Route all traffic from Android through OpenVPN

Hi all,

could you give me any advice or links how to redirect all traffic from Android through Turris Omnia OpenVPN?

I have configured OpenVPN with Foris interface and I have OpenVPN client installed and configured (import of generated config file) on Android phone. And, I don’t know how to redirect all traffic through this connection.

Thank you for tips.

1 Like

This is discussed in this thread:
https://forum.turris.cz/t/openvpn-server-easy-and-fast/3674/20

You want to set up Wifi to route only android traffic and not other traffic through OpenVPN? This is going to require advanced OpenVPN and network configuration and probably is beyond the scope of support you’re going to find here. You’d be better off asking for help on the official OpenVPN forums.

Just a tip, you’re probably going to have to set up routing either only one wifi network (easier) or routed specifically by MAC address of your android devices (harder). If you’re not familiar with networking then you’re going to have to crash course it. But this is the kind of custom configuration people pay network engineers for.

Ok, I think what you’re saying is you want to set up an OpenVPN server on your Omnia, and use your Android device as a client when you are away from your home (or wherever you have your Omnia set up), is that correct?

If you are trying to set up OpenVPN server on your Omnia and the client on your Android device and use your Android device while it’s on the Omnia Wifi, well yes, all your communication is just going to go through the Omnia, you’re already on the same network.

Anyway, if the first case is what you’re trying to do, you’ll need to configure the OpenVPN server on your Omnia. Set up a client configuration file on your Android device and connect. If you search with google you should find many guides and how-tos explaining the procedure, some of which may be specific to your Android device and OpenVPN application on that device (sorry, I have no idea what you’re using, so I can’t be of much help there). You may be able to use Android’s built-in VPN as well, again it depends on your software version and Android device.

If you want to check if you’re being routed through your VPN, the simplest way is to use a web site like whatismyipaddress.com or the like, see if it’s coming from your Omnia or your cellular provider (if you’re android is on a cell network).

Sorry, but you’re just not providing enough information for specific answers, so hopefully this will get you started.

@RadoslavCap did you look into “Always on VPN” ?
It is an option located in Settings >>> More… >>> VPN >>> click the gear.
Doesn’t work with the official OVPN all yet but it does with this one: OpenVPN for Android (OpenVPN without root) - https://f-droid.org/app/de.blinkt.openvpn

If you rename the *.conf file to *.ovpn you can even import the configuration automagically :grin:

Are you looking in the app for always on vpn?
It is located in settings: Settings >>> More (under “Wireless and networks”) >>> VPN >>> tap the gear >>> tap the switch next to Always-on VPN.

That is the whole point, right? To route all the traffic from your Android device through your VPN server.
What does the logs on both the Android device and the TO say?

Po spuštění dostanu takovýto výstup

does not specify a protocol, assuming TCP+UDP
 * Clearing IPv4 filter table
 * Clearing IPv4 nat table
 * Clearing IPv4 mangle table
 * Clearing IPv4 raw table
 * Populating IPv4 filter table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
Warning: fw3_ipt_rule_append(): Can't find target 'input_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'output_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'forwarding_vpn_turris_rule'
   * Rule 'Allow-DHCP-Renew'
   * Rule 'Allow-Ping'
   * Rule 'Allow-IGMP'
   * Rule #7
   * Rule #8
   * Rule 'no_torrent'
   * Rule 'vpn_turris_rule'
   * Forward 'lan' -> 'wan'
   * Forward 'vpn_turris' -> 'lan'
   * Forward 'lan' -> 'vpn_turris'
   * Forward 'vpn_turris' -> 'wan'
 * Populating IPv4 nat table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_vpn_turris_rule'
 * Populating IPv4 mangle table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
 * Populating IPv4 raw table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
 * Clearing IPv6 filter table
 * Clearing IPv6 nat table
 * Clearing IPv6 mangle table
 * Clearing IPv6 raw table
 * Populating IPv6 filter table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
Warning: fw3_ipt_rule_append(): Can't find target 'input_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'output_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'forwarding_vpn_turris_rule'
   * Rule 'Allow-DHCPv6'
   * Rule 'Allow-MLD'
   * Rule 'Allow-ICMPv6-Input'
   * Rule 'Allow-ICMPv6-Forward'
   * Rule #7
   * Rule #8
   * Rule 'no_torrent'
   * Rule 'vpn_turris_rule'
   * Forward 'lan' -> 'wan'
   * Forward 'vpn_turris' -> 'lan'
   * Forward 'lan' -> 'vpn_turris'
   * Forward 'vpn_turris' -> 'wan'
 * Populating IPv6 nat table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_vpn_turris_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_vpn_turris_rule'
 * Populating IPv6 mangle table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
 * Populating IPv6 raw table
   * Zone 'lan'
   * Zone 'wan'
   * Zone 'vpn_turris'
 * Set tcp_ecn to off
 * Set tcp_syncookies to on
 * Set tcp_window_scaling to on
 * Running script '/usr/share/firewall/turris'
 * Running script '/etc/firewall.d/with_reload/firewall.include.sh'
 * Running script '/usr/share/miniupnpd/firewall.include'

Ty warningy tam jsou správně? Protože mi to stále nefunguje.

Yes it works good without problems.
Thanks for help and solution