How to setup an IKEv2 VPN connection on Nebula which is compatible with Android 12 ?

Sébastien
Sébastien Posts: 38
First Comment Friend Collector Second Anniversary
 Freshman Member
Hi everyone,

I've been using a client-to-site L2TP/IPSec VPN on my Nebula Zyxel USG Flex 100, it was working fine until I upgraded my smartphone from Android 11 to Android 12.

The smartphone now asks to upgrade to IKEv2 while my old L2TP/IPSec is not working anymore.

In the Nebula configuration, I've switched off "L2TP over IPSec VPN server" (because there is no possibility to change IKE version) and switched on "IPSec VPN server" with the following parameters :
  • Client VPN subnet : set to a correct value
  • IKE version : IKEv2
  • DNS server (custom in my network environnement)
  • Policy : Default
  • Authentication : Nebula Cloud Authentication (users have VPN access authorization, no 2FA)
NAT and security rules are active.

When trying to set up the connection on my smartphone, I don't know what parameters to choose.

Concerning the VPN type, I have the following options :
  • IKEv2/IPSec MSCHAPv2
  • IKEv2/IPSec PSK
  • IKEv2/IPSec RSA
Which one should I use ? On Nebula, when choosing IKEv2 there is no possibility to enter a PSK or a certificate... 

Thanks for your help !

Seb




Accepted Solution

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 995
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 500 Comments
     Guru Member
    edited August 23 Answer ✓
    Hi @sebastian,
    Unfortunally, there is no VPN type match for Android 12 IKEv2 currently.
    This is confirmed in our roadmap to support this.
    We will release Android App for this issue.

All Replies

  • Sébastien
    Sébastien Posts: 38
    First Comment Friend Collector Second Anniversary
     Freshman Member
    Ok, thank you for your answer.

    I will switch to on-premise mode until the issue is fixed.

    Regards,

    Sébastien

Nebula Tips & Tricks