- What is your symptom? I think my BBM voice is broken.., or I'm confirming what you see.
I went to just call my bro, which I know worked 1+ years ago, and now it just opens a black active frame. When I disconnected the VPN, the BBM call looked like it was going to go through.
So we need someone with a sniffer to capture the traffic and find out what traffic and port its using to connect to BlackBerry servers.03-13-15 05:16 PMLike 0 - What is your symptom? I think my BBM voice is broken.., or I'm confirming what you see.
I went to just call my bro, which I know worked 1+ years ago, and now it just opens a black active frame. When I disconnected the VPN, the BBM call looked like it was going to go through.
So we need someone with a sniffer to capture the traffic and find out what traffic and port its using to connect to BlackBerry servers.
Posted via CB1003-14-15 01:03 PMLike 0 -
Posted via CB1003-15-15 04:12 PMLike 0 -
Posted via CB1003-16-15 12:59 AMLike 0 -
Posted via CB1003-16-15 08:09 AMLike 0 - Had anyone had a success of using OpenIKED instead of strongSwan as a vpn server for BB10?
Attachment 341776
bℯ��ℯř ฬ�ђ bℓ�ckbℯřřɣ03-16-15 08:29 PMLike 0 - +1 to that. Unable to use BBM calls when connected to VPN.
Found this thread. Thought was something with my settings on server. Using my own ipsec v1 server (pfSense). Everything worked over wifi connected to my server over ipsec, until upgrade to 10.3.1. Now I am getting a black bbm voice calling screen. Call is not being made. Must be something changed in 10.3.1 or a bug.
How to report this to Blackberry?04-02-15 08:55 AMLike 0 - Bbm calls over vpn worked in 10.2.1??
+1 to that. Unable to use BBM calls when connected to VPN.
Found this thread. Thought was something with my settings on server. Using my own ipsec v1 server (pfSense). Everything worked over wifi connected to my server over ipsec, until upgrade to 10.3.1. Now I am getting a black bbm voice calling screen. Call is not being made. Must be something changed in 10.3.1 or a bug.
How to report this to Blackberry?
Posted via CB1004-02-15 11:49 PMLike 0 - Yes! BBM calls and video did work in 10.2.1 over wifi. Not sure if it worked over 3g/4g. Frequently used my ipsec (ikev1) connection all day long and made multiple calls. Never seen the black bbm call screen before updating to 10.3.1.04-03-15 08:58 AMLike 0
- Please add check for bzip2
I just tried script and there were no bzip2 on Contos7 image at my provider.
Does script work on CentOS 7?
Code:The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl. sed: can't read /etc/sysconfig/iptables: No such file or directory Redirecting to /bin/systemctl restart iptables.service Failed to issue method call: Unit iptables.service failed to load: No such file or directory. Starting strongSwan 5.1.3 IPsec [starter]...
Code:[root@localhost ~]# ls /etc/sysconfig/iptables ls: cannot access /etc/sysconfig/iptables: No such file or directory [root@localhost ~]# ls /etc/sysconfig authconfig cpupower firewalld ip6tables-config kdump modules network-scripts rsyslog selinux cbq crond grub iptables-config kernel netconsole rdisc run-parts sshd console ebtables-config init irqbalance man-db network readonly-root saslauthd wpa_supplicant
Thanks05-02-15 01:13 PMLike 0 - Please add check for bzip2
I just tried script and there were no bzip2 on Contos7 image at my provider.
Does script work on CentOS 7?
Code:The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl. sed: can't read /etc/sysconfig/iptables: No such file or directory Redirecting to /bin/systemctl restart iptables.service Failed to issue method call: Unit iptables.service failed to load: No such file or directory. Starting strongSwan 5.1.3 IPsec [starter]...
Code:[root@localhost ~]# ls /etc/sysconfig/iptables ls: cannot access /etc/sysconfig/iptables: No such file or directory [root@localhost ~]# ls /etc/sysconfig authconfig cpupower firewalld ip6tables-config kdump modules network-scripts rsyslog selinux cbq crond grub iptables-config kernel netconsole rdisc run-parts sshd console ebtables-config init irqbalance man-db network readonly-root saslauthd wpa_supplicant
Thanks
Posted via CB1005-02-15 03:33 PMLike 0 -
- Didn't work for me
BB disconnects on timeout without any errors on server.
