Solved

Android VPN into Server 2012 R2 Essentials (SSTP VPN)

Posted on 2016-11-21
4
186 Views
Last Modified: 2016-11-23
We have a machine running Server 2012 R2 with the Essentials role.  The SSTP VPN that is set up by the Anywhere Access wizard is configured and working fine for Windows clients.

We want to make VPN connections from several Android smartphones also.  How can we achieve this?

I'm looking for confirmation of a working app from experience please -  I can find several apps that say they support this, but I'm after evidence of something working well from someone who's actually tried this in person.  Thanks!
0
Comment
Question by:David Haycox
  • 2
4 Comments
 
LVL 43

Accepted Solution

by:
Jackie Man earned 500 total points
ID: 41897279
Android does not support SSTP VPN, you need to setup a new "L2TP/IPSec PSK" VPN with a PreShared Key (PSK) in your Server 2012 R2 Essentials.

Details of the info is as follows:-

"As for L2TP, it depends on which version you want to use. I'll cover JUST the PreShared Key (PSK) method, as it's much more simple.
Either way, it 'll require install the "RRAS" console. To do so, load up the server manager and add it.
 
Under Roles, make sure that "DirectAccess and VPN (RAS)" and "Routing" are installed (they should be already).
Under featuers, it's "Remote Server Administration Tools -> Role Administration Tools -> Remote Access Management Tools -> Remote Access GUI and Command-Line".
 
Once you've done this, in "Tools" or "Administrative Tools", there will be a "Routing and Remote Access" console. Open that up.
Find the server name, and right click on it.
Select "Properties" and click on the "Security" tab.
Check the "Allow custom IPsec polici for L2TP/IKEv2 connection". Input a ... well passphrase here. This is your preshared key. This is much like your wireless AP's WPA key, in that it allows access to the VPN. However, you also require the username and password to log in.
 
Forward ports 1701, 500, and 4500. These are all UDP ports.
Also, you need to make sure the router allows L2TP (or manually enable "IP Protocol 50", in firewalls/UTMs that require it (like Sophos UTM).
 
You may need to enable the options in Windows firewall, as well.
 
Once you've done this, you should be able to access the VPN over L2TP (which is much more secure than PPTP), and is supported by Android (and possible iOS, but I don't own any apple products, so I have no idea)."

Source: http://homeservershow.com/forums/index.php?/topic/8736-set-up-l2tp-pskpresharedkey-vpn/
1
 
LVL 1

Author Comment

by:David Haycox
ID: 41897751
Exactly what I needed.  Thanks!
0
 
LVL 39

Expert Comment

by:footech
ID: 41897868
I would think one of the 3rd party apps would support SSTP.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 41898730
I checked out a few of them.  It may have been possible to get one of them to work, but the best ones do of course have a cost associated, per device.  By deploying L2TP over IPSEC there was no extra cost involved.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question