How to setup an IKEv2 VPN connection on Nebula which is compatible with Android 12 ?
Hi everyone,
I've been using a client-to-site L2TP/IPSec VPN on my Nebula Zyxel USG Flex 100, it was working fine until I upgraded my smartphone from Android 11 to Android 12.
The smartphone now asks to upgrade to IKEv2 while my old L2TP/IPSec is not working anymore.
In the Nebula configuration, I've switched off "L2TP over IPSec VPN server" (because there is no possibility to change IKE version) and switched on "IPSec VPN server" with the following parameters :
When trying to set up the connection on my smartphone, I don't know what parameters to choose.
Concerning the VPN type, I have the following options :
Thanks for your help !
Seb
I've been using a client-to-site L2TP/IPSec VPN on my Nebula Zyxel USG Flex 100, it was working fine until I upgraded my smartphone from Android 11 to Android 12.
The smartphone now asks to upgrade to IKEv2 while my old L2TP/IPSec is not working anymore.
In the Nebula configuration, I've switched off "L2TP over IPSec VPN server" (because there is no possibility to change IKE version) and switched on "IPSec VPN server" with the following parameters :
- Client VPN subnet : set to a correct value
- IKE version : IKEv2
- DNS server (custom in my network environnement)
- Policy : Default
- Authentication : Nebula Cloud Authentication (users have VPN access authorization, no 2FA)
When trying to set up the connection on my smartphone, I don't know what parameters to choose.
Concerning the VPN type, I have the following options :
- IKEv2/IPSec MSCHAPv2
- IKEv2/IPSec PSK
- IKEv2/IPSec RSA
Thanks for your help !
Seb
0
Accepted Solution
-
Hi @sebastian,Unfortunally, there is no VPN type match for Android 12 IKEv2 currently.This is confirmed in our roadmap to support this.
We will release Android App for this issue.0
All Replies
-
Ok, thank you for your answer.
I will switch to on-premise mode until the issue is fixed.
Regards,
Sébastien0 -
Zyxel_Cooldia said:We will release Android App for this issue.May I advise Zyxel against this? Apps might be sellable like licenses and and subscriptions, but when the app will have issues with some Android flavours (RealOS, MiUI) or hit fragmentation, well... might be a tough path.IKEv2 + PSK is already supported for IPSec connections...5
Categories
- 7.7K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 903 Switch
- 40 Switch Ideas
- 793 WirelessLAN
- 14 WLAN Ideas
- 5K Consumer Product
- 129 Service & License
- 260 News and Release
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight