vpn, L2TP and OS issues

[xbrian001]

Hello,

I have been using a Google Nexus 7 Android tablet for a few weeks.

I also just purchased a WiTopia VPN account.

I am new to mobile connectivity; don't have a smart phone and never used my laptop or tablet outside my home network until today.

I have limited to none wireless experience.

Today was the first time I connected to a public wi-fi hotspot with the Google Nexus 7; a hotel across the street.

And, I realized that there must be a brief period of time when the Google Nexus 7 is connected in an "unprotected" state to the "public wi-fi router".

Of course, once connected to the "public wi-fi router", I click the appropriate icons in the Google Nexus 7 to make the connection to the "WiTopia VPN". Unfortunately, I get "unsuccessful" and "timeout" a few times before making a connection. Ugh!

Questions:
1. Should the period of time after I am connected to the "public wi-fi router" but before being connected to the "Witopia VPN" be a concern? For example, what if my hotmail APP decides to check my email at that exact moment in time? The password will go unencrypted.

2. Is there a way to tell the Google Nexus 7 to only use VPN?

This Google Android OS is bumming me out. I was hoping for a modern day secure OS. And I get this thing that needs to see a psychiatrist over L2TP issues; because it can't connect to any over L2TP; the ones I tried.

Thanks for letting me vent.

 

[xbrian001]

in this world justice is blind.

poison is put in our foods as the FDA lines their pockets with Monsanto's gold.

why would I believe any company would act to prioritize my security?

does the APP connect with http or https? Does it use compression on both ends? I'm sorry. I don't know.

 

[rbx0122]

Questions:
1. Should the period of time after I am connected to the "public wi-fi router" but before being connected to the "Witopia VPN" be a concern? For example, what if my hotmail APP decides to check my email at that exact moment in time? The password will go unencrypted.

The period of time before, during the connection and up till the time the vpn is connected is the same as if the vpn had not been initiated.

for the remainder of the question regarding the email example. I would imagine it is https connection and would hope this is the case. How would one check this ? That question is for someone with more knowledge than myself.

2. Is there a way to tell the Google Nexus 7 to only use VPN?

This Google Android OS is bumming me out. I was hoping for a modern day secure OS. And I get this thing that needs to see a psychiatrist over L2TP issues; because it can't connect to any over L2TP; the ones I tried.
.

Yes there is but it uses OpenVpn. Under Gingerbread it was easier to install 2 apps to make your android device do this. I have no idea how this works under Jelly Bean. Please be aware that if you do set your device up with a constant vpn connection you will be using more data and more battery.

1) Are you able to connect to another wifi spot ? Were you able to connect to the selected gateway before ?
2) Can you connect through 3g/4g LTE ?
3) How about trying another gateway ? Maybe the current gateway is down.
4) Can you connect through another protocol such as pptp or ovpn ?

Its possible that the firewall is not letting you through on the default ports. You can try alternate ports if your vpn provider has them.
A good vpn provider should provide alternate ports, protocols and gateways for a reasonable monthly fee.

Please remember that a vpn like what you are using only encrypts traffic from your device to the the vpn provider. From the vpn provider to the web site you are connecting to is not encrypted.

So to use your example earlier with hotmail and if they are using plain text passwords. From your device to the vpn provider your plain text password word would be encrypted by the the vpn tunnel. From the vpn provider to hotmail the plain text password would not be encrypted to hotmail. At least this is my understanding. Someone please correct me if wrong.

This Google Android OS is bumming me out. I was hoping for a modern day secure OS. And I get this thing that needs to see a psychiatrist over L2TP issues; because it can't connect to any over L2TP; the ones I tried.

By the way not being able to connect with L2TP/IPsec has nothing to do with the Android OS.

 

[Scarab]

In the status bar you'll see an icon or graphic of a door key when connected using the vpn. No key in the status bar, no vpn.

If you log into your email or websites with an https url, you're login info is encrypted without a vpn connection, but I think it depends if the email or websites send the content in a secure fashion after that. You could disable background sync, connect to wifi, fire up your vpn, then use email and turn on sync.

I use Witopia and it's working very well, no complaints. In fact their chat support feature provides pretty quick response when you have questions. I have an Asus Infinity and an SG3, one has ice cream sandwich, the other has jelly bean, so it does matter which Witopia server you're trying to connect to.

 

[anon(924308)]

Try Cisco's AnyConnect app. Although, it didn't work for me, but I suspect that was either an issue with my device, or an issue with my school's VPN blocking android devices.

 

[papajonpizza]

Today was the first time I connected to a public wi-fi hotspot with the Google Nexus 7; a hotel across the street.

And, I realized that there must be a brief period of time when the Google Nexus 7 is connected in an "unprotected" state to the "public wi-fi router".

Of course, once connected to the "public wi-fi router", I click the appropriate icons in the Google Nexus 7 to make the connection to the "WiTopia VPN". Unfortunately, I get "unsuccessful" and "timeout" a few times before making a connection. Ugh!

Questions:
1. Should the period of time after I am connected to the "public wi-fi router" but before being connected to the "Witopia VPN" be a concern? For example, what if my hotmail APP decides to check my email at that exact moment in time? The password will go unencrypted.

2. Is there a way to tell the Google Nexus 7 to only use VPN?

1. As others have pointed out, hotmail app would probably have supplied an encrypted password. Only way to verify is to connect to your home net and run pen-testing on the Nexus 7. Other apps otoh....

2. Perhaps, but only way I know is too long and too difficult on the N7. a. connect to the wireless, quickly jot down ip address info (ip and gateway) and turn off wireless. b. turn on wireless, long press the SSID, and put static IP , no gateway, DNS to 8.8.8.8. c. via terminal, busybox route add to 8.8.8.8 pointed to the gateway.................................. Still a few seconds before turning off wireless could have sent some unwanted info. My advice, don't connect to questionable wifi with the N7

When I used to run MS Windoze and connect to public wifi , I had 2 batch files that was ready to go (one to remove default gateway, the other to static route to my DDWRT home router running openvpn server). Then I run OpenVPN.

I run Linux on my laptop/netbook now (with a winxp on a vm rarely used) . I don't go to the length of removing the public wifi as a default gateway prior to running openvpn client, but I also rarely connect to public wifi nowadays. I always run openvpn to my home router if i connect to a public wifi (starbucks, mcdo, etc). I have my T-mobile comet as a hotspot everywhere i go as the preferred connection.

I still have a backtrack 5 USB flash in my notebook case. I used to have a good interest in pen-testing as part of my (previous) job. A couple of years ago, my friend-colleague from work didn't believe the dangers of open wifi (with no AP isolation), so he said show me. He had his Macbook pro connected to our public wifi. I booted up my netbook with the backtrack 4, ran ettercap, ferret and hamster and only directed to his IP. I told him to surf the net normally. I was about to tell him the things i learned through the hijacked cookies, but i see this username and password kept coming up on ettercap, so read them aloud, he turned red, mumbled something that he wasn't using that program, and quickly closed the Macbook. I guess I proved my point.