Project

General

Profile

Actions
Copy link

Bug #6114

open

connect a real phone to the epdg to test strongswan ipsec configuration

Added by lynxis 4 months ago. Updated 9 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
lynxis
Target version:
-
Start date:
07/24/2023
Due date:
% Done:

0%

Description

- Provision a simcard using a phone which supports VoiceOverWifi. (there might be allow list for voice over wifi)
- Overwrite the DNS to route traffic to the strongswan
- See how far the traffic flows (no real SIP server at this point).

Actions
Copy link
 #1

Updated by lynxis 10 days ago

  • Status changed from New to In Progress
Actions
Copy link
 #2

Updated by lynxis 10 days ago

  • Assignee set to lynxis

used mcc/mnc: 901/70.

My Pixel 6 (android 14, samsung baseband) with the current graphene os version direct connects to the epdg
epdg.epc.mnc<MNC>.mcc<MCC>.pub.3gppnetwork.org and also opens a IPsec tunnel.

My Pixel 3a (android 12, qualcomm baseband) does the dns request, but later don't try to connect to it.

I've tried to set the carrier permission on both phones using a carrier permissions app (with correct signature). My phones don't have a mobile network to connect.

Trying to look into the log by:
`adb logcat -b radio` didn't helped much further.

# pixel3a
# adb logcat -b radion | grep -i -E '(WFC|wifi)'
11-23 19:10:16.505 21331 21331 D Phone   : isWifiCallingEnabled =false
11-23 19:10:16.505 21331 21331 D CSST    : isPhoneRegisteredForWifiCalling: false
11-23 19:10:16.505 21331 21331 D Phone   : isWifiCallingEnabled =false
11-23 19:10:17.216  2381  2381 E GRIL-WifiExt: unknown wifi status code: 4
11-23 19:10:29.002 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:29.005 21331 21461 D ImsManagerIM [0]: getWfcMode (roaming) - setting=0
11-23 19:10:30.093 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:30.098 21331 21461 D ImsManagerIM [0]: updateWfcFeatureAndProvisionedValues: available = true, enabled = false, mode = 2, provisioned = true, roaming = false, isFeatureOn = false
11-23 19:10:30.140 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:30.143 21331 21461 D ImsManagerIM [0]: getWfcMode (roaming) - setting=0
11-23 19:10:31.018 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:31.022 21331 21461 D ImsManagerIM [0]: updateWfcFeatureAndProvisionedValues: available = true, enabled = true, mode = 2, provisioned = true, roaming = false, isFeatureOn = true
11-23 19:10:31.030 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:31.032 21331 21461 D ImsManagerIM [0]: getWfcMode (roaming) - setting=0
11-23 19:10:31.059 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:31.060 21331 21461 D ImsManagerIM [0]: getWfcMode (roaming) - setting=0
11-23 19:10:33.197 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:34.556 21331 21461 D ImsManagerIM [0]: getWfcMode - setting=2
11-23 19:10:34.557 21331 21461 D ImsManagerIM [0]: setWfcMode(i,b) - setting=0
11-23 19:10:41.203 21331 21331 D Phone   : isWifiCallingEnabled =false
11-23 19:10:41.203 21331 21331 D CSST    : isPhoneRegisteredForWifiCalling: false
11-23 19:10:41.203 21331 21331 D Phone   : isWifiCallingEnabled =false
Actions
Copy link
 #3

Updated by lynxis 10 days ago

I've used a black sysmocom card SJA2 and changed the android fingerprint to match the application.

Actions
Copy link
 #4

Updated by laforge 9 days ago

according to a recent phone conversatoin with an unnamed contact of mine, many commercial
phones actually attempt to open a connection to the ePDG over the default bearer of the 4G/5G network

Not sure if that helps here, just found it curious enough to mention it.

Actions
Copy link

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)