8 Replies Latest reply: Aug 27, 2013 1:34 AM by Bunnyfu
pfzt Level 1 Level 1 (5 points)

Hi

 

I have a VPN which works absolutely fine with various (Apple) products. However, I have never managerd to get an Android device to connect to the VPN. Would anyone have any clue as to how to work around this?

 

FWIW, the VPN is set up to use L2TP over IPSec with a shared secret. The gateway firewall is set up to allow pass through for VPN protocols and the appropriate ports have been mapped to the server. The system works fine for Macbooks of various flavours, iPod, iPad and I believe it's been tested with a Windows box (may have turned on PPTP for that. Can't remember). All this points to a flaw in the Android VPN client - which seems to be something of a known issue but beyond my understanding.

 

With the above in mind, anyone got a sensible work around (other than the daft suggestion that someone will inevitably make wrt buying an iPhone)?

 

TIA

 

Simon

  • 1. Re: Snow Leopard Server VPN and Android Client
    l4r5 Level 1 Level 1 (0 points)

    Hi,

    I have the same issue with Android devices, my Mac's (iphone, ipad, etc..) and Windows boxes work fine using VPN.

    My Android smartphone can't connect the server using VPN L2PT (no connection on the server side) and using VPN PPTP it started the connection but after a few seconds the server hang up because the LCP time out (I saw it on the server side).  Apparently it does not recognize my login and password.

    I really don't know how to solve this issue!

    Best.

  • 2. Re: Snow Leopard Server VPN and Android Client
    Drew Reece (Re:co) Level 2 Level 2 (310 points)

    I'm seeing similar things too. I have managed to get a Galaxy Tab (Android 3.2) to connect via PPTP to a Mac Server, but L2TP doesn't want to connect from Android, an iPhone will connect with the same L2TP settings.

     

     

    It's worth checking Firewall logs at the router & on the server, the 'Network Services Admin v10.6.pdf' has the VPN Firewall ports listed on page 143 for VPN's.

    http://manuals.info.apple.com/en_US/NetworkSvcs_v10.6.pdf

  • 3. Re: Snow Leopard Server VPN and Android Client
    Fat Freddie's Cat Level 1 Level 1 (0 points)

    The necessary ports are mapped to the server. I'll devote another half hour or so looking at this soon but I think it's an Android 2.4.x issue so I'm probably wasting my time. Having said this, I may see whether I can get a Windows phone to connect.

     

    Simon

  • 4. Re: Snow Leopard Server VPN and Android Client
    gracoat Level 3 Level 3 (660 points)

    If you're only using a VPN connection, then technically you shouldn't need to open up any ports to various services on your firewall.  VPN Clients will appear on the local network that the firewall is protecting.

     

    I'd suggest setting up two VPN Solutions on your firewall if it'll allow it.

     

    I know that the basic ones won't but that'll fix the problem.

     

    The other option is to not use L2TP.  Any of the other ones will work on the apple devices as well.

     

    -Graham

  • 5. Re: Snow Leopard Server VPN and Android Client
    Fat Freddie's Cat Level 1 Level 1 (0 points)

    FWIW, I've just got my Nexus 7 running Android 4.1.x to set up a VPN connection to my Mac server using PPTP (as opposed to L2TP over IPSec). Seems to work fine.

     

    Simon

  • 6. Re: Snow Leopard Server VPN and Android Client
    WingC3 Level 1 Level 1 (0 points)

    Fat Freddie, we're thrilled you got it working on your Nexus 7, would you care to share HOW you got it up and working? What were the server settings.  I'm trying to get it setup on a Nexus 4 running 4.2.1, and it is getting the same LCP timeout in the logs that the poster "l4r5"  was reporting.

    Did you get this and solve it?

     

    Here are my config settings:

    vpn:vpnHost = ""

    vpn:Servers:com.apple.ppp.pptp:Server:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.pptp:Server:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.pptp:Server:MaximumSessions = 128

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedSearchDomains:_array_index:0 = "home"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.1.1"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:1 = "<redacted>"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:2 = "192.168.1.11"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:0:SharedSecret = "1"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:0:Address = "1.1.1.1"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:1:SharedSecret = "2"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:1:Address = "2.2.2.2"

    vpn:Servers:com.apple.ppp.pptp:enabled = yes

    vpn:Servers:com.apple.ppp.pptp:Interface:SubType = "PPTP"

    vpn:Servers:com.apple.ppp.pptp:Interface:Type = "PPP"

