The native Android VPN client supports IPsec, L2TP, and PPTP VPNs. Follow the steps in this article to configure an Android device to connect to a client-to-site IPsec VPN with X.509 certificates and XAUTH authentication.
In this article:
Set Up Certificates on the Android Device
- Copy the certificates to the Android device's internal storage.
- Tap Settings > Security > Install from Storage.
- Tap the root certificate.
- Enter a Certificate Name and select VPN and apps.
- Click OK.
- If prompted, enter your PIN or unlock pattern. A message stating, "Root CA installed" appears briefly at the bottom of the screen.
- Enter a Certificate Name and select VPN and apps.
- Click OK to install the certificate.
The certificate appears under the User tab at Settings > Security > Trusted Credentials.
Set Up the Android VPN Client
- Tap Settings.
- In the Wireless & Networks section, tap More.
- Tap VPN.
- Add the VPN by tapping the plus sign (+) next to VPN.
- On the Edit VPN profile page, configure these settings:
- Name – Enter a name for the VPN connection (e.g.,
WorkVPNConnection
). - Type – Select IPsec Xauth RSA.
- Server address – Enter the network address for the VPN service (e.g.,
123.45.6.7
). - IPsec user certificate – Select the previously installed user certificate (e.g.,
AndroidCert
). - IPsec CA certificate – Select the previously install root certificate (e.g.,
RootCert
).
- Name – Enter a name for the VPN connection (e.g.,
To connect to the VPN, tap its name.