AppGoblin Icon AppGoblin

strongSwan VPN Client

strongSwan VPN Client
strongSwan VPN Client
Developer: strongSwan Project
Category: Communication
1M installs
3.5K ratings
+1.9K weekly installs
trend steady
+11.7K monthly installs
trend steady
SDKs, Trackers & Permissions

strongSwan VPN Client was last scanned for SDKs 2025-04-29. Below is the overview of third party companies detected in the app. The full list of raw SDKs, app permissions and unknown SDKs is available here.

3 Development Tools
JetBrains IntelliJ
company-logos/jetbrains.com/logo_200x200.jpeg JetBrains
company-logos/kotlinlang.org/logo_200x200.png Kotlin
App Details
Store ID: org.strongswan.android
First Released: 2012-08-14
Store Last Updated: 2025-10-02
In-App Purchases: No
Ads: No
Website: docs.strongswan.org
App Store
Crawl Status: Success
Store First Crawled: 2021-02-06
Store Last Crawled: 2025-10-03
Ads & App-Ads.txt
App does not have ads.
SDK Tracking Status
Successful Last Crawled: 2025-04-29
Last Crawled: 2025-04-29
Last Crawl Status: Success

4.08★

Ratings: 3490

5★
4★
3★
2★
1★

Screenshots

App screenshot
App screenshot
App screenshot
App screenshot

App Description

An easy to use IKEv2/IPsec-based VPN client.

Official Android port of the popular strongSwan VPN solution.

# FEATURES AND LIMITATIONS #

* Uses the VpnService API featured by Android 4+. Devices by some manufacturers seem to lack support for this - strongSwan VPN Client won't work on these devices!
* Uses the IKEv2 key exchange protocol
* Uses IPsec for data traffic
* Full support for changed connectivity and mobility through MOBIKE (or reauthentication)
* Supports username/password EAP authentication (namely EAP-MSCHAPv2, EAP-MD5 and EAP-GTC) as well as RSA/ECDSA private key/certificate authentication to authenticate users, EAP-TLS with client certificates is also supported
* Combined RSA/ECDSA and EAP authentication is supported by using two authentication rounds as defined in RFC 4739
* VPN server certificates are verified against the CA certificates pre-installed or installed by the user on the system. The CA or server certificates used to authenticate the server can also be imported directly into the app.
* IKEv2 fragmentation is supported if the VPN server supports it (strongSwan does so since 5.2.1)
* Split-tunneling allows sending only certain traffic through the VPN and/or excluding specific traffic from it
* Per-app VPN allows limiting the VPN connection to specific apps, or exclude them from using it
* The IPsec implementation currently supports the AES-CBC, AES-GCM, ChaCha20/Poly1305 and SHA1/SHA2 algorithms
* Passwords are currently stored as cleartext in the database (only if stored with a profile)
* VPN profiles may be imported from files
* Supports managed configurations via enterprise mobility management (EMM)

Details and a changelog can be found on our docs: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html

# PERMISSIONS #

* READ_EXTERNAL_STORAGE: Allows importing VPN profiles and CA certificates from external storage on some Android versions
* QUERY_ALL_PACKAGES: Required on Android 11+ to select apps to ex-/include in VPN profiles and the optional EAP-TNC use case

# EXAMPLE SERVER CONFIGURATION #

Example server configurations may be found in our docs: https://docs.strongswan.org/docs/latest/os/androidVpnClient.html#_server_configuration

Please note that the host name (or IP address) configured with a VPN profile in the app *must be* contained in the server certificate as subjectAltName extension.

# FEEDBACK #