Push the Tunnels button on the main screen to get to the tunnel list screen, which is shown in the following screen shot.
The tunnel list screen shows a list of all configured VPN tunnels. The screen shot has two VPN tunnels configured, they are named vpn-us and vpn-jp and have VPN servers vpn-us.corp.example.com and vpn-jp.corp.example.com.
To add your first VPN tunnel, push the Add button, which takes you to the tunnel edit screen. Other than that, there are a few other things that you can do on this screen. There are slight differences between Android tablets and Android phones:
Android tablets - A short tap on a configured VPN tunnel takes you to the tunnel edit screen and allows you to edit the tunnel. Moreover, a long tap on a configured VPN tunnel shows a delete button for the tunnel and allows you to delete the tunnel.
Android phones - A short tap on a configured VPN tunnel connects the tunnel. Moreover, a long tap on a configured VPN tunnel displays further options in a dialog box. Pushing the Edit button in the dialog box takes you to the tunnel edit screen and allows you to edit the tunnel. Pushing the Delete button in the dialog box deletes the tunnel. Finally, pushing the Cancel button in the dialog box just closes the dialog box without taking any action.
Pushing the back button of your device always takes you back from the tunnel list screen to the main screen, on tablets as well as on phones.
A new or existing VPN tunnel is configured on the tunnel edit screen, which is shown in the following screen shot.
Let us take a look at the individual settings.
Name. This assigns a name to the VPN tunnel. The name is displayed on the tunnel list screen. In addition, on Android tablets the tunnel to connect is specified by entering its name. See the section Connecting A VPN Tunnel for details on this.
Store Credentials. This tells FEAT VPN to store the user name and password(s) that you enter when establishing this VPN tunnel. When you later establish this VPN tunnel again, FEAT VPN uses the stored credentials and you do not have to re-enter them. This is convenient, but it is also risky. If an attacker gains access to your Android device, she will be able to retrieve the stored VPN credentials. FEAT VPN applies encryption and file system permissions to make credential theft harder. But it does remain a risk.
Configuration. The configuration of this VPN tunnel. FEAT VPN supports configurations in the two most common formats:
Configurations can be loaded from the tunnel edit screen. Consult the section Loading Configurations for more information.
The following configuration options need to be controlled by FEAT VPN for proper operation:
dev, dev-type, dev-node, iproute, socks-proxy, askpass, auth-user-pass, auth-retry, auth-nocache, ifconfig-noexec, route-noexec, route-delay, up-delay, persist-tun, user, group, chroot, cd, setcon, mlock, daemon, syslog, inetd, log, log-append, writepid, status, replay-persist-file
When a configuration is loaded, these options are stripped from the .ovpn file.
Address. This is the IP address or DNS name of the VPN server. it is taken from the remote option in the .ovpn file.
CA Certificate. This is the file name of the CA certificate. It is taken from the ca option in the .ovpn file.
User Certificate. This is the file name of the certificate used to authenticate with the VPN server. It is taken from the cert option in the .ovpn file.
User Key. This is the file name of the private key used to authenticate with the VPN server. It is taken from the key option in the .ovpn file.
TLS Key. This is the file name of the shared TLS authentication key for the HMAC authentication of VPN packets. It is taken from the tls-auth option in the .ovpn file.
Secret Key. This is the file name of the pre-shared static encryption key, if SSL is not used. It is taken from the secret option in the .ovpn file.
In order to save the settings for a VPN tunnel, simply push the back button on your device to return from the tunnel edit screen to the tunnel list screen. In order to abandon your changes to a VPN tunnel, push the Cancel button at the top of the tunnel edit screen.
Push the Load button on the tunnel edit screen to get to the file browser screen, which is shown in the following screen shot.
Initially, the file browser screen shows the content of the root directory of the SD card. Tap on a subdirectory to switch to the subdirectory and show its content. Push the Parent button to return to the parent directory. Push the Home button to return to the root directory of the SD card.
The current directory is always displayed above the directory content. Here's what kind content is displayed for a directory:
In particular, all other files are filtered and not displayed. We are only interested in VPN configurations, after all.
The screen shot shows that the current directory is the download directory of the web browser, /mnt/sdcard/download, which contains two VPN configurations: the ZIP archive vpn-jp.zip and the self-contained VPN configuration file vpn-us.ovpn.
Tapping on a configuration loads it and takes you back to the tunnel edit screen. Push the back button of your device to return to the tunnel edit screen without loading any configuration.
Instead of navigating through layers of subdirectories to a configuration, you can also simply push the Search button. It searches the current directory and, recursively, all subdirectories beneath it for configurations, i.e., for files with names ending in .zip or .ovpn. The Search button takes you to the search screen, which is shown in the following screen shot.
The screen shows the start directory of the search, /mnt/sdcard, and the search results: vpn-jp.zip and vpn-us.ovpn. For each result the file name of the configuration and the directory in which it is located is given. In the screen shot, both configurations were found in /mnt/sdcard/download.
Tap on a search result to load the configuration and return to the tunnel edit screen. Push the back button of your device to return to the file browser screen without loading any configuration. While the search is running, search statistics are periodically updated. Push the Cancel button to abort the ongoing search.