Vous êtes sur la page 1sur 6

Android Phone as a VPN Gateway [Bypass Tethering Block]

Firstly, before we go any further you are going to need the following:
1. A rooted Android device
2. A VPN server running (OpenVPN)

How to setup a VPN gateway on Android:

1. First you need OpenVPN Connect installed on your Android device, load OpenVPN Connect config and
connect to your VPN (running/start)..

2. Now go to Settings > More > Tethering & Portable Hotspot and enable the Portable Wi-Fi Hotspot

3. Now open the Android Terminal Emulator, this can also be downloaded from below if its not
present on your device.
(Link: https://my.pcloud.com/publink/show?code=XZDSI4ZhaDAIlRDSejYLPelGk6cASgSGlgk)

4. Type SU to enable super user access (root)

5. Grant super user access to Terminal Emulator if required:

6. Now type netcfg to show the name / status of the various network interfaces:

You will see above I have the following active interfaces:

rmnet0 - This is the phones 2g / 3g or 4g data connection
wlan0 - This is the phones Wi-Fi connection that your devices will be connecting to
tun0 - This is our VPN tunnel that we want to send all the traffic of wlan0 through
These interfaces should have the same name on all modern Android devices, however double check.
You now want to basically type the following in to the Android Terminal Emulator to configure IP tables
to route any traffic from wlan0 (the Wi-Fi hotspot on your phone) through the VPN connection (tun0)
7. Copy and paste the following below:
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from lookup 61
ip route add default dev tun0 scope link table 61
ip route add dev wlan0 scope link table 61
ip route add broadcast dev wlan0 scope link table 61

Tip: copy and paste the above in to the Terminal Emulator to save you typing it out line by line on
your phone and possibly making mistakes. Maybe save it as a txt file on your phones SD card and
copy and paste from that, as I have done below.

8. That basically it for the configuration on your phone, the changes will however be lost when the phone
is reset.
To make the changes permanent create a file called userinit.sh in /data/local and paste all the iptable
commands in it. This will basically run the IP tables commands again when the phone boots, saving
you from doing so manually.
An easy way to do this is with Root Explorer which can be downloaded below.
(Link: https://my.pcloud.com/publink/show?code=XZmBI4ZFNL4V1xkGGVNlmU8qm2fbpad7WSy)

On your client devices:

9. The only configuration you need to do on your client devices is set the DNS server to point to the DNS
server on the network you have connected to with your VPN, this would basically be the IP address of
your home router unless you have another device configured for DNS queries on your network. I have
no idea how to make Android hand out the correct DNS server unfortunately, were basically playing
with two separate things not designed to work together and making them place nice with a bit of
trickery. However, its a very minor inconvenience to change the DNS settings on your client devices.
Here is how to change the DNS settings on a Windows device, Example: is the ip address
of my home router on the local network, which is the DNS server my client devices use.

10. Once you have changed the DNS server address Windows should be happy it has internet access:

11. Both your mobile phone and any client device connected to it via tethering can access any resources
on your home network, such as network shares: