• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2010
  • Last Modified:

Android VPN into Server 2012 R2 Essentials (SSTP VPN)

We have a machine running Server 2012 R2 with the Essentials role.  The SSTP VPN that is set up by the Anywhere Access wizard is configured and working fine for Windows clients.

We want to make VPN connections from several Android smartphones also.  How can we achieve this?

I'm looking for confirmation of a working app from experience please -  I can find several apps that say they support this, but I'm after evidence of something working well from someone who's actually tried this in person.  Thanks!
David Haycox
David Haycox
  • 2
1 Solution
Jackie ManCommented:
Android does not support SSTP VPN, you need to setup a new "L2TP/IPSec PSK" VPN with a PreShared Key (PSK) in your Server 2012 R2 Essentials.

Details of the info is as follows:-

"As for L2TP, it depends on which version you want to use. I'll cover JUST the PreShared Key (PSK) method, as it's much more simple.
Either way, it 'll require install the "RRAS" console. To do so, load up the server manager and add it.
Under Roles, make sure that "DirectAccess and VPN (RAS)" and "Routing" are installed (they should be already).
Under featuers, it's "Remote Server Administration Tools -> Role Administration Tools -> Remote Access Management Tools -> Remote Access GUI and Command-Line".
Once you've done this, in "Tools" or "Administrative Tools", there will be a "Routing and Remote Access" console. Open that up.
Find the server name, and right click on it.
Select "Properties" and click on the "Security" tab.
Check the "Allow custom IPsec polici for L2TP/IKEv2 connection". Input a ... well passphrase here. This is your preshared key. This is much like your wireless AP's WPA key, in that it allows access to the VPN. However, you also require the username and password to log in.
Forward ports 1701, 500, and 4500. These are all UDP ports.
Also, you need to make sure the router allows L2TP (or manually enable "IP Protocol 50", in firewalls/UTMs that require it (like Sophos UTM).
You may need to enable the options in Windows firewall, as well.
Once you've done this, you should be able to access the VPN over L2TP (which is much more secure than PPTP), and is supported by Android (and possible iOS, but I don't own any apple products, so I have no idea)."

Source: http://homeservershow.com/forums/index.php?/topic/8736-set-up-l2tp-pskpresharedkey-vpn/
David HaycoxAuthor Commented:
Exactly what I needed.  Thanks!
I would think one of the 3rd party apps would support SSTP.
David HaycoxAuthor Commented:
I checked out a few of them.  It may have been possible to get one of them to work, but the best ones do of course have a cost associated, per device.  By deploying L2TP over IPSEC there was no extra cost involved.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now