Setting up strongSwan VPN on Android
Next, download the CA certificate. The specific certificate will come from your VPN provider. If you are running your own provider with OpenIKED, you'll want to download
/etc/iked/ca/ca.crt onto your Android mobile. OpenHTTPd can be useful for this.
Open with strongSwan VPN Client.
Verify the certificate is correct, then tap
Import Certificate. You should see
Certificate successfully imported at the bottom. Once the certificate has been imported, you may need to then tap the back button at the top left.
Add VPN Profile. Fill in the details:
- Server: Replace
example.comwith your actual VPN server.
- VPN Type: IKEv2 EAP (Username/Password)
- Username: Replace
usernamewith your actual username
- Password: Replace
passwordwith your actual password.
- CA certificate: Make sure
Select automaticallyis checked.
- Profile name: Replace it with your server name.
Save at the top right.
Tap on the connection.
Afterwards, strongSwan will need you to disable battery optimizations. Tap
OK. Then, tap
Allow to allow the app to run in the background.
If it has connected properly, you should see
Make sure to test that your IP address is concealed.