Securepoint VPN Client App for Android

Status messages and function of the Android app Securepoint VPN Client for Securepoint Mobile Security

Last adaptation to the version: 3.3.0 (10.2025)

New:

Neues Menu bei Logging
Der komplette Log oder der Log einer einzelnen Verbindung lässt sich downloaden

Logging has become a seperate section under More
Adjustment to the new design

notempty

This article refers to a Beta version

Introduction

The Android app for Securepoint Mobile Security can be downloaded from Google-PlayStore.
The status displays are explained here.

The compatibility between iOS and Securepoint Mobile Security is always tested on current devices.

notempty

The device must not be rooted!

iOS / iPadOS Version	Mobile Security	Remark
up to 15.5		Technologically not compatible
15.5 up to 16	()	Version 15.5 is the technically lowest supported version Technologically compatible, but not all functions are supported by the operating system.
17 up to 26		Technologically compatible

The latest version is required to use all functions.

Compatibilities Android

Compatibility of Android versions with Securepoint Mobile Security:

notempty

The device must not be rooted!

Android Version	Mobile Security	Remark
until including 6		Technologically not compatible
7 up to 13	()	Version 7 is the technically lowest supported version Technologically compatible, but not all functions are supported by the operating system.
From 14		All devices from Android 7.0 with access to the Google Play Api are supported This excludes, for example, newer devices from Huawei that do not have access to Google Play! Mobile Security and MDM is compatible with the devices recommended by Google. The current list of compatible devices can be found at https://androidenterprisepartners.withgoogle.com/devices/# Due to the large number of different manufacturers and operating system versions we can not guarantee 100% compatibility. Devices that are not explicitly recommended by Google can work. We cannot guarantee a solution for problems with unlisted devices.

App Setup in the Portal

notempty

New from App version: 3.0

The Android VPN can be set up during device initialization with active Mobile Security.
During device enrollment, see Wiki article Android-Enrollment, the app can be automatically installed as part of the setup process. This is done along with the configuration of the profile for the new Android device:

Under Mobile Security Android Profiles tab Application option Applications Add Aplications
- Enter in Application under Package Name de.securepoint.ms.agent or search via Select Applications Securepoint VPN Client
- Installation Type Required for Setup
In the profile tab Security option Activate Securepoint Mobile Security enable

Configure the profile as desired see Wiki article Android profile. After the successfull enrollment of the Android device, the VPN app will be ready for use.

Caption	Value	Description
Overview
The overview displays various information about the connection status.
Symbol	Status	Description	Internet connection and VPN tunnel active

		VPN-Tunnel active
		VPN-Tunnel inactive
		Network connection via WLAN or cellular network active
		Network connection via WLAN or cellular network inactive
Pause VPN	The VPN tunnel is interrupted for a specified period of time (1, 2, 4, 8 hours / Until tomorrow morning at 6 am).
Start VPN	Immediate re-establishment of the VPN tunnel
Stop VPN	Aborting the VPN tunnel Only possible if Connection monitoring is deactivated

Running connection
Current information about the running connection is displayed here.
Active profile:	Mobile Security	Displays the active profile
Status:	Disconnected Connected	Displays the current status of the connection
Received:	17.6 KB	The amount of data received
Sent:	176.0 KB	The amount of data sent
Received per second:	0.0 KBit/s	The amount of data received per second
Sent per second:	0.0 KBit/s	The amount of data sent per second
Connection time:	hh:mm:ss	The runtime of the connection in hours:minutes:seconds

Course of time
Shows the upload and download data volume of the current connection in two diagrams. The last 5 minutes are shown at the top and the last 100 minutes at the bottom. Each point in the 5 minute diagram corresponds to the average value over 5 seconds. Each point in the 100 minutes diagram corresponds to the average value over 1 minute. As long as no connection is active, no new values are generated and the past data is displayed. As soon as a new connection is started, the new data is included in the calculation of the average values. The display therefore refers to the last 5 or 100 minutes with an active connection. Regardless of whether there were breaks during this time.

