IPSec / L2TP working on some Android devices, but not all - General Topics

Hello forum,
couple of weeks ago I had success in connecting a Samsung Galaxy S to our corporate VPN (Cisco ASA) using L2TP/IPSec with certificate based authentication. Now I have tried to do the same with Galaxy GT-I5510 and Sony Ericsson XPeria X10 Mini Pro. GT-I5510 has Android 2.2, and XPeria X10 has Android 2.1. Both of these have identical user interface to configure the VPN connections compared to Galaxay S. But, either of these do not even try to open the connection when I try to enable it. Both simply say:
"Unable to connect to the network. Do you want to try again?"
I know that the devices do not even try to connect to the VPN server, because I have monitored network traffic on the server side. No packets incoming at all. Also, network browsing works, so it's not about data connections being disabled at the device or something like that. I have also tried it using my own WLAN, so it's not about operator blocking IPSec traffic either.
Does anyone have a clue what is wrong with these devices, why do they allow to configure an IPSec/L2TP VPN connection, but then do not even try to open it when activated? Is it possible that IPSec is somehow disabled in these non-high-end devices or something?

Sadly, I have to chime in on this. I got the Thunderbolt today, and found myself in a similar situation. Coming from an HTC Droid Incredible, I found that I cannot connect to my L2TP over IPSec VPN (I am, unlike you, using a PSK). However, I otherwise have EXACTLY the same issue: from my thunderbolt, which is configured identically to the DInc, I get the same error. I can browse to the VPN server from the Thunderbolt's browser, etc. and if I configure my Thunderbolt as a mobile hotspot, I can connect device to my Thunderbolt, then connect through the Thunderbolt to my VPN, but I cannot connect directly from my Thunderbolt to my VPN server.
Extremely frustrating. Hope you have found a solution.

Related

Treo 750 WM6 T-Mobile and VPN

Hi all
I recently purchased an unlocked Treo 750 with use on T-Mobile. This replaced my 700w on Verizon.
I have internet working fine, MMS reprogrammed and working. However I seem to be having problems with VPN on the phone itself.
If I tether the treo to my laptop and use it as my internet connection, I can initiate the VPN client on my laptop and all is fine.
The problem is the VPN on the phone itself when using trying to use applications directly on the phone requiring VPN (ie without the laptop). I configured it, it connects fine, however when trying to use IE or remote desktop it fails to connect.
I get a 503 error in IE on each url I try through the VPN. Makes me think it's trying to hit a proxy of some kind outside of the connection manager.
I've also tried using internet2.voicestream.com as opposed to the default wap.voicestream.com... both function identical and at same speeds. I have the total internet add-on data package.
Remote desktop fails with network not found... which kind of hints at a proxy also.
Note that I do not have any proxies set in the Connections manager, makes me think there is something hard coded.
I have checked the registry for the AutoEnable thing for proxies, but in WM6 this is already set to a value of 1.
Any advice is welcomed
If it is a PPTP VPN connection you are probably screwed, it is slowly emerging that there is a problem with the implementation of MPPE used in WM for PPTP VPN connections. I.e. VPN connects but NO traffic Tx/Rx.
Best bet, try and get your IT to setup the PIX to use L2TP/IPsec I have heard numerous reports that there are no problems with the implementation standard of that VPN connection in WM5/6/6.1.

DS and L2TP/IPsec VPN connection

Hello
Is anyone using VPN L2TP/IPsec PSK connection on his/her Desire S with stock HTC ROM with latest OTA updates, please?
If I define the connection with all required parameters and try to connect to my home VPN gateway, my DS gets completely frozen... Only possibility is to remove and insert battery (dangerous I know, but also power+vol buttons did not help).
In logs on VPN gateway I see that connection has been successfully initiated but anyway the phone gets frozen... :-(
VPN connections works fine from PC with Win7 and also from HTC with Windows Mobile OS. I tried also from another Android phone (ZTE Blade) Android 2.2 version and that phone just reboots during connection... terrible. Searching forums on internet I see I'm not the only to have such issues, I saw also users with SGS2 and other phones reporting reboots/freezing issues with VPN...
Any positive experience with VPNs among DS users?
thanks
Fero

