It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Native Android IPsec VPN Client

  • Last updated on

If you are not using the integrated TINA VPN client in CudaLaunch for Android, you can also manually configure the native IPsec client on the mobile device. This setup must be completed on every device that connects to the client-to-site VPN and is valid only for IPsec IKEv2 VPN configurations. The Barracuda CloudGen Firewall VPN service currently supports IKEv2/IPSec MSCHAPv2.

Before You Begin

Step 1. Set Up Certificates on the Android Device

  1. On the Android device, tap Settings > Security and privacy > Other security settings > Install from device storage.
  2. Tap CA certificate.
  3. Install the root and server certificates from the Internal storage.

The certificate appears undeSettings > Security and privacy > Other security settings > Credential storage.

Step 2. Configure the Native Android IPsec VPN Client for Client-to-Site IPsec VPN

  1. On the Android device, tap Settings.
  2. In the Connections section, tap More connection settings.
  3. Tap VPN.
  4. Tap the menu in the right (...) next to VPN and select Add VPN profile.
  5. On the Edit VPN network page, configure the following settings:  
    • Name – Enter a name for the VPN connection (e.g., IPsec IKEv2).
    • Type – Select IKEv2/IPSec MSCHAPv2. (IKEv2/IPSec RSA and IKEv2/IPSec PSK are currently not supported.)
    • Server address – Enter the network address for the VPN service (e.g.,
    • IPSec identifier – Enter a random string. This string is used as part of the IP Group identifier on the VPN > Client-to-Site page. 
  6. Select the previously installed IPsec CA certificate (e.g., RootCert).
  7. Select the previously installed server certificate (e.g., VPNCert).
  8. Enter Username and Password.
  9. Tap Save.

To connect to the VPN, tap the VPN profile you just created.