This document describes how to setup an IPSec-secured VPN connection between LANCOM routers and Android devices with the VPN client built into Android.
- Mobile device (smartphone, tablet PC, etc.) with the Android operating system as of version 4.x
1) Set up the VPN connection on the LANCOM router:
Setting up the VPN connection on the LANCOM router is initially done with the Setup Wizard in LANconfig. This is followed by a number of manual adjustments to the configuration of the LANCOM router.
1.1) Start the Setup Wizard and choose the option Provide remote access (RAS, VPN).
1.2) Set the Kind of remote access to VPN connection over the Internet.
1.3) In the next dialog box, select the option VPN client with user-defined parameters.
1.4) Enter a name for the VPN connection.
1.5) In the following dialog, select the option Preshared key and aggressive mode. In the input fields you then set a preshared key.
You will need the
preshared key later in
step 2.4 of the client configuration .
1.6) In this example we use the default IKE parameters, so nothing is changed in this dialog.
1.7) As the identity type, the Local identity type and the Remote identity type are each set to the Key ID (group name). Below each input box, enter a name.
You will need the
name of the remote identity later in
step 2.4 the client configuration .
1.8) The PFS algorithm is not required, so please disable the option in this dialog box.
1.9) The encryption settings can be left as the default values.
1.10) Similarly, no authentication header (AH) and no data compression are used.
1.11) In the next dialog you enter the local IP address to be assigned to the client.
1.12) Accept the default settings in this dialog.
1.13 The function Activate NetBIOS over IP routing is not used.
1.14) Click Finish to exit the Setup Wizard and write the configuration back to the LANCOM router.
1.15) Use LANconfig to open the configuration for the LANCOM router and switch to the menu item Configuration -> VPN -> General -> Connection list.
1.16) Open the entry for the new VPN client connection with a double click of the mouse.
1.17) For the XAUTH option, select the setting Server. Save the change with the OK button.
1.18) Change to the menu Configuration -> Communication -> Protocols -> PPP list.
1.19) Add a new entry.
- As the Remote site, select the new VPN client connection.
- Set a password in the Password field.
- Enable the option Activate IP routing.
You will need the name of the remote site and the password again later in step 2.7 of the client configuration.
1.20) Save the configuration by clicking the OK button and then write the changes back to the LANCOM router. This concludes the configuration of the LANCOM router.
2) Set up the VPN connection on the Android device:
2.1) Open the Settings menu and select the menu item More settings....
2.2) In the More networks... menu select the option VPN.
2.3) Tap on the option Add VPN (+).
2.4) In the next dialog box, enter the following settings:
- In the Name box, enter a name for the new VPN profile. Use any name you like.
- Set the selection field Type to IPSec Xauth PSK.
- In the Server address field, enter the public IP address or public DNS address of the LANCOM router.
- In the IPSec identifier box, enter the name of the remote identity which you set when configuring the LANCOM router in step 1.7. In this example the name is lancom.
- In the IPSec pre-shared key field enter the preshared key that you set when configuring the LANCOM router in step 1.5.
2.5) Tap Save to store the configured VPN profile.
2.6) To start the VPN connection, just tap the newly created VPN profile.
2.7) In the fields Username and Password you now enter the values that you set when configuring the LANCOM router in step 1.19.
- As the Username , enter the name you set for the VPN connection configured in the LANCOM (in this case: ANDROID).
- The Password is the one you entered in the PPP list entry.
2.8) Tap Connect to establish the VPN connection to the LANCOM router. This concludes the configuration steps on the Android device.