Insecure connection to the VPN of my internet box

Good morning,

I recently configured my internet box 3 to allow VPN connections. I then connected from the mobile network to the VPN with my phone running Android 14, without using any particular application. The connection works fine but is marked as insecure.

Can you tell me why this connection is not secure? Does this mean that it is not encrypted or that the identification process is not secure? How to solve this problem?

Thanks in advance for the answers!

Show original language (French)

@Preullittie14

@Preullittie14 wrote:

Hello,

I recently configured my internet box 3 to allow VPN connections. I then connected from the mobile network to the VPN with my phone running Android 14, without using any particular application. The connection works fine but is marked as insecure.

Can you tell me why this connection is not secure? Does this mean that it is not encrypted or that the identification process is not secure? How to solve this problem?

Thanks in advance for the answers!

Hello Preullittie14

Could you tell us which VPN protocol you chose?

Doremi

Show original language (French)

Hello Preullittie14

Who (app) says the connection is not secure? Opening the VPN and encrypting the connection between the phone and the IB3 is transparent for applications that use the internet service.

The important point is to check that the VPN activity notification is present on the phone.

DanielD

Screenshot_20240630_100857_One UI Home2.jpg

Show original language (French)

    Good morning,

    I don’t use an app, just the VPN menu in the phone settings app. When I activate the VPN connection, I see the status “connected, not secure”. The small key does not appear in notifications.

    Show original language (French)

    If I summarize the configurations I have

    Android14 VPN Setup

    Name: MyVPN

    Type: IKEv2/IPSec PSK
    Server: name.ib3.external
    IPSec identifier: myuserID
    IPsec pre-shared key: abcdefghijklmopqrstuvwxyz
    No advanced option

    IB3 VPN Configuration

    Type: IKEv2
    IPSec identifier: myuserID
    VPN secret question: abcdefghijklmopqrstuvwxyz

    external.ib3.name defined by the IB3 DNS service

    There is nothing special and the connection is always secure or does not happen if the key or protocol does not match.

    DanielD

    Show original language (French)
    5 days later

    Hello, I would like to understand why the unsecured connection message appears?
    Is this a problem with Swisscom authentication certificate not recognized by Android? Is the connection encrypted?

    How do I diagnose my VPN connection?

    Thank you for your detailed answers!

    Show original language (French)

    @Preullittie14

    @Preullittie14 wrote:

    Hello, I would like to understand why the insecure connection message appears?
    Is this a problem with Swisscom authentication certificate not recognized by Android? Is the connection encrypted?

    How do I diagnose my VPN connection?

    Thank you for your detailed answers!

    Hello Preullittie14

    If you get the message “unsecured connection”, this indicates that your VPN connection cannot be established. The VPN option, whether on your mobile or on the Internet box, is not correctly configured. I just programmed my Samsung Galaxy XCover 4S business phone with Android 11 without any problems.

    As @DanielD indicates There is nothing in particular the connection is always secure or does not happen if the key or protocol does not match.

    Cordialement Doremi

    Show original language (French)

    Hi,

    However, it seems to me that the connection is established because I can access my router (192.168.1.1) from my phone via 5G… So the VPN works, in any case the connection is established and the data passes through my router. The router also indicates that I am connected when I activate the VPN connection.

    The problem is with my phone indicating an insecure connection even though the VPN is clearly working. I would like to know why?

    Cordialement

    Show original language (French)
    5 months later

    Hello,

    I have the same problem. There is a connection but it says it is not secure.

    I’m running Android 13 and therefore with the IKEv2 protocol.

    What’s the problem (if there is one)?

    Thank you for your help and best regards.

    Show original language (French)

      IKEv2 with PSK (Pre-Shared Key Authentication) is considered insecure. See chapter “Pre-Shared Key Authentication” under:

      https://docs.strongswan.org/docs/latest/support/faq.html#_pre_shared_key_authentication

      This is why proper VPN apps such as StrongSwan do not support IKEv2 with PSK for VPN tunnels!

      When using a VPN tunnel with IKEv2/IPSec, the recommendations of BSI TR-02102-3 must be observed.

      German:

      https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr02102/tr-02102.html

      English:

      https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/Technische-Richtlinien/TR-nach-Thema-sortiert/tr02102/tr02102_node.html

      VPN endpoints should only be operated on hardware that is completely under your own control. A cable modem (here: Internet box) from an Internet service provider (ISP; here: Swisscom) is never completely under your own control (topic: firmware + remote maintenance via TR-069).

      Recommendation: Corresponding VPN instructions at:

      https://www.lancom-forum.de/fragen-zum-thema-vpn-f14/vpn-via-android-client-t17229.html#p97795

      use.

      Show original language (German)
       changed by GrandDixence