Help me bypass the great firewall of canada, I need to vpn on my android phone through 3g.
November 13, 2010 8:23 PM   Subscribe

I want to bypass bell's VPN restriction/filters on the VPN service, I was planning on piping the VPN connection (pptp) through an SSH tunnel. Is there a way to set this up on an android phone with connectbot installed so that it looks something like this. All android data > VPN > SSH Tunnel > Home SSH Server > VPN Exit point.

I've always hoped for a way to take the power out of the hands of the phone companies as much as possible. Sadly they pretty much keep a choke hold on everything. So they seem to have normal pptp ports blocked I seem to be able to authenticate with my vpn service but when I attempt to load a page it seems to never load anything at all. So effectively vpn is a great way to turn off my data connection at this point... :(

Well let me know what you guys think I'd greatly appreciate a way to push vpn regardless of the will of the evil dark lord BellThulu...

Am I going to have to root my phone? I'm currently rocking the Bell version of the Samsung Galaxy S, also known as the Faux "Vibrant" also known as the I9000M. If that isn't confusing enough.
posted by Chamunks to Technology (9 answers total) 1 user marked this as a favorite
A data point, but not a solution: I have no problems using pptp over Telus 3G on an iPhone. I hear that Telus and Bell share a 3G network, right? So perhaps the problem isn't in the network, but in the setup of the phone?
posted by MiG at 9:06 PM on November 13, 2010

Also something to think about -- the VPN server you're trying to connect to may have some firewall rule that might be interfering?

Have you actually confirmed with Bell that they block VPN service? If they do officially, time to switch to Telus or Rogers.
posted by MiG at 9:11 PM on November 13, 2010

Why not ssh to your home network, then have that be the VPN terminus to your office (or wherever)? SSH in, VPN out, with your home server(s) playing piggy-in-the-middle. Boil it down to a static route as much as possible, that's what I say.
posted by rhizome at 9:39 PM on November 13, 2010

I want to bypass bell's VPN restriction/filters on the VPN service

How are you tethering your phone? If you're using PDAnet or Easytether they don't support PPTP because PPTP uses GRE, which Android does not support for applications. You can work around this problem by using Androids native VPN client to connect.

I was planning on piping the VPN connection (pptp) through an SSH tunnel.

You're not forwarding GRE over SSH which is TCP/IP based.
posted by damn dirty ape at 11:06 PM on November 13, 2010

You can certainly run ppp (not pptp) through a ssh tunnel, and if the ssh server is on some box you control, you can do that on whatever port you like. If your home server is set up to accept ssh connections on port 443 (generally used for https), then the only way an ISP would be able to block that is by specifically blacklisting your home server, which they're unlikely to do, or blacklisting https, which they're not going to do.
posted by flabdablet at 1:54 AM on November 14, 2010

Problem is that TCP over TCP behaves very poorly. Combined with a flaky mobile connection, you might not be able to do much with that setup. (That's why most VPN software is UDP; so that the application-level TCP is not affected by the tunnel-level TCP. Here's an article about it: Why TCP over TCP is a bad idea.)
posted by jrockway at 3:26 AM on November 14, 2010 [1 favorite]

From just your description, I'm not convinced that your provider is blocking PPTP. PPTP authentication (in my experience) happens within the GRE tunnel. If they were blocking GRE, you would get timeouts during authentication. The way to tell for sure is to connect to a known working wifi (your home network) and try to VPN from there.

If it is your provider, consider OpenVPN, if there's an Android app for it. You could then setup and OpenVPN tunnel to your home system, and have your home system connected to PPTP. I think the split-routing necessary might get ugly, but you're going to have that problem with any of these setups.
posted by mad bomber what bombs at midnight at 10:00 AM on November 14, 2010

There aren't very many settings in android for pptp and theres no way to forward ports in the "standard" ports range using connect bot for ssh forwarding.

Basically I just want to push all of my data coming out of my phone over the 3g network to a vpn to reclaim my privacy on the network I simply don't trust bell. I'm open to any ideas that may come up as to how to do this.
posted by Chamunks at 3:34 PM on November 14, 2010

There does appear to be a certain amount of OpenVPN support for Android. I expect it will only get better.
posted by flabdablet at 6:38 PM on November 14, 2010

« Older Hal, this is your grandmother speaking.   |   travelstar went nova Newer »
This thread is closed to new comments.