[Q] How to connect to wifi 802.1x EAP ?

help me connect to eduroam pls
when i try to connect it says : "scanning ...."then "connecting ...." then "saved, secured with 802.1x"
Sensation XE
fw 3.25
rom : ARHD 6.2.1
ICS
same for me Sony
seems to be an android bug
-scanning-connecting-searching---- "disabled, secured with 802.1x eap"
this is my loop, and no connection at all
Same here :-(
iPhone users can connect fine to my company's 802.1x wifi network, but i can't from my android phones (SE Xperia X10 on Gingerbread & HTC Sensation on ICS)
A google search shows a lot of users having issue in connecting to 802.1x networks since Froyo (Android 2.2). There are worksrounds suggested, but they don't appear to work for me.
It seems the issue still exists in ICS as well :-(
Try LEAP WiFi free (it is in the market) or try to find one app for your comapny.
Leap WiFi works fine for me on IBM EAP APs.
Delete your old saved setting, before creating a new with Leap WiFi.
davebugyi said:
Try LEAP WiFi free (it is in the market) or try to find one app for your comapny.
Leap WiFi works fine for me on IBM EAP APs.
Delete your old saved setting, before creating a new with Leap WiFi.
Click to expand...
Click to collapse
will tests that
hope it will work
Huck33 said:
will tests that
hope it will work
Click to expand...
Click to collapse
Must be a bug in CM9, I'm having the same issue. Thinking about going back to CM7
bomczz said:
help me connect to eduroam pls
when i try to connect it says : "scanning ...."then "connecting ...." then "saved, secured with 802.1x"
Sensation XE
fw 3.25
rom : ARHD 6.2.1
ICS
Click to expand...
Click to collapse
Finally, I've defeated my CiSCO EAP-FAST corporate wifi network and now all our Android devices are able to connect to it.
The walkaround I've performed in order to gain access to this kind of networks from an Android device are easiest that you can imagine.
I'am a BES, MDM and Lotus Administrator, and btw and iOS lover.
Many of my colleages are Android users, and their claim is always the same.
Why iOS and BB users are able to connect to the corporate wireless network by chosing only WPA2 Enterprise and only needs the network SSID and their Active Directory Credentials?
2 years has passed since I heard this claim from my colleagues for the first time , and until yesterday, all of them remained disconnected even when they had ICS on their devices.
This things made me think about the Android and iOS system differences, and the way the OS developer thinks.
A wireless chipSet is a wireless chipset, and it not depends of the OS installed in a mobile device to have a better compatibility.( not like servers or routers ).
When you setup a Corporate wifi network on iPhone, basically you command the system to use some protocols to connect to, included in the WPA2 Enterprise cabinet. the system check all of the until find the right one to connect.
Android doesn't have the same protocols defined in his WPA2 Enterprise system definitions, so if you try to connect to it by using the main Android interface, you will have an authentication error.
There's a Wifi Config Editor in the Google Play Store you can use to "activate" the secondary CISCO Protocols when you are setting up a EAP wifi connection.
It's name is Wifi Config Advanced Editor.
Firstable you have to setup your wireless network manually as seemful as you can to your "official" corporate wifi parameters.
Save it.
Go to the WCE and edit the parameters of the network you have created in the previous step.
There are 3 or 4 series of settings you should activate in order to force the Android device to use them as a way to connect (the main site I think you want to visit is Enterprise Configuration, but don't forget to check all the parameters to change them if needed.
As a suggestion, even if you have a WPA2 EAP-FAST Cipher, try LEAP in your setup.
It worked for me as a charm.
When you finished to edit the config, go to the main Android wifi controller, and force to connect to this network.
DO NOT Edit the network again with the Android wifi interface.
Tested on Samsung Galaxy 1, 2 and Note mobile devices and on a Lenovo Thinkpad Tablet.
Gingerbread, Honeycomb and ICS.
May the force be with you, my young Padawan
Regards
Try the "Leap WIFI free" app from Play Store
Try the "Leap WIFI free" app from Play Store. Its an app provided by a developer called "OneGuyInABasement".
I was having the same issue where I couldn't connect to the (802.1x EAP based) Wifi network at my workplace.
I configured the network through this app and now I can connect just fine.
Leap WIFI free not working with JB 4.2.1
I have tried using Leap WIFI free on my Asus TF700T running the latest OTA update to JB (4.2.1).
While the tool seems to create a network profile, it does not even connect.
Trying to connect to a wifi network that shows up as Cisco EAP-FAST when I connect via my windows laptop
I've tried creating the profile using the built in wifi config editor as well, unfortunately it defaults to PEAP and while it connects and gets an IP address I do not have actual network access (e.g. web browsing fails).
The wifi ACE tool has not been updated to support JB yet either.
Any other suggestions?

