Skip navigation

Snow Leopard Server VPN and Android Client

3698 Views 8 Replies Latest reply: Aug 27, 2013 1:34 AM by Bunnyfu RSS
pfzt Calculating status...
Currently Being Moderated
Dec 9, 2011 2:48 AM

Hi

 

I have a VPN which works absolutely fine with various (Apple) products. However, I have never managerd to get an Android device to connect to the VPN. Would anyone have any clue as to how to work around this?

 

FWIW, the VPN is set up to use L2TP over IPSec with a shared secret. The gateway firewall is set up to allow pass through for VPN protocols and the appropriate ports have been mapped to the server. The system works fine for Macbooks of various flavours, iPod, iPad and I believe it's been tested with a Windows box (may have turned on PPTP for that. Can't remember). All this points to a flaw in the Android VPN client - which seems to be something of a known issue but beyond my understanding.

 

With the above in mind, anyone got a sensible work around (other than the daft suggestion that someone will inevitably make wrt buying an iPhone)?

 

TIA

 

Simon

  • l4r5 Calculating status...
    Currently Being Moderated
    Mar 28, 2012 6:48 AM (in response to pfzt)

    Hi,

    I have the same issue with Android devices, my Mac's (iphone, ipad, etc..) and Windows boxes work fine using VPN.

    My Android smartphone can't connect the server using VPN L2PT (no connection on the server side) and using VPN PPTP it started the connection but after a few seconds the server hang up because the LCP time out (I saw it on the server side).  Apparently it does not recognize my login and password.

    I really don't know how to solve this issue!

    Best.

  • Drew Reece (Re:co) Level 2 Level 2 (310 points)
    Currently Being Moderated
    May 16, 2012 9:27 AM (in response to l4r5)

    I'm seeing similar things too. I have managed to get a Galaxy Tab (Android 3.2) to connect via PPTP to a Mac Server, but L2TP doesn't want to connect from Android, an iPhone will connect with the same L2TP settings.

     

     

    It's worth checking Firewall logs at the router & on the server, the 'Network Services Admin v10.6.pdf' has the VPN Firewall ports listed on page 143 for VPN's.

    http://manuals.info.apple.com/en_US/NetworkSvcs_v10.6.pdf

  • Fat Freddie\'s Cat Calculating status...

    The necessary ports are mapped to the server. I'll devote another half hour or so looking at this soon but I think it's an Android 2.4.x issue so I'm probably wasting my time. Having said this, I may see whether I can get a Windows phone to connect.

     

    Simon

  • gracoat Level 3 Level 3 (645 points)
    Currently Being Moderated
    May 16, 2012 11:03 AM (in response to pfzt)

    If you're only using a VPN connection, then technically you shouldn't need to open up any ports to various services on your firewall.  VPN Clients will appear on the local network that the firewall is protecting.

     

    I'd suggest setting up two VPN Solutions on your firewall if it'll allow it.

     

    I know that the basic ones won't but that'll fix the problem.

     

    The other option is to not use L2TP.  Any of the other ones will work on the apple devices as well.

     

    -Graham

  • Fat Freddie\'s Cat Level 1 Level 1 (0 points)
    Currently Being Moderated
    Oct 11, 2012 7:50 AM (in response to pfzt)

    FWIW, I've just got my Nexus 7 running Android 4.1.x to set up a VPN connection to my Mac server using PPTP (as opposed to L2TP over IPSec). Seems to work fine.

     

    Simon

  • WingC3 Calculating status...
    Currently Being Moderated
    Dec 19, 2012 12:36 PM (in response to Fat Freddie\'s Cat)

    Fat Freddie, we're thrilled you got it working on your Nexus 7, would you care to share HOW you got it up and working? What were the server settings.  I'm trying to get it setup on a Nexus 4 running 4.2.1, and it is getting the same LCP timeout in the logs that the poster "l4r5"  was reporting.

    Did you get this and solve it?

     

    Here are my config settings:

    vpn:vpnHost = ""

    vpn:Servers:com.apple.ppp.pptp:Server:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.pptp:Server:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.pptp:Server:MaximumSessions = 128

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedSearchDomains:_array_index:0 = "home"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.1.1"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:1 = "<redacted>"

    vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_index:2 = "192.168.1.11"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:0:SharedSecret = "1"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:0:Address = "1.1.1.1"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:1:SharedSecret = "2"

    vpn:Servers:com.apple.ppp.pptp:Radius:Servers:_array_index:1:Address = "2.2.2.2"

    vpn:Servers:com.apple.ppp.pptp:enabled = yes

    vpn:Servers:com.apple.ppp.pptp:Interface:SubType = "PPTP"

    vpn:Servers:com.apple.ppp.pptp:Interface:Type = "PPP"

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoFailure = 5

    vpn:Servers:com.apple.ppp.pptp:PPP:DisconnectOnIdle = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorEAPPlugins:_array_index:0 = "EAP-RSA"

