I've got a substantial user base who are itching and dying to get on our corporate network with their Android phones. We are currently using a Cisco VPN product and there is no know solution for running on the Cisco protocols without rooting/busybox/vpnc setup. So in an attempt to provide this access I've setup several test attempts with several different VPN solutions. I've tried several l2tp/ipsec and PPTP iterations with little to no luck. I have been able to get a VPN connection established but there is no route through to our internal LAN once connected. This has been occuring with every type of VPN connection I try. I've tried Astaro,vyatta,pfsense/m0n0wall,debian, and finally FreeBSD.. so far all of them are able to connect, but there is no route. I'm beginning to lose hope of ever having an open source solution to this issue. Has anyone been able to setup a VPN for Android devices and get it to work? I'm open to any ideas and or suggestions as I'm just about ready to give up on it.

Have you setup a VPN for Android? If so please provide me with a glimmer of hope!

Well I had a very long phone conversation with a high level technician and architect from Tmobile and they informed me that the issues I've had with the VPN and mobile end points is due to the way their network is setup and that their APN's are blocking the VPN connections. I also discovered that most carriers put their mobile IP's in a protected network space which basically breaks VPN tunnels. The only exception to this rule being AT&T and the Iphone IP's they are totally open and the VPN works fine on them. So currently the only way to get ANY VPN to work with a mobile device is to ask your provider to move your device to an unprotected network which is like asking them for free service. Hopefully they will make some major changes in the future.

This won't solve the issue of your carrier blocking the VPN, but I thought it might help someone.

If you set up a PPTP server on Linux for Android clients to connect, make sure you disable BSD compression. Otherwise the connection won't work.

To be precise, you need to add the following in /etc/ppp/pptp-options

nobsdcomp

Edit: This post may not make much sense any more as doandroids has since further edited the post to completely remove the comm'l references.

Thank you.

I am leaving the rest of my post as a reminder of the rules.

The forum rules do not permit advertising. Please visit http://www.linuxquestions.org/advertising/ for more information on advertising. Feel free to contact the forum admin if you have any questions about this policy.

doandroids,

Welcome to LQ. I'm sorry that your very 1st post has run afoul of the rules.

However thoughtful, helpful, & well intentioned your post is; it still breaks the LQ Rules against advertising:
I have edited it accordingly.

Please don't be discouraged, it is likely that you have valuable information to share w/ the LQ community; but we cannot allow our fora to be used for advertising.

Thank you for your understanding & co-operation, I hope your career here is long & productive.

tekhead2,

"Super Matt", my local Gentoo (he runs it successfully) & Android (he uses one ) expert, has not felt the personal need for VPN, but says that your concerns make sense. He suggests you search for Android VPN apps, starting w/ Cisco (or did you already try them?). He is suggesting that Cisco should be considering the growth of the Android market, & working on meeting your need.

I hope we are not suggesting something you have already investigated.

There's no Cisco client on Android currently. Last I heard, on Cisco's support forum, one may be released in June. It will likely only be available on Cisco's own Android Tablet, at first.

As mentioned by the OP, if you "root" the phone, then it's possible to install clients that connect to a "pure IPSec" VPN (aka Cisco VPN).

In the meantime, for non-root users, what's available on Android are: PPTP and L2TP (with or without IPSec). I've not tried to connect to a Cisco ASA, although that should be possible also with PPTP or L2TP. I have tried both PPTP and L2TP to a Linux box, and both works fine (except for the bsd compression that I mentioned above).

Non of this matters, if the carrier is blocking VPN, as the OP claims. I'm not sure it is quite that bad, though, since he also says he managed to establish a connection. Or was that only on wifi?

Cheers

An update. On Android 2.2 and earlier there was a problem with L2TP/IPSec CRT, since the Android client sent the IP-number as identifier, but the server expected the common name (given by the certificate). I just got Android 2.3.3 installed on my Nexus One and the problem is now fixed, L2TP/IPSec CRT now connects and works perfectly.
If time permits, and anyone is interested I can provide more details on how it can be set up.

Just noticed that PPTP also started to work fine as of Android 2.3.3. Previously it would only work without encryption.

Hi, I have ca.crt, user.crt and user.key. I tried to install *.crt certificates on Adroid 2.3.3 but only ca.crt worked. User.crt did not so I am not able to complete the VPN settings. Any idea what is wrong?

Also noticed that the version is older enough that cannot follow the instructions about new vpn settings. Taking it to online for updating the router for new vpn. Take the advantage and make settings to get best vpn service for android