Conversation with Tim Felser, Chief Developer, Mobile VPN Clients at NCP engineering
With the release of Android 4.0 (dubbed “Ice Cream Sandwich”) upon us, we checked in with Tim Felser, NCP’s chief developer of mobile VPN clients, to talk about what this release ultimately means for Android’s VPN functionality.
VPN Haus: What impact will the Android 4.0 "Ice Cream Sandwich" have on the device’s core VPN functionality?
Tim Felser: VPN functionality in “Ice Cream Sandwich” was extended to support native IPsec connections, using XAUTH for user authentication. With this new option, it is possible to connect to IPsec gateways without any problems.<br>By using this API, it i
VPN Haus: Until version 4.0, no integrated IPsec VPN client was available on Android. What
<img class="alignright size-medium wp-image-2570" title="Android-Ice-Cream-Sandwich11" src="http://vpnhaus.ncp-e.com/wp-content/uploads/2012/01/android-ice-cream-sandwich11.jpg?w=300" alt="" width="300" height="215" />
technical challenges were possibly precluding this functionality?
Felser: There were no technical reasons why prior Android versions did not have native IPsec functionality. In versions before and including 4.0, Android’s IPsec functionality is provided by the <a href="http://ipsec-tools.sourceforge.net/">IPsec-Tools</a
VPN Haus: Can you tell me about the tests that NCP conducted in which an Android 2.2’s integrated VPN client—based on PPTP or L2TP—was used in lieu of “real IPsec”? What are the key lessons learned for the enterprise?
Felser: In Android 2.x and 3.x, the integrated VPN functionality was limited to the following modes: PPTP, L2TP and L2TP over IPsec. These protocols are used to connect to Microsoft Server systems. We just concentrated on L2TP over IPsec because NCP’s sof
Result: We adapted our VPN gateway in order to establish this connection. However, this wasn’t a huge effort on our part, since we already supported both protocols beforehand.