Jump to content


Photo

Connect Android to VPN

Android VPN

  • Please log in to reply
6 replies to this topic

#1 Cormac

Cormac
  • Members
  • 1 posts

Posted 05 December 2015 - 05:08 AM

Hi, I’m trying to connect devices to a VPN with preshared keys.

It works in iOS with the minimal of settings. But its not working with Android.

I tried a number of devices / settings / VPN apps. Doesn’t seem to be any app out there that gives you full control to manually match Barracuda firewall settings.

 

 

 

iPhone, these built in VPN settings work: type = IPSec / Server / account & password / Group & Secret

 

Android equivalent settings: IPSec XAuth PSK / IPSec identifier (the Group name) / IPSec preshared key (the group secret) / Username & Password

 

 



#2 Gavin Chappell

Gavin Chappell
  • Moderators
  • 412 posts
  • LocationNottingham, UK

Posted 06 December 2015 - 01:09 PM

Because of the way IPsec works, everything in a proposal has to match - the issue here is probably that you're using the default Phase 1 and Phase 2 lifetimes which (I think) work for iOS only. When your Android client sends its proposals, these lifetimes may be outside of the min/max bounds configured on the NG which means that even though everything else (group name, PSK) matches, the proposal as a whole is rejected.

 

I can't remember what settings I use in the office, but they work so I'll try and remember to find out what they are. Alternatively, you could speak to your salesperson about upgrading to a Premium Remote Access license and taking advantage of CudaLaunch which can automatically provision an IPsec connection on iOS, and the Barracuda proprietary TINA protocol on Android.



#3 Michael Zoller

Michael Zoller
  • Barracuda Team Members
  • 205 posts

Posted 07 December 2015 - 01:46 AM

Just to fill up what Gavin already said with the links to instructions: Use the encryption and timing settings in this how to for the client to site VPN. They work for both iOS and Android:

https://techlib.barr...ConfigIPsecPSK

 

use these Instructions to set up the VPN on your Android device:

https://techlib.barr...teIPsecAndroid

 

If you decide to give CudaLaunch a try (license for one use is included on every firewall):

https://techlib.barr...F62/CudaLaunch

and

https://techlib.barr...onfigCudaLaunch



#4 Rohit Maheshwari

Rohit Maheshwari
  • Members
  • 1 posts

Posted 10 December 2015 - 08:43 AM

Hi Gavin

 

Is it possible you can share the Client-VPN settings on the firewall that work with Android?

 

Thanks



#5 Michael Zoller

Michael Zoller
  • Barracuda Team Members
  • 205 posts

Posted 10 December 2015 - 08:52 AM

Hi Rohit,

Use the settings in this article: They work with both iOS and Android:
https://techlib.barr...onfigIPsecPSK 



#6 Alexander Esser

Alexander Esser
  • Members
  • 3 posts

Posted 25 August 2016 - 04:16 AM

Not working for me with Android 5.0.2

Seems Android will have SHA256: "phion_p2_check_conf: Attribute [AUTHENTICATION_ALGORITHM]: wanted=[HMAC_SHA2_256] config=[HMAC_SHA]" and iPhone will not work with SHA256...
 



#7 Michael Zoller

Michael Zoller
  • Barracuda Team Members
  • 205 posts

Posted 25 August 2016 - 04:35 AM

Hi,

In general Android 6.0 and higher required SHA256, and 5.2 and lower (+iOS) requires SHA in Phase II. You can work around this via different VPN Group Policies for Android and iOS users. For Android these statements refer to stock-Android as found on Nexus devices. Some Android devices may use different settings, or even different VPN clients.

 

https://campus.barra...gIKEv1IPsecPSK/