Monday, March 9, 2015

Connecting to a Netgear Nighthawk VPN with Android

According to Netgear, neither iOS or Android devices are supported by Netgear OpenVPN routers. This post is in reference to Android only, so don't make much of my comments if you are looking for iOS help. The lack of Netgear VPN support for Android is for two sensible reasons, though they aren't explained by Netgear.

  1. Netgear uses OpenVPN. Most built-in in VPN support on mobile devices is intended for use with PPTP VPNs, not OpenVPN. At first, you might be frustrated with Netgear for using a protocol without the widest support, but they have very good reason: security. PPTP is the least secure VPN protocol. Even Microsoft, who helped to develop PPTP, advises using a different VPN protocol for security reasons. BestVPN put together a great comparison of VPN protocols that reiterates the issues with PPTP and makes the advantages to OpenVPN clear. After reading this, you may be thanking Netgear for selecting OpenVPN and questioning their competitors for sticking with PPTP VPNs.
  2. Netgear's OpenVPN is TAP, not TUN. OpenVPN is operated in one of two main modes: TAP or TUN. The main difference being that TAP is layer 2 and works more like a switch or bridge and TUN is layer 3 and works on the network level to route packets on the VPN. Netgear isn't very obvious that it utilizes TAP and that is a problem for Android users as Android only supports TUN. Download most any OpenVPN client on Android and you'll be trying to make a TUN connection, which simply won't work with Netgear.
The simple solution, an Android app called OpenVPN Client. This is the only OpenVPN client on Android that currently supports TAP as far as I am aware. It also is a stable app with good developer support. Before you go and install this app and start trying to connect, let me save you a few headaches and save the developer from some support emails as well.

To connect your Android to 4.0+ device to your Netgear Nighthawk OpenVPN:
  1. Setup your VPN on your router as per steps 1-6 on these instructions from Netgear.
  2. Download the "Windows" setup zip from your router. 
  3. Extract the files to a dedicated/new folder on your Android where you can easily find them.
  4. Install the PAID version of the OpenVPN Client app (the free version does not support TAP)
  5. Tap the circular green "+" icon when you open the app. 

  6. Select Import VPN.
  7. Navigate to the folder where you extracted the setup files in step 3 and select the .opvn file.
  8. Open the new VPN connection in the app and select the Edit icon.
  9. Select Custom Options. 

  10. Add the option "route-gateway" with the value set to (in most cases, your local network).
  11. Save changes and connect to the VPN.
OpenVPN Client is well worth the money and you'll be off to taking full advantage of your Netgear Nighthawk OpenVPN TAP VPN via your Android anywhere you may go.