Set up VPN on Android devices (2024)

Table of Contents
Android VPN options EMM config Always-on VPN Block non-VPN connections Allow bypassing the VPN Per-app VPN Allowed apps Disallowed apps Google Play traffic Restrict system settings Related articles and guides Was this helpful? Need more help? Try these next steps: Insights, advice, suggestions, feedback and comments from experts FAQs References

This article helps IT admins configure virtual private networks (VPNs) on Android devices. Some older versions of Android don't support all the features mentioned here. To check your Android version, see .

Android VPN options

VPNs allow devices that aren’t physically on a network to securely access the network.

Android includes a built-in (PPTP, L2TP/IPSec, and IPSec) VPN client. Devices running Android 4.0 and later also support VPN apps. You might need a VPN app (instead of built-in VPN) for the following reasons:

  • To configure the VPN using an enterprise mobility management (EMM) console.

  • To offer VPN protocols that the built-in client doesn’t support.

  • To help people connect to a VPN service without complex configuration.

  • To run a separate VPN for the personal profile or work profile.

To get help with the built-in client, see Connect to a virtual private network (VPN) on Android.

EMM config

You can configure many VPNs using an EMM console—confirm that your VPN and EMM combination supports this. Using an EMM means that the people using the devices don’t have to change complex settings. EMMs often support the following config:

  • Disabling the VPN system settings so that somebody using the device can’t change the config.

  • Configuring the VPN network connection settings, including installing authentication certificates.

  • Adding a list of apps that are allowed to use the VPN or a list of apps that can’t use the VPN.

Always-on VPN

Android can start a VPN service when the device boots, and keep it running while the device or work profile is on. This feature is called always-on VPN and is available in Android 7.0or higher. To learn more, see Edit Always-on VPN settings.

Block non-VPN connections

In many EMM consoles (and in the Android Settings app), you can block connections that don’t go through the VPN. To force all network traffic through an always-on VPN, follow these steps on the device:

  1. Open your device's Settings app.

  2. Tap Network & internet Set up VPN on Android devices (1) Advanced Set up VPN on Android devices (2) VPN.

  3. Next to the VPN that you want to change, tapSet up VPN on Android devices (3) Settings.

  4. Switch Block connections without VPN to on.

To block non-VPN connections in your EMM console, see your EMM provider’s documentation.

See Also
How to Setup a VPN on Android & setup OpenVPN | Step-by-step guideVerschillende soorten VPN’s en wanneer ze te gebruikenHow to use a VPN on Android - The 3 Best Android VPN appsVPN Arten: 6 VPN Typen im Vergleich (mit Erklärungen)

Allow bypassing the VPN

If your VPN supports it, you can allow apps to bypass the VPN and select their own network. Some special-purpose apps might need to use a specific network, such as cellular or Wi-Fi. You can configure this option in your EMM console or directly in the VPN app.

Per-app VPN

Many VPN apps can filter which installed apps are allowed to send traffic through the VPN connection. You can create either an allowed list, or, a disallowed list, but not both. If you don’t create a list, the system sends all network traffic through the VPN.

You normally configure per-app VPN in your EMM console or directly in the VPN app.

Allowed apps

You can choose which apps are allowed to use the VPN using an allowed list. If you allow one or more apps, then only the apps in the list use the VPN. All other apps (that aren’t in the list) use the system networks as if the VPN isn’t running.

When you also turn on Block connections without VPN, then only apps in the allowed list have network access.

Disallowed apps

You can select which apps you don’t want to use the VPN by creating a disallowed list. Network traffic of disallowed apps uses system networking as if the VPN wasn’t running—all other apps use the VPN.

When you also turn on Block connections without VPN, then these disallowed apps lose network access.

See Also
pfSense® software Configuration Recipes — Configuring IPsec IKEv2 Remote Access VPN Clients — Configuring IPsec IKEv2 Remote Access VPN Clients on Android

Google Play traffic

You might want to explicitly include or exclude Google Play traffic from your VPN if traffic is metered. Here are the Google Play app packages that you’d need to allow or disallow:

  • com.android.packageinstaller

  • com.android.vending

  • com.google.android.gms

  • com.google.android.packageinstaller

Restrict system settings

If your EMM supports it, you can prevent device users from changing system VPN settings. In some versions of Android, this restriction stops an always-on VPN from starting:

Android version

Administration

Behavior when restricted

5.0

Fully managed devices

VPN app doesn’t start.

6.0

Fully managed devices and work profile

VPN app doesn’t start.

7.0 or higher

Fully managed devices and work profile

Always-on VPN app starts if set by device policy controller. Other VPN apps don’t start.