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoFailure = 5

    vpn:Servers:com.apple.ppp.pptp:PPP:DisconnectOnIdle = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorEAPPlugins:_array_index:0 = "EAP-RSA"

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorACLPlugins:_array_index:0 = "DSACL"

    vpn:Servers:com.apple.ppp.pptp:PPP:CCPEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:IPCPCompressionVJ = 0

    vpn:Servers:com.apple.ppp.pptp:PPP:ACSPEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoInterval = 60

    vpn:Servers:com.apple.ppp.pptp:PPP:MPPEKeySize128 = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorProtocol:_array_index:0 = "MSCHAP2"

    vpn:Servers:com.apple.ppp.pptp:PPP:MPPEKeySize40 = 0

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorPlugins:_array_index:0 = "DSAuth"

    vpn:Servers:com.apple.ppp.pptp:PPP:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.pptp:PPP:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:DisconnectOnIdleTimer = 7200

    vpn:Servers:com.apple.ppp.pptp:PPP:CCPProtocols:_array_index:0 = "MPPE"

    vpn:Servers:com.apple.ppp.pptp:IPv4:ConfigMethod = "Manual"

    vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges:_array_index:0 = "192.168.1.240"

    vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges:_array_index:1 = "192.168.1.254"

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteAddresses = _empty_array

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteTypes = _empty_array

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteMasks = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:Server:LoadBalancingAddress = "1.2.3.4"

    vpn:Servers:com.apple.ppp.l2tp:Server:MaximumSessions = 128

    vpn:Servers:com.apple.ppp.l2tp:Server:LoadBalancingEnabled = 0

    vpn:Servers:com.apple.ppp.l2tp:Server:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.l2tp:Server:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedSearchDomains:_array_index:0 = "home"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.1.1"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:1 = "<redacted>"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:2 = "192.168.1.11"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:0:SharedSecret = "1"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:0:Address = "1.1.1.1"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:1:SharedSecret = "2"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:1:Address = "2.2.2.2"

    vpn:Servers:com.apple.ppp.l2tp:enabled = yes

    vpn:Servers:com.apple.ppp.l2tp:Interface:SubType = "L2TP"

    vpn:Servers:com.apple.ppp.l2tp:Interface:Type = "PPP"

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoFailure = 5

    vpn:Servers:com.apple.ppp.l2tp:PPP:DisconnectOnIdle = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorEAPPlugins:_array_index:0 = "EAP-KRB"

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorACLPlugins:_array_index:0 = "DSACL"

    vpn:Servers:com.apple.ppp.l2tp:PPP:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:IPCPCompressionVJ = 0

    vpn:Servers:com.apple.ppp.l2tp:PPP:ACSPEnabled = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoInterval = 60

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoEnabled = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorProtocol:_array_index:0 = "MSCHAP2"

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorPlugins:_array_index:0 = "DSAuth"

    vpn:Servers:com.apple.ppp.l2tp:PPP:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.l2tp:PPP:DisconnectOnIdleTimer = 7200

    vpn:Servers:com.apple.ppp.l2tp:IPSec:SharedSecretEncryption = "Keychain"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:LocalIdentifier = ""

    vpn:Servers:com.apple.ppp.l2tp:IPSec:SharedSecret = "com.apple.ppp.l2tp"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:AuthenticationMethod = "SharedSecret"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:RemoteIdentifier = ""

    vpn:Servers:com.apple.ppp.l2tp:IPSec:IdentifierVerification = "None"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:LocalCertificate = "&lt;&gt;"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:ConfigMethod = "Manual"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:DestAddressRanges:_array_index:0 = "192.168.1.224"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:DestAddressRanges:_array_index:1 = "192.168.1.239"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteAddresses = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteTypes = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteMasks = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:L2TP:Transport = "IPSec"

     

     

    Can you see any discrepancy?

    Thanks in advance.

  • 7. Re: Snow Leopard Server VPN and Android Client
    dotpage Level 1 Level 1 (0 points)

    I am also looking for the answer to this... Updates please?

  • 8. Re: Snow Leopard Server VPN and Android Client
    Bunnyfu Level 1 Level 1 (0 points)

    Same problem. Macs, Windows machines and iOS devices all connect to our lion server's VPN. However, android devices will not.

     

    Looks like Apple pulled a fast one on android users. Easy to miss, but extremely game breaking for people that rely on a mac-based server infrastructure.

     

    Looks like our android-switchers will be back to iOS in no time. No other option.