Connecting to an Endian UTM via L2TP (IPSec) using Android

Versions 2.5, 3.0, & 5.0

Applies to platform: Any device running Android, except ICS 4.X.X.
Updated on: 22nd August 2012.


Some users reported that they can not connect to the Endian UTM Appliance via IPsec/L2TP using Android devices, version ICS 4.X.X. After some investigation, we found out that this is a bug (#23124) in Android's VPN implementation, which sends malformed packets to the IPsec tunnel. We will keep you informed about the resolution of this bug.

This lesson describes how to connect a smartphone or tablet device with Android to an existent and running IPsec installation on the Endian UTM Appliance using PSK (password) authentication.


Remember that PSK and certificate-based connections are mutually exclusive, so you can't have both in one single connection. This lesson introduces only the PSK method, which is simpler and the most widely used.

The connection via L2TP/IPsec requires the following data, that should have been previously configured on the Endian's VPN > IPsec section:

  1. The IP address or hostname of the Endian UTM appliance where IPsec runs.
  2. The PSK secret, i.e., the password of the IPSsec tunnel, that can be retrieved under Menubar > VPN > IPsec, by clicking on the Edit icon next to the connection, and then looking in the Authentication box.
  3. The username and password of the L2TP user. The username is retrievable from Menubar > VPN > VPN users, and the user must be allowed to use L2TP.

You should write the above mentioned data down or remember it, since you will have to enter them in the corresponding configuration sections of your device.

Setup of a VPN connection to the Endian UTM Appliance


Go under Settings and tap on Wireless & networks.



Tap on VPN Settings.


Tap on Add VPN.


Tap On L2TP/IPSec PSKAdd VPN. You will end up to the following screen.


Here, tapping on each of the fields, you can enter the data you have written down earlier as follows:

  1. VPN Name: the name to identify the connection, at your will.
  2. Set VPN Server: The IP address or hostname.
  3. Set IPSec preshared key. The PSK secret.
  4. Enable L2TP secret: must NOT be ticked.
  5. DNS search domains: you can leave this blank.


The connection is now set up. To start using it, just tap on the connection's name (ACME, inc. in our example) to open the following screen:


  1. Enter your username.
  2. Enter your password.
  3. For your convenience. you can tick Remember username, so you won't be asked for it every time.
  4. Select Connect.
The connection will now start.
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request


  • Avatar
    J. Schuh GmbH

    IPsec does still not work with Android (S3/Android 4.0.4)

  • Avatar
    Daniele De Lorenzi

    Thank you for your feedback. We wrote this howto while setting up the connection on a HTC Desire running Android 2.3.7 we also tested this howto on a Samsung Galaxy Nexus ICS 4.0 and HTC Desire with custom ROM running Android ICS 4.0.4. What exactly does not work and which is the error message displayed?

  • Avatar
    J. Schuh GmbH

    The message is "Timeout". The same configuration is working with an iPhone.

  • Avatar
    Daniele De Lorenzi

    We suggest that you open a ticket and allow us to acces your appliance for a further investigation.

  • Avatar
    Christian Herdegen

    for me the same, i  always " ciht erfolgreich"  i tested with Desire HD and ICS,  ans Samsung Galaxy tab 10.1 with ICS

  • Avatar
    Daniele De Lorenzi

    Christian as you commented here -> you have an endian 2.4 release so this release doesn't have L2TP feature.

    If you are interested to this feature you can open a ticket to upgrade your appliance to 2.5