Related articles and guides

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members

Insights, advice, suggestions, feedback and comments from experts

I am an expert and enthusiast-based assistant. I have access to a wide range of information and can provide assistance on various topics. I can help you with configuring virtual private networks (VPNs) on Android devices, as well as provide information on related concepts mentioned in this article.

Let's dive into the details!

Virtual Private Networks (VPNs) on Android Devices

A virtual private network (VPN) allows devices that are not physically on a network to securely access the network. Android devices have built-in support for VPNs, including the following protocols: PPTP, L2TP/IPSec, and IPSec. Starting from Android 4.0, VPN apps are also supported on Android devices.

Reasons to Use VPN Apps Instead of Built-in VPN

While Android devices have built-in VPN support, there are several reasons why you might want to use a VPN app instead:

  1. Configuring VPN using an Enterprise Mobility Management (EMM) console: If you need to configure the VPN using an EMM console, a VPN app might be required.
  2. Offering VPN protocols not supported by the built-in client: VPN apps can provide additional VPN protocols that are not supported by the built-in client.
  3. Simplifying VPN configuration: VPN apps can help people connect to a VPN service without complex configuration.
  4. Running a separate VPN for personal or work profiles: VPN apps can enable the use of separate VPNs for personal and work profiles.

Configuring VPNs using an EMM Console

An EMM console allows you to configure many VPNs without requiring users to change complex settings. Some common configurations supported by EMMs include:

  1. Disabling VPN system settings: This prevents users from changing the VPN configuration on their devices.
  2. Configuring VPN network connection settings: EMMs can configure the VPN network connection settings, including the installation of authentication certificates.
  3. Allowing or disallowing specific apps to use the VPN: EMMs can create a list of allowed or disallowed apps that can use the VPN.

Always-on VPN

Android devices running Android 7.0 or higher support an always-on VPN feature. This feature allows the device to start a VPN service when it boots up and keeps it running while the device or work profile is active.

Blocking Non-VPN Connections

In many EMM consoles and in the Android Settings app, you can block connections that don't go through the VPN. To force all network traffic through an always-on VPN, follow these steps on the device:

  1. Open your device's Settings app.
  2. Tap on "Network & internet."
  3. Go to "Advanced" and select "VPN."
  4. Next to the VPN you want to change, tap on "Settings."
  5. Switch "Block connections without VPN" to "on".

Allowing Bypassing the VPN

If your VPN supports it, you can allow apps to bypass the VPN and select their own network. This can be configured either in your EMM console or directly in the VPN app.

Per-App VPN

Many VPN apps offer the ability to filter which installed apps are allowed to send traffic through the VPN connection. You can create either an allowed list or a disallowed list, but not both. If you don't create a list, the system sends all network traffic through the VPN. Per-app VPN configuration is typically done in the EMM console or directly in the VPN app.

Restricting System VPN Settings

If your EMM supports it, you can prevent device users from changing system VPN settings. However, it's important to note that in some versions of Android, this restriction can prevent an always-on VPN from starting. The behavior depends on the Android version and the device management level. For example:

  • Android 5.0: Fully managed devices with restricted VPN settings will not start the VPN app.
  • Android 6.0: Fully managed devices and work profiles with restricted VPN settings will not start the VPN app.
  • Android 7.0 or higher: Fully managed devices and work profiles with restricted VPN settings will start the always-on VPN app if set by the device policy controller. Other VPN apps won't start.

These are the main concepts related to configuring VPNs on Android devices. If you have any further questions or need more specific information, feel free to ask!

Set up VPN on Android devices (2024)

FAQs

Does Android have a built-in VPN? ›

VPNs allow devices that aren't physically on a network to securely access the network. Android includes a built-in (PPTP, L2TP/IPSec, and IPSec) VPN client. Devices running Android 4.0 and later also support VPN apps.

Get More Info
How do I set up my VPN on Android? ›

  1. Open your device's Settings app.
  2. Tap Network & internet. VPN. If you can't find it, search for "VPN." If you still can't find it, get help from your device manufacturer.
  3. Tap the VPN you want.
  4. Enter your username and password.
  5. Tap Connect. If you use a VPN app, the app opens.

Explore More
Do I need VPN on my Android phone? ›

Smartphones are commonly used to access public Wi-Fi. Even on a password-guarded connection, you are visible to other users on the network. A hacker can get the same coffeeshop password you have, and they can be on the same network as you. Using a VPN will protect yourself with encryption and anonymized data.

Get More Info
Does Samsung have a built-in VPN? ›

Samsung devices come with an enhanced version of the Android VPN Service.