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorACLPlugins:_array_index:0 = "DSACL"

    vpn:Servers:com.apple.ppp.pptp:PPP:CCPEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:IPCPCompressionVJ = 0

    vpn:Servers:com.apple.ppp.pptp:PPP:ACSPEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoEnabled = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:LCPEchoInterval = 60

    vpn:Servers:com.apple.ppp.pptp:PPP:MPPEKeySize128 = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorProtocol:_array_index:0 = "MSCHAP2"

    vpn:Servers:com.apple.ppp.pptp:PPP:MPPEKeySize40 = 0

    vpn:Servers:com.apple.ppp.pptp:PPP:AuthenticatorPlugins:_array_index:0 = "DSAuth"

    vpn:Servers:com.apple.ppp.pptp:PPP:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.pptp:PPP:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.pptp:PPP:DisconnectOnIdleTimer = 7200

    vpn:Servers:com.apple.ppp.pptp:PPP:CCPProtocols:_array_index:0 = "MPPE"

    vpn:Servers:com.apple.ppp.pptp:IPv4:ConfigMethod = "Manual"

    vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges:_array_index:0 = "192.168.1.240"

    vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges:_array_index:1 = "192.168.1.254"

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteAddresses = _empty_array

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteTypes = _empty_array

    vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteMasks = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:Server:LoadBalancingAddress = "1.2.3.4"

    vpn:Servers:com.apple.ppp.l2tp:Server:MaximumSessions = 128

    vpn:Servers:com.apple.ppp.l2tp:Server:LoadBalancingEnabled = 0

    vpn:Servers:com.apple.ppp.l2tp:Server:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.l2tp:Server:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedSearchDomains:_array_index:0 = "home"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.1.1"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:1 = "<redacted>"

    vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:2 = "192.168.1.11"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:0:SharedSecret = "1"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:0:Address = "1.1.1.1"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:1:SharedSecret = "2"

    vpn:Servers:com.apple.ppp.l2tp:Radius:Servers:_array_index:1:Address = "2.2.2.2"

    vpn:Servers:com.apple.ppp.l2tp:enabled = yes

    vpn:Servers:com.apple.ppp.l2tp:Interface:SubType = "L2TP"

    vpn:Servers:com.apple.ppp.l2tp:Interface:Type = "PPP"

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoFailure = 5

    vpn:Servers:com.apple.ppp.l2tp:PPP:DisconnectOnIdle = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorEAPPlugins:_array_index:0 = "EAP-KRB"

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorACLPlugins:_array_index:0 = "DSACL"

    vpn:Servers:com.apple.ppp.l2tp:PPP:VerboseLogging = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:IPCPCompressionVJ = 0

    vpn:Servers:com.apple.ppp.l2tp:PPP:ACSPEnabled = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoInterval = 60

    vpn:Servers:com.apple.ppp.l2tp:PPP:LCPEchoEnabled = 1

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorProtocol:_array_index:0 = "MSCHAP2"

    vpn:Servers:com.apple.ppp.l2tp:PPP:AuthenticatorPlugins:_array_index:0 = "DSAuth"

    vpn:Servers:com.apple.ppp.l2tp:PPP:Logfile = "/var/log/ppp/vpnd.log"

    vpn:Servers:com.apple.ppp.l2tp:PPP:DisconnectOnIdleTimer = 7200

    vpn:Servers:com.apple.ppp.l2tp:IPSec:SharedSecretEncryption = "Keychain"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:LocalIdentifier = ""

    vpn:Servers:com.apple.ppp.l2tp:IPSec:SharedSecret = "com.apple.ppp.l2tp"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:AuthenticationMethod = "SharedSecret"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:RemoteIdentifier = ""

    vpn:Servers:com.apple.ppp.l2tp:IPSec:IdentifierVerification = "None"

    vpn:Servers:com.apple.ppp.l2tp:IPSec:LocalCertificate = "&lt;&gt;"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:ConfigMethod = "Manual"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:DestAddressRanges:_array_index:0 = "192.168.1.224"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:DestAddressRanges:_array_index:1 = "192.168.1.239"

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteAddresses = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteTypes = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteMasks = _empty_array

    vpn:Servers:com.apple.ppp.l2tp:L2TP:Transport = "IPSec"

     

     

    Can you see any discrepancy?

    Thanks in advance.

  • dotpage Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 14, 2013 7:41 PM (in response to WingC3)

    I am also looking for the answer to this... Updates please?

  • Bunnyfu Calculating status...
    Currently Being Moderated
    Aug 27, 2013 1:34 AM (in response to pfzt)

    Same problem. Macs, Windows machines and iOS devices all connect to our lion server's VPN. However, android devices will not.

     

    Looks like Apple pulled a fast one on android users. Easy to miss, but extremely game breaking for people that rely on a mac-based server infrastructure.

     

    Looks like our android-switchers will be back to iOS in no time. No other option.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.