Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to connect to microsoft VPN server with MSCHAPV2 authentication

Could you please give some guidance where to dig?

What I have:

  1. I have a device (HTC One X) with ICS (Android 4.x) on board.
  2. My Company has a corporate VPN server based on Microsoft VPN Services (RRAS and so on).
  3. Microsoft VPN Server has a policy applied to it which tells it to accept only connections with MSCHAPV2 authentication.

What I need:

  1. I need to make VPN connection from my device to my corporate VPN Server.

Questions:

  1. Is it possible to get my need with ICS's onboard VPN client?
  2. Is there any 3rd party VPN client which does it?
  3. How to ask Google about my need?
like image 382
msalimov Avatar asked Jun 18 '12 06:06

msalimov


1 Answers

Android supports MS-CHAP V2, but that is part of phase 2 authentication and is configured automatically during handshake. The question that needs to be answered first is what VPN protocol is being used? PPTP? Check if you need to enable encryption (MPPE)
L2TP/IPSec? It's possible all of them are supported; you may also have to check whether it's PSK or RSA. If it's RSA, you need to install the certificate for connecting.
SSTP? SSTP is only available on Windows.

You should also be aware that MSCHAPV2 on PPTP is considered broken (cryptographically unsafe). And SSTP is not supported on Android. I'm assuming SSTP is an option and OpenVPN isn't because the company is using MS VPN.

To answer your questions:
1. If the server enabled PPTP or (L2TP/)IPSec, Android 2.x+ should be able to connect, as long as the vendor didn't strip out the built-in VPN in stock Android.
2. Any 3rd party VPN client should support these two widely used protocols.
3. Google's android repository on Google Code should be consulted if there are issues with the VPN client: https://code.google.com/p/android/issues/advsearch

like image 146
joe Avatar answered Sep 21 '22 10:09

joe