VPN Problem with 4.0.3

I have a New Asus Transformer Pad with 4.0.3 on it.
I've added a new VPN IPSEC XAuth PSK to it and it connects fine but when I start the VPN then try to browse the net its reboots and if I try to access email it can't see anything.
I need to know if this is a bug or if something is configured wrong.
I've tried looking everywhere to find this out but can't find anyone that's had this problem so far.
I set up VPN on mine using IPSEC XAuth PSK, it says it connects, but I can't do anything (like remote into a PC). It doesn't crash though.
When I asked my Administrator to look, he could see the connection but there was no data coming through at all.
I've rooted mine and used VPN Widget which I used on my DHD and it works fine.
Update
Asus has since released and update but i'm not sure what it corrected. The version number hasn't changed so it must just be some backend fixes.
When i connect the VPN now it doesn't crash but as you said it doesn't look like its pushing the data over the VPN connection. The stats never change.
I've tried putting in the DNS search name, DNS server. That didn't help.
The forwarding route might help but i'm unsure what route i should be putting in there any ideas?
I'm a system/network administrator, if possible I'll see if I can try and set it up for myself and see if I can replicate the bug (if I can't it's probable that it's a misconfiguration on your end).
Might take a while though
Settings
I'm using a IPSEC XAuth PSK for the VPN connection.
Hopefully this will be able to give you the same results.
Same Issue w Asus, but not Acer
I have been waiting for a while to have this resolved as I want to be able to use my Transformer Prime to vpn to my work. My IPSEC XAUTH PSK connects as well, but will not allow me to remote desktop into my work PC.
I bought an Acer A500 for my daughter and this morning I was able to update it to ICS. Tried the exact same VPN settings, connected and remoted into my work PC flawlessly.
Looking forward to the next firmware update for ICS / Transformer Prime so it hopefully resolves the issues.
Found a VPN that works
So that people know I found a VPN that works with PSK X/Auth.
Its pretty new made by Matthias Meier called VpnCilla.
There is a trial to test with but you then have to buy it for $5.46.
Try it out it works.
As an alternative, you can set up a pptp vpn using the vpn setup wizard in windows 7 for free (assuming you have windows 7). I can confirm that this works with the 300. It uses microsoft point to point 128bit encryption, and can be configured to require password encryption. Its not exactly high end encryption, but its better than no encryption or novpn connection at all. It will protect you from some kiddie running a packet sniffer program.

[Q] Problems with RDP through Droid Bionic Verizon WIFI Hotspot and VPN

I am trying to use my Driod Bionic to get to my work dekstop. This is what I am doing. I am firing up the wifi hotspot (paid through Verizon) and connecting my laptop to that. I verify that it has internet access. Next I open my Cisco VPN client and connect to my work network (I get proper IP address, DNS servers and search domain). When I open remote desktop and try to get to my work PC (or any other pc/server) it times out.
We also have a Veriaon MiFi and I do the exact same thing and it works flawlessly. It seems to be related to the phone. I also have a co-worker trying to do the same thing with an iPhone and having the same result.
It appears to be something in the phone blocking traffic. Has anyone else had this problem and got it to work? When I call Verizon they say they don't support it past connecting to the VPN. Another agent toled me I need to get an app to ebable the RDP passthrough.
Thanks a million!

Categories

Resources