?

On step 5: my openvpn-static.bz2, is this a compressed file or should I rename it to openvpn-static-2.1? Also, where did you get the myserver.ovpn and myserver.conf files, did you create them yourself, is there a format for them if you did?

I appreciate the time you took to put this together, but I'm a bit lost.

Thanks again!

Not a problem.

Step 3 - Yes you are correct. You need super user (su) rights to do that.

Step 5 - bz is an archive, so I unarchived it on my PC before transferring it. But regardless you need to unarchive before using the file.

As far as the ovpn and conf files those were generated by my openvpn deployment (a client deployment utility that makes the files and certs for you). As far as the configurations theres a few walk throughs out there but I have not had experience with them.

Hope this helps.

Sent from my A500 using Android Tablet Forum
 
Last edited:

ChiTriGuy

Member
Apr 27, 2011
58
1
Ok, as I was playing around I realized the bz2 file was an archive. Thanks sm4rtr3tard for the heads up! I extracted using two extraction programs, one gave me 5 files labelled 0, 1, 2, 3, 4, (that's it, no extensions), and one (7-Zip) gave me one file. I'm assuming the single file is what we're looking for. I think I'm heading in the wrong direction on the config files though because based on the verbiage and everything it looks like, the settings for the IPSEC connection to my Cisco ASA aren't in there. All I am looking for is something to allow me to configure a group name and group secret. Man, I wish either Cisco or Google would get off their butts and do this right, it shouldn't be this difficult! Thanks for your help everyone!
 

sm4rtr3tard

Member
Apr 29, 2011
9
0
Well OpenVPN is another style of VPN like Cisco VPN but OpenVPN doesn't work with Cisco VPN. I did notice that in the native VPN settings on the A500's that there is an option for Ipsec. They might have an option in there for Cisco ASA/PIX connections, might be worth a check. I will check back if I find out that I can connect to my pix through the built in VPN interface.
 

ChiTriGuy

Member
Apr 27, 2011
58
1
Ok, it seems that what those of us who connect to Cisco appliances that use group names and passwords (IPSEC) need is this apk. I have installed it, enabled it, and (it seems) connected successfully to my VPN (based on what the software says). For those who are going to try using this, set it up with all your information, enable it, and to connect to your connection, LONG PRESS on your connection name and it will come up asking for Connect, Disconnect, or Configure (took me a while to figure that one out). That all being said, it says I'm connected BUT I can't VNC or RDP to any of my work computers. So, it begs the question, how does it know I'm connected? Does anyone know how I can verify that I am, in fact, connected to my network and why I don't seem to be able to access my computers.

Thanks much...getting closer!
 

neovalis

Member
Jun 25, 2011
1
0
Does anyone have any ideas on how to stop the "connected" notification from flashing nonstop?

Edit: I've submitted a bug report.
 
Last edited:

ChiTriGuy

Member
Apr 27, 2011
58
1
Im still having issues. OpenVPN won't work for me because I need IPSEC connectivity. I installed get-a-robot and the VPN Connections apk they offer there. Tun is running because I see it under /dev and when I make a connection it says I'm connected but when I do a netcfg it says that tun is down. Anyone have any ideas where to go from here?
 

PaiWakket

Member
Aug 26, 2011
2
0
Hi everyone.

I just got my tablet the other day. I'm a total noob to tablets, android, and linux in general. Please forgive if this question is shockingly obvious.

How are you entering the commands listed? I've installed/run a rooting app. It says the system is rooted. I've had several apps ask for super user access, so I think that part is correct. I've tried several SSH and Terminal emulators to enter the commands, and I have no trouble navigating or listing directory contents, but I get nothing when I try to 'mkdir' something. If I try 'su mkdir' I get 'permission denied'.

Right now the plan is to revert my system to factory default. Any instructions on getting from that point to the start of this instruction list would be greatly appreciated.
 

sm4rtr3tard

Member
Apr 29, 2011
9
0
Hi everyone.

I just got my tablet the other day. I'm a total noob to tablets, android, and linux in general. Please forgive if this question is shockingly obvious.

How are you entering the commands listed? I've installed/run a rooting app. It says the system is rooted. I've had several apps ask for super user access, so I think that part is correct. I've tried several SSH and Terminal emulators to enter the commands, and I have no trouble navigating or listing directory contents, but I get nothing when I try to 'mkdir' something. If I try 'su mkdir' I get 'permission denied'.

Right now the plan is to revert my system to factory default. Any instructions on getting from that point to the start of this instruction list would be greatly appreciated.

Install an app from the market called "ConnectBot" and connect to localhost in order to run the commands that are listed in my walkthrough.
 

PaiWakket

Member
Aug 26, 2011
2
0
Install an app from the market called "ConnectBot" and connect to localhost in order to run the commands that are listed in my walkthrough.

Thanks sm4rtr3tard. That was helpful.

I figured out that my system was set as write protected, so I couldn't complete Step 2 until I had remounted it as RW, as in Step 3. You might want to update and reverse those two.

Thanks again.
 
Top