WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT955 as L2TP over IPSec server works with Windows but not with Android

0 votes
915 views 3 comments
by

I have configured a RUT955 as a VPN server with L2TP over IPSec.

Connecting from a Windows Client works fine. Connecting from an Android device to other L2TP over IPSec servers works also fine. But connecting from an Android Device to the RUT955 L2TP over IPSec Server does not work.

My configuration: Is there anything wrong?

1 Answer

0 votes
by anonymous
Hello,

Where are you taking yours Phase 1 and Phase 2 values from (Encryption, Authentication, Hash, DH)? because If I remember correctly those should be:

Phase 1: SHA2(256) - AES(256) - DH2
Phase 2:  SHA2(256) - AES(256)

Some older versions of Android OS use these default transforms:

Phase 1: SHA1 - AES(256) - DH2
Phase 2: SHA1 - AES(256)

So unless you changed it somewhere or for yours phone/Android there are other values you should change them in yours configuration accordingly.

Best regards,
Vidas.
by
Thank you for your answer, the hint (first set of parameters) was helpful. VPN works now from Windows and from Android.

Best regards
GKap
by anonymous
Hello,

Is there similar settings for iPhone and iPad.

The L2TP/IPSec works fine with my Windows 10 native VPN source, but for the iPhone and iPad it fails.

Best regards

Mikael
by anonymous

Hello Mikael,

For iOS devices you will have to try combinations of following parameters:

For devices with iOS 9.3 and higher or macOS 10.11.4 and higher, these combinations of Phase 1 and 2 settings are supported.

If Diffie-Hellman Group 14 is selected in the Phase 1 settings:

  • Phase 1 Authentication - MD5, SHA1, SHA2(256), SHA2(512)
  • Phase 1 Encryption - AES256
  • Phase 2 Authentication - MD5, SHA1
  • Phase 2 Encryption - 3DES, AES128, AES256
  • Perfect Forward Secrecy - No

If Diffie-Hellman Group 2 is selected in the Phase 1 settings:

  • Phase 1 Authentication - MD5, SHA1
  • Phase 1 Encryption - DES, 3DES, AES128, AES256
  • Phase 2 Authentication - SHA1, MD5
  • Phase 2 Encryption - 3DES, AES128, AES256
  • Phase 2 PFS - No

For devices with versions of iOS lower than 9.3, these Phase 1 and 2 settings are supported.

Diffie-Hellman Group 2:

  • Phase 1 Authentication - MD5 , SHA1
  • Phase 1 Encryption - DES, 3DES, AES128, AES256
  • Phase 2 Authentication - MD5 , SHA1
  • Phase 2 Encryption - 3DES, AES128, AES256
  • Phase 2 PFS - No
Best regards,
VidasKac.