Android - using the OpenVPN for Android clients

OpenVPN can also be used on mobile devices, such as Android or iPhone smartphones. In this recipe, we will show how to set up a basic configuration file for the OpenVPN for the Android app. The same configuration can be used on iPhones and iPads.

Getting ready

Set up the client and server certificates using the first recipe from Chapter 2Client-server IP-only Networks. For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.3.11. The client device was running Android 4.2 and OpenVPN for Android version 0.6.57. Keep the configuration file, basic-udp-server.conf, from the Server-side routing recipe in Chapter 2Client-server IP-only Networks at hand. For the client, keep the configuration file, basic-udp-client.ovpn, from the Using an ifconfig-pool block recipe in Chapter 2Client-server IP-only Networks at hand.

How to do it...

  1. Start the server:
    [root@server]# openvpn --config basic-udp-server.conf
    
  2. Create the OpenVPN app profile by converting the basic-udp-client.ovpn file to an inline configuration file. This is done by replacing all references to external files with the inline blobs. We then add these inline blobs by copying the contents from the external files. The resulting configuration file will look similar to this:
            client 
            proto udp 
            remote openvpnserver.example.com 
            port 1194 
            dev tun 
            nobind 
            remote-cert-tls server 
            key-direction 1 
            push-peer-info 
     
            <ca> 
            -----BEGIN CERTIFICATE----- 
            MIIGDzCCA/egAwIBAgIJAJOj7Wg... 
            ... 
            -----END CERTIFICATE----- 
            </ca> 
     
            <cert> 
            -----BEGIN CERTIFICATE----- 
            MIIFKzCCAxOgAwIBAgIBAjANBgi... 
            ... 
            -----END CERTIFICATE----- 
            </cert> 
     
            <key> 
            -----BEGIN RSA PRIVATE KEY----- 
            MIIEvgIBADANBgkqhkiG9w0BAQEF... 
            ... 
            -----END RSA PRIVATE KEY----- 
            </key> 
     
            <tls-auth> 
            -----BEGIN OpenVPN Static key V1----- 
            5f5b2bfff373961654089871b40a39eb 
            ... 
            -----END OpenVPN Static key V1----- 
            </tls-auth> 
    
  3. Save this configuration file as example9-10.ovpn.
  4. Transfer the app configuration file to the Android smartphone.
  5. Start the OpenVPN for Android app and import the example9-10.ovpn profile. If all goes well, you should see an output similar to this:
    How to do it...
  6. Launch the OpenVPN profile. After the connection has been established, the app will show the current status and log with the top line showing Connected: SUCCESS, 10.200.0.2, 192.168.96.101, 1194:
    How to do it...

How it works...

The OpenVPN for Android app is based on the same source code as the open source OpenVPN software. Hence, almost all options that can be specified in a normal configuration file can also be specified in an OpenVPN app profile. However, it is recommended to include all certificate and keying information inside the profile, as it makes it much easier to transfer the configuration to the device.

There's more...

If you want to transfer the app profile by uploading it to a web server first, then make sure that the file type and extensions remain intact. The mobile device will treat the configuration file as a plain text file if it does not recognize it as an OpenVPN profile and you will not be able to import it into the OpenVPN for Android app. In such cases, it may be desirable to transfer the .ovpn file inside a ZIP (.zip) file.

See also

  • The Inline certificates recipe in the next chapter, which goes into detail on using inline certificates
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.219.208.51