A file browser opens.
In the Downloads folder, select the perfect-privacy_ipsec_ca.crt file you just downloaded.
If you cannot find the downloads folder immediately, you can also access it via the Burger menu in the upper left corner (three dashes).
You may now have to choose to open the file with strongSwan.
Confirm the import with Import certificate.
You can now set up any number of VPN profiles.
First select a location to which you want to establish the VPN connection. You will find an overview of the associated URLs on the download page (login required).
Our tip: Choose a location that is geographically as close as possible to achieve the best possible speed.
Once you have selected a location, tap Add VPN Profile at the top.
In the Server text box, enter the URL of the desired location. In the example, this is frankfurt.perfect-privacy.com.
Under Username and Password, enter your Perfect Privacy credentials and save the new profile by tapping Save in the menu at the top.
Even if the app is in the background, you can recognize the active VPN connection by the key icon in the status bar.
You can check that the VPN connection is working correctly by going to our Check IP page.
If you want to ensure that all of your Internet traffic passes through the VPN tunnel, you can now enable the kill switch.
Please note: With the kill switch activated, the Internet connection is only available if the VPN tunnel is up and running.
To enable the kill switch, go to the Android settings.
Select Network & internet and unfold the Advanced menu.
Tap on VPN.
Touch the gear to the right of strongSwan VPN Client.
In this menu you activate both Always-on VPN and Block connections without VPN.
The kill switch is now active and you can safely use the VPN.
Compatibility: Unfortunately, these options are not available on Huawei and Honor devices (EMUI interface) (as of Android 9.0).
If you like, you can exclude certain apps from the VPN. Their Internet traffic is then no longer routed through the VPN tunnel, and is instead routed past it with no additional encryption. For these apps it looks like there is no VPN connection at all.
In this example, you create an exception for the Netflix app to route the connection to the Netflix servers directly through your ISP.
In order for the exception to work, you must first deactivate the Block connections without VPN option in the VPN settings. How to get there is described above in the section "Enable the kill switch".
In the menu you can now select all apps you want to exclude from the VPN. In the example, the Netflix app is selected.
Use the back arrow in the top left menu to return to the settings. Under Select Applications it now says One application selected.
The Save menu item at the top saves the settings and takes you back to the main menu.
You have now successfully set up split tunneling.