Upload
marlene-chandler
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Abdullah AlshalanGarrett Drown
Team 3
CSE591: Virtualization and Cloud Computing
OutlineProject GoalBrief Project BackgroundCurrent Network LayoutRoadmap of our ProjectDevelopmentSummaryChallenges Faced
CSE591: Virtualization and Cloud Computing
Project Goal
Provide users of Android devices with several reliable options for accessing a cloud via a VPN connection.
CSE591: Virtualization and Cloud Computing
Technical BackgroundThere are several different protocols users
may wish to use.PPTP
With encryption Without encryption
L2TP Plain IPSec PSK IPSec CRT
SSL
CSE591: Virtualization and Cloud Computing
SSLSecure Socket Layer (SSL):Encrypt everything above the Transport
Layer.Uses certificates for authenticationAlways uses the strongest encryption that
both the server and client support.
CSE591: Virtualization and Cloud Computing
Roadmap of ProjectBy midterm:Set up, document, and test all possible server and
protocol combinations with the native Android client. (Completed)
Place a web server inside our VPN. (Completed)By final:Have L2TP IPSec with Certificates working (Completed)Set up an SSL VPN Server (with OpenVPN) (Completed)Set up an SSL VPN client for Android (Completed)Website/Program for Registration (Completed)Documentation of how we did what we did (Completed)If time permits: Set up the native client to automatically
reconnect when the connection is lost. (80% Completed)CSE591: Virtualization and Cloud Computing
Native Android ClientWe have successfully set up the native
Android VPN client to work with the following configurations:Linux using L2TPLinux using L2TP IPSec PSKLinux using L2TP IPSec CRTWindows using PPTP with no encryptionWindows using PPTP with encryptionWindows using L2TPWindows using L2TP IPSec PSK
CSE591: Virtualization and Cloud Computing
Native Android ClientFor each of the
configurations we have documented the steps we took to set up the VPN Servers and the VPN clients on the Android device.This allows others to easily
reproduce and expand on our work.
This documentation now includes screenshots to assist future users with the set up process.
CSE591: Virtualization and Cloud Computing
OpenVPN ServerThe native Windows VPN
Server does not support SSL VPN connections.
To support SSL, we installed the OpenVPN Server on the Windows server.The OpenVPN also provides the means for creating
the certificates used by the clients.
CSE591: Virtualization and Cloud Computing
OpenVPN ClientThe native Android VPN
client also does not support SSL VPN connections.
To provide SSL VPN functionality, we installed the OpenVPN client on to the Android and configured it to work with the OpenVPN Server.
Our documentation was updated to include how to set up the OpenVPN Server on the Windows server and the OpenVPN client on the Android.
CSE591: Virtualization and Cloud Computing
Network Layout & InfrastructureServer/ Client
Linux ServerUbuntu Server
10.10
Windows Server 2003
L2TP L2TP CRT
L2TP PSK
SSL VPN
PPTP w/Enc
PPTP No Enc
L2TP L2TP CRT
L2TP PSK
SSL VPN
Native Android Client
3rd PartyAndroid
CSE591: Virtualization and Cloud Computing
We also installed a web-based SSL VPN (Adito) on a Windows server. However, it did not work with Android because the client agent needs a Java Run-time machine which Android lacks.
MobiCloud VPNThere are a few
shortcomings of the native Android VPN client.
Because of this, we have developed a new interface for configuring and managing new, existing, and/or active VPN connections.
CSE591: Virtualization and Cloud Computing
It provides:Easier access for creating VPN connectionsEasier management of VPN connectionsAutomatic reconnect functionalityProvides users with an easy method for registering
MobiCloud VPNThe registration window
allows users to conveniently register with the VPN Server.
Immediately after registering users are able to access the VPN using the information they provided.
CSE591: Virtualization and Cloud Computing
Challenges FacedSetting up Linux VPN Servers
Limited DocumentationPersonal solutions provided onlineCompatibility issues
Setting up the OpenVPN server and clientVery little documentation
Documentation became outdated for each major update to the Android operating system.
Little documentation for (safely) rooting the phone and gaining access to the Droid file system.
CSE591: Virtualization and Cloud Computing
Challenges FacedDeveloping the new Android interface
The VPN APIs are not made publicly available or documented.
Required us to go through source code and use unofficial Android Java classes
No documentation providedNo comments in the codeHad to read through all of the code and
understand what it is doing and how it is doing it
CSE591: Virtualization and Cloud Computing
Demo
CSE591: Virtualization and Cloud Computing
Questions?
CSE591: Virtualization and Cloud Computing