Configuring VPN on Android devices (only Samsung)
To securely connect an Android device to the internet and protect data transfer, you can configure VPN (Virtual Private Network) settings.
Configuration of VPN is possible only for Samsung devices running Android 11 or earlier.
The following requirements must be considered when using a virtual private network:
- The app that uses the VPN connection must be allowed in the Firewall settings.
- VPN settings configured in the policy cannot be applied to system apps. The VPN connection for system apps has to be configured manually.
- Some apps that use a VPN connection need to have additional settings configured at first startup. To configure settings, a VPN connection has to be allowed in app settings.
To configure VPN on a user's mobile device:
- In the main window of Kaspersky Security Center Web Console, select Assets (Devices) → Policies & profiles. In the list of group policies that opens, click the name of the policy that you want to configure.
- In the policy properties window, select Application settings.
- Select Android and go to the Samsung Knox settings section.
- On the VPN card, click Settings.
The VPN window opens.
- Enable the settings using the VPN toggle switch.
- Specify the following VPN settings:
- Settings in the Network section:
- In the Network name field, enter the name of the VPN tunnel.
- In the Protocol drop-down list, select the VPN connection type:
- IPSec Xauth PSK. A tunneling protocol of the "gateway-to-gateway" type that lets the mobile device user establish a secure connection with the VPN server using the Xauth authentication utility.
- L2TP IPSec PSK. A tunneling protocol of the "gateway-to-gateway" type that lets the mobile device user establish a secure connection with the VPN server via the IKE protocol using a preset key. This protocol is selected by default.
- PPTP. A "point-to-point" tunneling protocol that lets the mobile device user establish a secure connection to the VPN server by creating a special tunnel on a standard unsecured network.
- In the Server address field, enter the network name or IP address of the VPN server.
- Settings in the Protocol settings section:
- In the DNS search domain(s) list, enter the DNS search domain to be automatically added to the DNS server name.
You can specify several DNS search domains, separating them with blank spaces.
- In the DNS server(s) field, enter the full domain name or IP address of the DNS server.
You can specify several DNS servers, separating them with blank spaces.
- In the Routing field, enter the range of network IP addresses with which data is exchanged via the VPN connection.
If a range of IP addresses is not specified in the Routing field, all internet traffic will pass through the VPN connection.
- In the DNS search domain(s) list, enter the DNS search domain to be automatically added to the DNS server name.
- Settings in the Network section:
- Additionally, configure the following settings:
- For the IPSec Xauth PSK and L2TP IPSec PSK protocols:
- In the IPSec shared key field, enter the password for the preset IPSec security key.
- In the IPSec ID field, enter the name of the mobile device user.
- For the L2TP IPSec PSK protocol, specify the password for the L2TP key in the L2TP key field.
- For the PPTP network, select the Use SSL connection check box so that the app will use the MPPE (Microsoft Point-to-Point Encryption) method of data encryption to secure data transmission when the mobile device connects to the VPN server.
- For the IPSec Xauth PSK and L2TP IPSec PSK protocols:
- Click Save to save the changes you have made.
Mobile device settings are changed after the next device synchronization with Kaspersky Security Center.