Android 12 and ikev2
I'm looking to find a way to get Android 12 clients connected using IKEv2 mode instead of L2TP.
I've tried this, which seems to be quite easy, but It didn't work:
https://support.zyxel.eu/hc/en-us/articles/4411498192914
Any suggestions ?
Regards
Agor
All Replies
-
Same here. I cannot get my galaxy s22 to connect to an ATP100 after loosing l2tp with android 12. I have no idea if it is the new ikev2 configuration I setup in the zyxel or the vpn settings in the phone.
Has anyone gotten a galaxy s22 to work with a zyxel vpn tunnel?0 -
Been trying here with my phone updated to Android 12 and can't get ikev2 to work as server role on USG60W
I get in logs
Receiving IKEv2 request [count=5]
[INIT] Recv: [SA][KE][NONCE][NOTIFY][NOTIFY][NOTIFY][NOTIFY] [count=5]
Recv IKE sa: SA([0] protocol = IKE (1), AES CTR key len = 256, AES CBC key len = 256, AES CTR key len = 192, AES CBC key len = 192, AES CTR key len = 128, AES CBC key len = 128, HMAC-SHA512-256, HMAC-SHA384-192, HMAC-SHA256-128, AES-XCBC-96, unknown integ [count=5]
The cookie pair is : 0x7180eb2e28ac6628 / 0x4364f247052b96a5 [count=3]
[SA] : Tunnel [VPN_server] Phase 1 proposal mismatch [count=5]
[SA] : No proposal chosen [count=5]
0 -
Hi midi,
I still haven't found a way to get my S22 connected on an ikev2 VPN using the Android's default client. I don't know if there's an issue related to Samsung devices, some other guys over here got theyr Google's Pixels phones properly connected.
But there's a solution that worked great for me. Just download Strongswan VPN client from Google Play (for free) and setup an IKEv2 EAP (using certificates and MSCHAP Auth). It's easy to deploy and works so good that I may not need to try again using the default client in the future.
For PeterUK
You have gone far away from where I'm stuck, according to your logs. I can't even get the phase 1 proposal mismatch using Samsung's devices. What kind of phone are you using ?
Agor
0 -
Sony Xperia 5 II
For PeterUK
You have gone far away from where I'm stuck, according to your logs. I can't even get the phase 1 proposal mismatch using Samsung's devices. What kind of phone are you using ?0 -
-
Hi @midi,
Not sure if the issue is only on S22, can you post VPN connection fail log for further checking?
BTW, you may follow Agor76 to download Strongswan VPN client from Google Play to connect VPN
0 -
S22 here as well with no luck using the built in client. I haven't tried Strongswan or another client yet.
0 -
n4cr2k said:S22 here as well with no luck using the built in client. I haven't tried Strongswan or another client yet.
VPN Server role IKEv2 broken as far as I can tell — Zyxel Community
0 -
Hello everybody,guys i have the same s22 ultra with the same problem.I was about to buy the USG20-VPN mod but after reading this thread I stopped.So I ask you for an update on the situation. Is it possible to set ikev2 psk directly in android vpn section?I ask it because I would have bixby routinely manage the activation and deactivation of the vpn depending on whether or not it is under the same Wifi. And above all, avoid using third-party applications because they consume a train of battery. Thank you0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight