Android and OPENVPN

Used environment equipment:

VirtualBox machine:

CPU: 1x

RAM: 1024MB


NET: Bridget adapter

All other options are set by default

OS: Debian Squeeze i386 basic install

Main Software: openvpn

HTC Desire: Cyanogenmod

It’ll be cool to have instant access from your android based phone to your home PC/Server.. isn’t it ? ūüôā

In the current article we will go through some basic steps which will connect our Android phone with your home computer via VPN (Virtual Private Network)

PC part:

Let start with creating openvpn TUN adapter

aptitude install openvpn

And this is the time and place to start building some new keys that will be used in our quest for connectivity

cd /etc/openvpn/

Generating new preshared key:

openvpn --genkey --secret android.key

Now we have to create server-side configuration file:

local #This is the interface's IP address that will be used to point, normaly this is our OUT interface provided with IP by our ISP.
port 6000 # port number
dev tun1 # tun number..if we have more than one 
tun-mtu 1500
proto tcp-server
ifconfig # first IP for the server side, second IP is for client side.
secret /etc/openvpn/android.key # key file that we generated a minute ago
user nobody
group nogroup
chroot /var/empty
ping 15
ping 10
ping-restart 120
verb 3
#push "route" #If we need to access other networks trough our vpn

and /var/empty directory:

mkdir /var/empty



We are ready to test our p-2-p vpn

/usr/sbin/openvpn --config /etc/openvpn/android.conf --daemon /etc/openvpn/android.log --log /etc/openvpn/android-vpn.log

if we succeed, we’ll see the new TUN1 device in ifconfig


eth0      Link encap:Ethernet  HWaddr 1c:6f:65:b4:ea:8f  
          inet addr:  Bcast:  Mask: 
          inet6 addr: fe80::1e6f:65ff:feb2:ea8f/64 Scope:Link
          RX packets:120812272 errors:0 dropped:0 overruns:0 frame:0
          TX packets:209467277 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:57773079102 (8 GiB)  TX bytes:245519168449 (6 GiB)
          Interrupt:25 Base address:0x6000 

tun1     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:  P-t-P:  Mask:
          RX packets:18800 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31094 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:1317261 (1.2 MiB)  TX bytes:34792166 (33.1 MiB)

O.K for now we will live our PC up and running and try to access it trough VPN via Android smart phone.

Android Part:

I have HTC Desire with Cyanogenmod

Please note:

It is not possible to cover all phones with all existence ROMs.I prefer this ROM for that it contain ready for use tun.ko module witch is need to run successfully VPN in android environment

Lets start.

First we have to transfer android.key that we created early to our phone’s SD card in folder ¬†named openvpn¬†…i let it to you to decide how to do that…i personally¬†¬†prefer the¬†easiest¬†way: plug USB cable in your phone and use transfer file utility ūüôā

Did you notice that…i missed Client-part of config file ?

Here it is:

dev tun
ifconfig # first IP for the client (android) side, second IP is for server side.PLEASE NOT THAT PLACES OF ADDRESSES IS REPLACES !!
secret /mnt/sdcard/openvpn/android.key # (must be the same key created on the server earlier)
port 6000 # (must match the port of the server configuration)
proto tcp-client
ping 15
ping-restart 45
verb 3
#route #use only if you define route in server side config file !

Let’s say that you manage to transfer files and /SDCARD/openvpn contain two files:



Now let’s install OpenVPN Settings from Play Store (Android market)

OpenVPN Settings

and run it by enable both checkbox

If we make everything above…we’ll see


Congratulations¬†you did it…almost¬†

Note that VPN is not a service that can be accessed and use on-the-fly.

Its function is to connect two different points on the same network segment …

which¬†at this point it’s… means nothing …unless we have a specific service you want to use such as:
– Access to files
– Management torrent files
– Access our PC’s desktop

capabilities which will look at other articles.

Stay tuned for more c00l stuff


Articles used in this guide:


What is the difference between a TUN device and a TAP device?

Cyanogenmod FTW