Get More Info
Is VPN automatically on Android? ›

The functionality can be enabled within your Android phone settings and works only if the VPN toggle in the app is turned ON. Go to your device's Settings page and open the VPN settings. icon next to VPN. In the screen that appears, switch on the Always-on VPN toggle.

Discover More Details
What is the best VPN for Android devices? ›

The best Android VPN services in 2024
  1. NordVPN. A VPN titan that always delivers. ...
  2. ExpressVPN. Sleek apps for your Android device (and everything else) ...
  3. Surfshark. Great value yet fully featured Android VPN. ...
  4. Proton VPN. Swiss security in your pocket. ...
  5. Private Internet Access.
May 8, 2024

View Details
Is VPN free on Android? ›

If you opt for a safe and secure free VPN for Android without any limits, these 3 options are your best bet according to our testing: NordVPN (free for 30 days) ExpressVPN (free for 30 days) CyberGhost (free for 45 days)

Get More Info Here
What is the safest free VPN? ›

8 Free VPNs of 2024
  • TunnelBear: Best for user-friendliness.
  • Proton VPN: Best for enhanced anonymity.
  • hide.me: Best for leak protection.
  • Windscribe: Best for unlimited device connection.
  • VPN Unlimited: Best for lifetime protection.
  • CyberGhost: Best for ease of use.
  • Hotspot Shield: Best for streaming.
Apr 6, 2024

Tell Me More
Why is my VPN not working on my Android phone? ›

Your VPN app might be interfering with other apps or settings on your device. You can fix an unstable VPN connection on Android by changing your VPN protocol, turning off battery-saving mode, switching to another server, or simply restarting your device.

Read More
How do I know if I have a VPN on my Android? ›

To check if you already have a VPN configured on your device go to Settings > Connections > More connection settings > VPN. Any VPNs already configured on your device will show here.

Know More

Is it worth using VPN on phone? ›

VPNs are a great way to enhance your phone's privacy and security online, but they don't offer risk-free protection. Online scams, malicious apps, and dodgy websites are still a problem, so it's worth staying on your toes, even if you have a VPN connection.

Get More Info Here
Should I use always on VPN Android? ›

There are several key benefits of an always-on VPN for Android: Privacy — Masks your IP address and online activities from your internet provider and WiFi snoopers. Public WiFi Security — Encrypts your data on exposed public networks to block hacking.

Get More Info
Does Samsung phones have free VPN? ›

There are free VPNs for Android, such as Surfshark, TunnelBear, Windscribe, Hotspot Shield, and ProtonVPN. How do I set up a VPN on my Samsung phone? To set up a VPN on your Samsung phone: Download a VPN app from the Google Play Store.

Keep Reading
How do I know if my Android has VPN? ›

To check if you already have a VPN configured on your device go to Settings > Connections > More connection settings > VPN. Any VPNs already configured on your device will show here.

Get More Info
Does Google have a free VPN? ›

A VPN (virtual private network) is integral for keeping your identity hidden while browsing the web. It's also useful for accessing geo-restricted content. There are many affordable VPNs on Android. Google One subscribers get access to Google VPN for free, in addition to the numerous benefits the subscription offers.

Discover More Details
What Android browser has a VPN in it? ›

3 best browsers with built-in VPN
Best forLearn more
OperaBest for everyday useGet Opera
Aloha BrowserBest for mobileGet Aloha Browser
Epic BrowserBest for anti-trackingGet Epic Browser
Apr 11, 2024

Read On

References

Top Articles
Life, Recipes, and Thank You – Elly Says Opa!
Best Salad Ever (My Most Requested Salad Recipe)
Www Publix Org Oasis Schedule
Vons Bakery Hours
Fantasy baseball: Weekend preview June 20-23
Fantasy baseball pitcher rankings, lineup advice for Friday's MLB games
How to Book Via Rail Tickets Online?
Buying a Train Ticket | National Rail
2020 - UPDATED: May 2024
Southern Caribbean from Baltimore, Royal Caribbean, 29th March 2025 – Planet Cruise
Latest Posts
Chicken with Honey-Beer Sauce Recipe
24 Crazy Delicious Recipes That Are Super Low-Carb
Article information

Author: Greg Kuvalis

Last Updated:

Views: 6132

Rating: 4.4 / 5 (75 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Greg Kuvalis

Birthday: 1996-12-20

Address: 53157 Trantow Inlet, Townemouth, FL 92564-0267

Phone: +68218650356656

Job: IT Representative

Hobby: Knitting, Amateur radio, Skiing, Running, Mountain biking, Slacklining, Electronics

Introduction: My name is Greg Kuvalis, I am a witty, spotless, beautiful, charming, delightful, thankful, beautiful person who loves writing and wants to share my knowledge and understanding with you.