Profiles
Manage profiles
All existing profiles are displayed. Using the button, another profile can be added. This opens Google Drive. Using the slider next to the profile, it is enabled, or disabled. notempty Only one profile can be active at a time.			Profiles overview

Add profile
Add profile via portal
notempty VPN Configurations for Roadwarrior require a UTM v14.0 or higher notempty New from App version: 3.0 Further profiles can be added via the Securepoint Portal To do this, in the Unified Security Consolekonfig of an existing Core UTM, a new Roadwarrior is created using the Satellit/Roadwarrior button. If a Roadwarrior connection already exists and only needs to be extended, the desired profile can be selected via the button under the Profil option. Alternatively, if a suitable Android profile is included in a Roadwarrior connection, the Android device can be assigned to this profile. If this VPN connection is published via Publish resp. the Android profile is saved, this VPN profile will be added to the VPN app.
Add Profile manually
To add another profile, click on the button. The corresponding file is selected in the Files app that opens. Two different formats are accepted: a zip file containing all required CAs, certs, keys and the ovpn file this can be created directly within the UTM. an unzipped zip file via the import of the .ovpn file If all required CAs, certs and keys are also included there. an inline-.ovpn-Config file, in which all required CAs, certs and keys are written into the .ovpn file via XML

Edit profile
To edit a profile, click on the corresponding profile. The dialog for editing the profile opens. notempty New from App Version: 3.0 Fields that cannot be edited are displayed grayed out
notempty New from App version: 3.0 notempty Only manually added VPN profiles can be fully edited. In the Securepoint Mobile Security profile, editing is highly restricted. Only: Redirect Gateway, Comprehensiveness, Connection Monitoring und Widget
Caption	Value	Description
Profile name:	Securepoint Mobile Security	The name of the profile
Username:	Alice	The name of the user to the VPN connection
Password:	***********	The password of the user to the VPN connection
Enable OTP		When activated OTP is used
VPN-Server	Opens the dialog VPN Server Shows the used servers with port and if TCP or UDP is used.
DNS-Server	Opens the dialog DNS Server Shows the used servers with port and if TCP or UDP is used.
Redirect Gateway Editable within the Securepoint Mobile Security profile.	IPv4 only	If is enabled, the selected redirect gateway will be used
	IPv4 and IPv6
	IPv6 only
Excluded routes	Opens the Excluded routes dialog Displays the IP addresses and networks where no VPN connection is established
Excluded domains	Opens the Excluded domains dialog Displays the domains which are not in use
Excluded applications	Opens the Excluded Applications dialog Displays the applications/apps that are not routed through the VPN connection
Excluded SSIDs	Opens the Excluded SSIDs dialog Displays the SSIDs that do not establish a VPN connection
MTU	1500	The size of the MTU can be set
Encryption	AES-128-CBC	Shows the set encryption
Authentication	SHA256	Shows the set authentication
Reconnection time	5	The time after a connection is lost during which the connection is re-established
Maximum connection attempts	12	The maximum number of attempts to re-establish the connection after a termination.
Certification authority	1.2.345.67890...	Displays the content of the certificate used
Certificate	CN=********	The certificate used
Key	*******	The key used
Verbosity Editable within the Securepoint Mobile Security profile.	No selection 0 to 5	Setting the log level
Connection monitoring Editable within the Securepoint Mobile Security profile.	Default	When activated, the VPN app starts automatically. For example, after a restart of the Android device.notempty The MDM option Always-On VPN is not supported by the VPN app!
Widget Editable within the Securepoint Mobile Security profile.		When activated, the widget can be used
	The changes made are saved
	The program returns to the previous dialog. A warning window appears if changes have not yet been saved.
Portal Profile editing
notempty New from App version: 3.0 Profiles created via the VPN configuration in the portal have very limited editing options in the VPN app. Therefore, these profiles must be edited directly in the portal.
Interface
Profile name:	RW-Smartphones	The name of the profile
Private Key	***************************	The private key for the VPN connection
Public Key	***************************	The public key for the VPN connection
	10.0.2.3/32	The IPv4 or IPv6 address of the device based on the transfer in use
DNS Server	(optional)	DNS Server if available
MTU	(optional)	MTU Size if available
Connection monitoring Editable in the app	Default	When activated, the VPN app starts automatically. For example, after a restart of the Android device.notempty The MDM option Always-On VPN is not supported by the VPN app!
Widget Editable in the app		When activated, the widget can be used
Participants - LG1 The designation after Participants is the alias name of the Core UTM from Unified Security Consolekonfig
Public Key	***************************	The public key for the Core UTM
Pre-shared key	(optional)	The pre-shared key, if available
Endpoint	203.113.0.113:51280	The public IP address or hostname and port of the Core UTM
Allowed IP addresses	10.2.0.0/24	These IP addresses are routed through the VPN This is set via the Target in the defined Rule. Further information can be found here.
Permanent maintenance	25	Duration for which the connection remains active despite inactivity of the UTM
	The changes made are saved
	The program returns to the previous dialog. A warning window appears if changes have not yet been saved.

