How to set up Android 14 for L2TP via IPSec for ATP100

Hi,

We use VPN on ATP100 using L2TP (IPSec). Everything still works on Android 12 and older. L2TP (IPSec) is no longer an option on Android 13 and 14. On Android 13 and 14, there is only IKEv2/lPSec MSCHAPv2, IKEv2/lPSec PSK and IKEv2/lPSec RSA.

Which option for Android 13/14 should we select from the image?

Accepted Solution

All Replies

  • PeterUK
    PeterUK Posts: 3,460  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    You might have to setup without the use of quick start

    setup a Phase 1 Settings in VPN gateway with the following

    show advanced settings

    IKEv2

    Domain Name / Ipv4 0.0.0.0

    set Pre-Shared Key

    Phase 1 settings

    AES128 SHA256

    key group DH14 (one some phones needs to be set higher)

    Phase 2 Setting VPN connection

    show advanced settings

    Remote Access (Server Role)

    select VPN gateway you made

    Local policy 0.0.0.0

    Configuration Payload setup IP range for VPN

    Phase 2 Setting

    AES128 SHA256

    PFS DH2

    set zone for the VPN

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,396  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @JanBab,

    Select "IKEv2 IPSec Client" and follow the guide in this FAQ to install StrongSwan on Andorid.

    See how you've made an impact in Zyxel Community this year!
    https://bit.ly/Your2024Moments_Community

  • JanBab
    JanBab Posts: 4
    First Comment

    When I start the setup wizard for "Remote Access VPN Setup - IKEv2" via Quick Setup, the message appears: "The Rule has been modified before. Do you want to change the VPN rule?
    Click Yes to change VPN rule through Wizard.
    Click No to exit the Remote Access VPN setup."
    Will the rule also change for "L2TP over IPSec Client"?

  • DialectFalun79177
    DialectFalun79177 Posts: 3  Freshman Member
    First Comment Third Anniversary

    Is this possible to do With the ZyXEL NSG50 (only Nebula konfig)
    The customer have a new Android 14 with removed L2TP settings

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,577  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @DialectFalun79177,

    Since NSG also provides the IPSec VPN function, you can use the StrongSwan App to connect.

    Zyxel Melen


Security Highlight