May 9 16:50:41 localhost charon: 03[NET] received packet: from 216.58.105.210[4500] to 162.248.142.222[4500]
May 9 16:50:41 localhost charon: 03[NET] waiting for data on sockets
May 9 16:50:41 localhost charon: 08[MGR] checkout IKE_SA by message
May 9 16:50:41 localhost charon: 08[MGR] IKE_SA IPSec-IKEv2[11] successfully checked out
May 9 16:50:41 localhost charon: 08[NET] received packet: from 216.58.105.210[4500] to 162.248.142.222[4500] (1708 bytes)
May 9 16:50:41 localhost charon: 08[ENC] parsed IKE_AUTH request 1 [ IDi CERT AUTH CPRQ(ADDR MASK DNS DNS NBNS NBNS VER) N(INIT_CONTACT) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
May 9 16:50:41 localhost charon: 08[IKE] received retransmit of request with ID 1, retransmitting response
May 9 16:50:41 localhost charon: 08[NET] sending packet: from 162.248.142.222[4500] to 216.58.105.210[4500] (524 bytes)
May 9 16:50:41 localhost charon: 08[MGR] checkin IKE_SA IPSec-IKEv2[11]
May 9 16:50:41 localhost charon: 08[MGR] check-in of IKE_SA successful.
May 9 16:50:41 localhost charon: 05[NET] sending packet: from 162.248.142.222[4500] to 216.58.105.210[4500]
May 9 16:50:51 localhost charon: 03[NET] received packet: from 216.58.105.210[4500] to 162.248.142.222[4500]
May 9 16:50:51 localhost charon: 03[NET] waiting for data on sockets
May 9 16:50:51 localhost charon: 12[MGR] checkout IKE_SA by message
May 9 16:50:51 localhost charon: 12[MGR] IKE_SA IPSec-IKEv2[11] successfully checked out
May 9 16:50:51 localhost charon: 12[NET] received packet: from 216.58.105.210[4500] to 162.248.142.222[4500] (1708 bytes)
May 9 16:50:51 localhost charon: 12[ENC] parsed IKE_AUTH request 1 [ IDi CERT AUTH CPRQ(ADDR MASK DNS DNS NBNS NBNS VER) N(INIT_CONTACT) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
May 9 16:50:51 localhost charon: 12[IKE] received retransmit of request with ID 1, retransmitting response
May 9 16:50:51 localhost charon: 12[NET] sending packet: from 162.248.142.222[4500] to 216.58.105.210[4500] (524 bytes)
May 9 16:50:51 localhost charon: 12[MGR] checkin IKE_SA IPSec-IKEv2[11]
May 9 16:50:51 localhost charon: 12[MGR] check-in of IKE_SA successful.
May 9 16:50:51 localhost charon: 05[NET] sending packet: from 162.248.142.222[4500] to 216.58.105.210[4500]
May 9 16:51:02 localhost charon: 07[MGR] checkout IKE_SA
May 9 16:51:02 localhost charon: 07[MGR] IKE_SA IPSec-IKEv2[11] successfully checked out
May 9 16:51:02 localhost charon: 07[MGR] checkin IKE_SA IPSec-IKEv2[11]
May 9 16:51:02 localhost charon: 07[MGR] check-in of IKE_SA successful.
dmz (default, active)
interfaces: ens33
sources:
services: ssh
ports: 500/udp 4500/udp
masquerade: yes
forward-ports:
icmp-blocks:
rich rules:
rule protocol value="esp" accept
rule protocol value="ah" acceptPorts 4500/UDP, 500/UDP, 51/UDP and 50/UDP opened in the firewall.Last edited by I will be back; 05-09-15 at 04:16 PM.
05-09-15 03:52 PMLike 0 -
- Adding 50,51 didn't help and ss(replacement for netstat) didn't show anything listening on the port, so I deleted them.
1701 is not listed anywhere.
Strange.05-09-15 11:48 PMLike 0 -
Code:firewall-cmd --list-all public (default, active) interfaces: ens33 sources: services: ipsec ssh ports: 1701/udp 51/udp 50/udp 2222/tcp 500/udp 4500/udp masquerade: yes forward-ports: icmp-blocks: rich rules: rule protocol value="ah" accept rule protocol value="esp" accept
Try testing your server from outside your home, or disable your Wifi at home and use cell data. For some reason (firewall I'm guessing), it doesn't work for me at home where it does outside or on cell data. It has similar symptom as you, server shows no errors but BB10 says timeout. I had two changes when that problem appeared for me. I changed to Centos 7, and I changed my router from Tomato based router to a Ubnt Edgerouter. I'll try my old Tomato router tomorrow.I will be back likes this.05-10-15 07:06 AMLike 1 - Tried those ports, tried through mobile network - and no luck
At the same time Amazon script works just like a charm. Works from mobile connection and home WiFi.
Thank you for help.
I'll try to talk to my vps provider as I see no other possible cause of trouble.05-10-15 09:41 PMLike 0 -
Are you trying this on an openvz VPS? Doesn't work with openvz.
Did you want to test against my server? You're quite sure you're doing everything right on the phone side? Are you using certificates or pre-shared keys?05-11-15 03:23 AMLike 0 -
as regards blend i am going to guess it has something to do with the changes bb made in 10.3.1. It appears bb services, like bbm voice calling and such worked on previous versions with the vpn connected, but not something has changed. from whats been posted above it also appears the vpn works with android and bbm voice calls. so it has to be something that bb changed with the new version os
have to wait for someone to figure out what was changed and try to make it work again. sorry I could not be of more help but im just happy this thread is still going strong and I just had to post something. I'm actually going through it to see if I can setup the vpn with strongswan and certificates.
i was interested in this because of what was said as a side note in security now.
Security Now 509 | TWiT.TV
it talked about this website which will supposedly provide free certificates. I know I can create my own, but I am wondering about getting the vpn working with publicly issued certs.
https://letsencrypt.org/
if i learn anything new not posted in this thread already ill keep you posted06-02-15 06:33 PMLike 2 - DO NOT use any free VPN service, your traffic is being monitored and your identity and personal information will be stolen.
http://www.personalvpn.org/danger_proxy_servers.htm06-02-15 07:12 PMLike 0 - as a side note, found a really interesting use for both VPN's and AWS. Got it working in under an hour, works good to.
So if your like me and have a crappy laptop, and dont ever plan on upgrading it yet occasionally want to play some highend games, aws can do that. It works along with a VPN, Win2k Server, and Steam. Cost is about $0.50/hr. You also need 10mbit wired or 5ghz wireless net connect
Run your own high-end cloud gaming service on EC2
In his setup I used zerotier option and realvnc viewer for setup. He gives good tips and links to expand on other info. I am not living in the states so my ping ranged from 90ms to 100ms. Not the greatest but it works nicely. You need Steam and you can play any steam game you own or they offer for demo or free. Cost is about $0.50/hr. Not bad, for those who used to go to arcades, I wish 50 cents would last me an hour of gaming.06-03-15 03:52 AMLike 0 - Sorry, guys, I didn't come back here for quite a while. Got lots to do in my real life...
OK, back to VPN things. Does anyone have clear tutorial on Strongswan installation for OpenWRT? I have Asus RT-N56U router at home and it now runs Padavan's modded firmware (based on Asus's OpenWRT). Generally, as it runs 24/7 and has got pretty much unused potential in MHz and MB, I could load it with Strongswan. The setups I found were not really nice enough to script them. I never got it working.
Any additional info would be welcome. I could test it using my gear and publish it on GitHub as well.06-04-15 04:26 PMLike 0 - DO NOT use any free VPN service, your traffic is being monitored and your identity and personal information will be stolen.
http://www.personalvpn.org/danger_proxy_servers.htm
Posted via CB1011-09-15 04:47 AMLike 0 - Has anyone done this with strongswan 5.3.5? There have been a lot of updates and I'd like to use the latest software. I tried following the script but I'm missing something. I'm able to connect to the server, but I can't get out. I believe I have done everything correctly but I have a feeling somehow iptables is causing the trouble.
Actually, it looks like a DNS issue. I can access websites via IP but not by name. The configuration for strongswan changed a bit it looks like and recommends putting the dns entries in another file, which I did, but no luck.12-22-15 02:00 AMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
FREE VPN: Strongswan Ipsec/IKEv2 Z10/Z30/Q10
« BB presenter
|
Guide on how to unlock blackberry passport with picture only even after 5 failed times »
Similar Threads
-
Z30 Wi-Fi connection unstable.
By young guy in forum BlackBerry Z30Replies: 10Last Post: 10-22-13, 10:18 PM -
Line App on BlackBerry Q10
By gnulab in forum BlackBerry Q10Replies: 7Last Post: 10-22-13, 06:12 PM -
How can you copy paste text on the z10?
By Lee Eshelman in forum BlackBerry Z10Replies: 10Last Post: 10-21-13, 01:39 PM -
Z30 not permitting Facebook posting
By rosie_parent in forum General BlackBerry News, Discussion & RumorsReplies: 7Last Post: 10-21-13, 11:21 AM -
How can i update my z10 software 10.2
By chitwan in forum BlackBerry Z10Replies: 2Last Post: 10-21-13, 08:18 AM
LINK TO POST COPIED TO CLIPBOARD