My work doesn’t allow VPN connections from Android devices. I am running Termux proot and Ubuntu distro. I build openconnect from source and using vn protocol (pulse) and an host checker python I am able to authenticate and get an IP address. What fails is the tunnel setup as don’t have permissions to access /dev/tun.
Looking at options:
- Termux to authenticate using openconnect and Android openvpn to somehow create the tunnel. Don’t know if this is possible
- Try building latest openconnect that supports pulse protocol and hostchecker on Android. There is an Android openconnect version available but it is very old.
Any thoughts?
In order to establish VPN tunnel (in general - all network modifications) using Termux you need root permissions. PRoot won’t work for that because it doesn’t grant root access even if your user may appear as “root”.
Basically no way with your current setup. Either root your device or install some lightweight distribution in QEMU (system emulator). Note that there are some caveats. VPN in chroot or normal Termux won’t work out of box, some manual tinkering with route configuration would be needed. QEMU variant will not redirect traffic of your Android device, it is a VM and whole guest environment is isolated from host.
As OpenConnect and OpenVPN are different protocols, authenticating using the first one and connecting with another is not possible.
I am going to give QEMU a try. Any recommendation for Limbo vs Termux QEMU x86_64 vs Termux QEMU aarch64 or will they all be about the same for performance? I only need to use VNC.
Any recommendation for Limbo vs Termux QEMU x86_64
Limbo is worse because is not stable. The app often crashes and performance seem to be much lower than in Termux QEMU.
I only need to use VNC.
Even though VNC is working, the peformance is about 1 - 3 fps on lightweight GUIs such as Fluxbox. XFCE would have worse performance. Normal web browsers (Firefox and Chromium) are unusable. Saying from my experience.
I setup a WinXP in termux qemu and the performance is decent except the networking is extremely slow (-net user --net nic,model=rtl8139). So VNC refresh rate to my office PC was not acceptable.