Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Android VPN into Server 2012 R2 Essentials (SSTP VPN)

Posted on 2016-11-21
4
299 Views
Last Modified: 2016-11-23
We have a machine running Server 2012 R2 with the Essentials role.  The SSTP VPN that is set up by the Anywhere Access wizard is configured and working fine for Windows clients.

We want to make VPN connections from several Android smartphones also.  How can we achieve this?

I'm looking for confirmation of a working app from experience please -  I can find several apps that say they support this, but I'm after evidence of something working well from someone who's actually tried this in person.  Thanks!
0
Comment
Question by:David Haycox
  • 2
4 Comments
 
LVL 44

Accepted Solution

by:
Jackie Man earned 500 total points
ID: 41897279
Android does not support SSTP VPN, you need to setup a new "L2TP/IPSec PSK" VPN with a PreShared Key (PSK) in your Server 2012 R2 Essentials.

Details of the info is as follows:-

"As for L2TP, it depends on which version you want to use. I'll cover JUST the PreShared Key (PSK) method, as it's much more simple.
Either way, it 'll require install the "RRAS" console. To do so, load up the server manager and add it.
 
Under Roles, make sure that "DirectAccess and VPN (RAS)" and "Routing" are installed (they should be already).
Under featuers, it's "Remote Server Administration Tools -> Role Administration Tools -> Remote Access Management Tools -> Remote Access GUI and Command-Line".
 
Once you've done this, in "Tools" or "Administrative Tools", there will be a "Routing and Remote Access" console. Open that up.
Find the server name, and right click on it.
Select "Properties" and click on the "Security" tab.
Check the "Allow custom IPsec polici for L2TP/IKEv2 connection". Input a ... well passphrase here. This is your preshared key. This is much like your wireless AP's WPA key, in that it allows access to the VPN. However, you also require the username and password to log in.
 
Forward ports 1701, 500, and 4500. These are all UDP ports.
Also, you need to make sure the router allows L2TP (or manually enable "IP Protocol 50", in firewalls/UTMs that require it (like Sophos UTM).
 
You may need to enable the options in Windows firewall, as well.
 
Once you've done this, you should be able to access the VPN over L2TP (which is much more secure than PPTP), and is supported by Android (and possible iOS, but I don't own any apple products, so I have no idea)."

Source: http://homeservershow.com/forums/index.php?/topic/8736-set-up-l2tp-pskpresharedkey-vpn/
1
 
LVL 1

Author Comment

by:David Haycox
ID: 41897751
Exactly what I needed.  Thanks!
0
 
LVL 40

Expert Comment

by:footech
ID: 41897868
I would think one of the 3rd party apps would support SSTP.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 41898730
I checked out a few of them.  It may have been possible to get one of them to work, but the best ones do of course have a cost associated, per device.  By deploying L2TP over IPSEC there was no extra cost involved.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let Bitmoji into your life. Now is the time to learn a new language of smartphone messaging with this brief introduction.
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question