We have updated our SSO (Single Sign On) - Login to all Zyxel Systems with a MyZyxel Account! Learn More!

Open Article
English Български Čeština Dansk Deutsch Español Suomi Français Hrvatski Magyar Italiano Nederlands Norsk Polski Română Русский Slovenčina svenska Türkçe

How-To Configure a IPSec Tunnel with 802.1X Authentication on Android? RADIUS & Active Directory icon

Avatar
David Mössner
  • Updated

In this article, we will take a look at how to configure an IPSec VPN Tunnel with xAuth on an Android Device.

We will go over the following steps:

 

Configuration of the Zyxel USG/ATP/VPN

Configuration on your Android

 

Configuration of the Zyxel USG/ATP/VPN

Please Login to Your Device.

Default Settings:

 

IP 192.168.1.1
User admin
Password 1234

 

Object Setup:

User Setup:

Configuration -> User/group -> User

Click on "Add"

mceclip0.png

and fill in the Needed Information.

In this example I use:

User Name: vpn-test
User Type: user
Password: Test1234

In addition, You can change the Time the User can stay logged in without reauthenticating.

The Default Setting here is, 1440 minutes or 24 hours.

mceclip1.png

If You want to use the VPN with multiple Users, You can also set up a User Group.

mceclip2.png

mceclip3.png

 

Setting up the needed Address Objects:

Now we need to set up some address Objects which we will need later on.

Configuration -> Object -> Address/Geo IP -> Address

Click on "Add"

mceclip4.png

and create the 2 needed Objects:

mceclip5.png

The IP Pool I am using can differ in Your Usecase!

!(It is important that the Range is not used by any other Interface/Zone/Site2Site Tunnel/...)!

mceclip6.png

 

Confirming the Firewall rules:

Now we confirm that we have 2 very Important Firewall rules:

Configuration -> Security Policy -> Policy Control

The Rules in question are the following default Rules:

IPSec_VPN_Outgoing
IPSec_VPN_to_Device

mceclip7.png

 

Setting up the VPN Gateway

Now we can Setup the VPN Gateway.

Configuration -> VPN -> IPSec VPN -> VPN Gateway

Click on "Add"

mceclip8.png

and fill out the following:

As "Preshared-Key" I used "123456789" but You can obviously use whatever You want.

mceclip9.png

mceclip10.png

as "Allowed User" You can choose the User or the Group which we created in the First Step

(User Setup)

 

Setting up the VPN Connection

In this step, we configure the VPN Connection for the Gateway.

Configuration -> VPN -> IPSec VPN -> VPN Connection

Click on "Add"

mceclip11.png

and fill in the needed information.

In this Scenario, I activated "Enable NetBIOS broadcast over IPSec", because I used an App that worked with NetBIOS Name Resolution.

mceclip12.png

mceclip13.png

That's this and now on to the configuration on the Android Device.

 

Configuration on your Android

Accessing the VPN Menu:

Use the Dropdown Access and choose the little "gear" Symbol.

mceclip14.png

Choose "Network & Internet"

mceclip15.png

Click on "Advanced"

mceclip16.png

and choose "VPN"

mceclip17.png

 

Adding the VPN Connection:

Click on the "+" Symbol

mceclip18.png

and fill in the Information from the VPN Connection that we created earlier and click on "Save".

(Creating a VPN Connection)

As IPSec Identifier You can put almost! anything.

!The Identifier needs to be unique per Device!

mceclip19.png

 

Testing the VPN Connection:

Choose the VPN and click on "Connect"

mceclip20.png

mceclip21.png

And we are done.

Related articles

Comments

0 comments

Please sign in to leave a comment.