abdullah alshalan garrett drown team 3 cse591: virtualization and cloud computing

Abdullah AlshalanGarrett Drown

Team 3

CSE591: Virtualization and Cloud Computing

OutlineProject GoalBrief Project BackgroundCurrent Network LayoutRoadmap of our ProjectDevelopmentSummaryChallenges Faced


Project Goal

Provide users of Android devices with several reliable options for accessing a cloud via a VPN connection.


Technical BackgroundThere are several different protocols users

may wish to use.PPTP

With encryption Without encryption

L2TP Plain IPSec PSK IPSec CRT

SSL


SSLSecure Socket Layer (SSL):Encrypt everything above the Transport

Layer.Uses certificates for authenticationAlways uses the strongest encryption that

both the server and client support.


Roadmap of ProjectBy midterm:Set up, document, and test all possible server and

protocol combinations with the native Android client. (Completed)

Place a web server inside our VPN. (Completed)By final:Have L2TP IPSec with Certificates working (Completed)Set up an SSL VPN Server (with OpenVPN) (Completed)Set up an SSL VPN client for Android (Completed)Website/Program for Registration (Completed)Documentation of how we did what we did (Completed)If time permits: Set up the native client to automatically

reconnect when the connection is lost. (80% Completed)CSE591: Virtualization and Cloud Computing

Native Android ClientWe have successfully set up the native

Android VPN client to work with the following configurations:Linux using L2TPLinux using L2TP IPSec PSKLinux using L2TP IPSec CRTWindows using PPTP with no encryptionWindows using PPTP with encryptionWindows using L2TPWindows using L2TP IPSec PSK


Native Android ClientFor each of the

configurations we have documented the steps we took to set up the VPN Servers and the VPN clients on the Android device.This allows others to easily

reproduce and expand on our work.

This documentation now includes screenshots to assist future users with the set up process.


OpenVPN ServerThe native Windows VPN

Server does not support SSL VPN connections.

To support SSL, we installed the OpenVPN Server on the Windows server.The OpenVPN also provides the means for creating

the certificates used by the clients.


OpenVPN ClientThe native Android VPN

client also does not support SSL VPN connections.

To provide SSL VPN functionality, we installed the OpenVPN client on to the Android and configured it to work with the OpenVPN Server.

Our documentation was updated to include how to set up the OpenVPN Server on the Windows server and the OpenVPN client on the Android.


Network Layout & InfrastructureServer/ Client

Linux ServerUbuntu Server

10.10

Windows Server 2003

L2TP L2TP CRT

L2TP PSK

SSL VPN

PPTP w/Enc

PPTP No Enc

L2TP L2TP CRT

L2TP PSK

SSL VPN

Native Android Client

3rd PartyAndroid


We also installed a web-based SSL VPN (Adito) on a Windows server. However, it did not work with Android because the client agent needs a Java Run-time machine which Android lacks.

MobiCloud VPNThere are a few

shortcomings of the native Android VPN client.

Because of this, we have developed a new interface for configuring and managing new, existing, and/or active VPN connections.


It provides:Easier access for creating VPN connectionsEasier management of VPN connectionsAutomatic reconnect functionalityProvides users with an easy method for registering

MobiCloud VPNThe registration window

allows users to conveniently register with the VPN Server.

Immediately after registering users are able to access the VPN using the information they provided.


Challenges FacedSetting up Linux VPN Servers

Limited DocumentationPersonal solutions provided onlineCompatibility issues

Setting up the OpenVPN server and clientVery little documentation

Documentation became outdated for each major update to the Android operating system.

Little documentation for (safely) rooting the phone and gaining access to the Droid file system.


Challenges FacedDeveloping the new Android interface

The VPN APIs are not made publicly available or documented.

Required us to go through source code and use unofficial Android Java classes

No documentation providedNo comments in the codeHad to read through all of the code and

understand what it is doing and how it is doing it


Demo


Questions?


abdullah alshalan garrett drown team 3 cse591: virtualization and cloud computing

Documents

ssl vpn server

ssl vpn client

openvpn server

native android vpn client

windows server

cloud computing slide

native windows vpn server

openvpn client