Notifications
Notifications about the VPN connection are displayed here.
Symbol	Description
	No error present. The VPN connection is established and the device uses it.
	An error has occurred or the VPN connection is disconnected. A corresponding message appears.


More
Settings
Function of the foreground notification pause button	Until display off	Sets the function of the foreground notification pause button (15 minutes, 1, 2, 3, 4, 8 hours, Until tomorrow morning at 6am).
Exclude connected WLAN from VPN	Default	When is activated, the currently connected WLAN is excluded from the VPN
Exclude from the energy saving function	Default	If is enabled, the VPN app will be excluded from the power saving mode
notempty New as of 3.1 Authentication before app start		Indicates whether authentication for the Securepoint VPN app is enabled Authentication is required every time the app starts This function can be enabled via Securepoint Portal de-/enable Depending on the settings of the Android device, different authentication methods are available, such as Biometrics (FingerPrint and Face) or Credentials (PIN, Pattern or Password). If both Biometrics and Credentials are enabled, Biometrics is required first, with Credentials offered as an alternative. Authentication window of the VPN app. The configuted authentication method is opened via Authentifizieren

Logging
Activate logging		When activated logging is enabled
Devices Info	Opens a dialog with information about the device
Full log	Opens the dialog with all log messages
notempty New as of: 3.3.0	Öffnet ein Menufeld, indem drei Optionen möglich sind Im Menü Logging und in allen Untermenüs enthalten
	Speichern	Die Log-Datei wird lokal auf dem Gerät abgespeichert. Per Default lautet die Datei log.text Bei Logging und Vollständiges Log: Der komplette Log aller Verbindungen wird abgespeichert Bei Geräteinformationen: Die Geräteinformationen werden ausschließlich abgespeichert Bei einzelnen Verbindungen: Der Log der ausgewählten Verbindung wird abgespeichert
	Teilen	Öffnet ein Fenster, indem der Log mit einem Securepoint Support-Ticket, falls vorhanden, geteilt werden kann Bei Logging und Vollständiges Log: Der komplette Log aller Verbindungen wird geteilt Bei Geräteinformationen: Die Geräteinformationen werden ausschließlich geteilt Bei einzelnen Verbindungen: Der Log der ausgewählten Verbindung wird geteilt
	Löschen	Opens a window with a security question whether all entries should be deleted

Diagnosis
Active profile:	Displays the active profile
Internet connection:	Displays the connection to the Internet
Server reachability	The Test is used to test the reachability of the VPN Server in use. The VPN connection is briefly interrupted for this purpose.
Server name resolution	Displays the test result. Not tested No test has been performed yet. Successful test. The name resolution of the server works without errors. Failed test. An error occurred during the name resolution of the server.
Server reachability	Displays the test result. Not Tested No test has been performed yet. Successful test. The server is reachable. Failed test. The server is not reachable.
Virtual Private Network	The Test button tests the VPN connection.
Connection	Displays the test result. Not Tested No test has been performed yet. Successful test. The VPN connection works without errors. Failed test. There is an error with the VPN connection.
Information and action instructions based on the last connection test:	Displays a log message about the last VPN connection test. If an error occurred, a corresponding instruction is displayed to solve this problem.
Check public IP	The Test button displays the public IP address of the device.
Your IP is:	********	The public IPv4/IPv6 address of the device

Privacy policy	Displays the privacy policy.
Imprint	Displays the imprint with contact details.
EULA	Displays the end user agreement.
Licenses	Displays the licenses of the opensource programs used.
Help	Displays the FAQs.

Introduction

Compatibilities Android

App Setup in the Portal

Overview

Running connection

Course of time

Profiles

Manage profiles

Add profile

Add profile via portal

Add Profile manually

Edit profile

Portal Profile editing

Notifications

More

Settings

Logging

Diagnosis

Privacy policy

Imprint

EULA

Licenses

Help