Howdy, 

I am attempting to connect an Android VPN client to the RV320 model small business router VPN server.  I'm pretty sure I've got the client / server configuration correct (though I have tried almost every possible configuration combination between the two) but the client keeps saying connection timeout.  I'll list out my current configuration for scrutiny at the bottom of the post, as well as the client specs.  But assuming all of that is correct, a client connection timeout says to me that the router is not hearing the connection request.  I'm wondering if there's any further configuration the router needs, such as opening a specific port, to enable this type of vpn connection.

After getting no where on my own, I started my troubleshooting research here:

https://supportforums.cisco.com/discussion/12147521/create-vpn-tunnels-clientswindowsandroid-rv320

Having reviewed all the material referenced in that post, I basically got to the same place as that OP: no IPSec connection to Android.  So I'm hoping someone has some new information.

Client Specs & Config:
Samsung Galaxy Light
Android version 4.4.2
Using the native Android VPN client

Client Config (1 of 3):
IPSec Connection Type: IKEv1 PSK
Gateway: My external IP.  This is an unregistered address on an ATT Uverse DSL line
Identity Type: Email
Identity: My gmail email address
Pre-shared Key (PSK): congruent to server's PSK
Extended authentication enabled
Aggressive mode enabled
Perfect Forwarding Secrecy enabled
Disable Split Tunneling disabled
Algorithm suite: Any (this is the one i'm least sure of)
IKE Groups: IKE Group 2 (MODP-1024)

Client Config (2 of 3)
IPSec Connection Type: IKEv2 PSK
Gateway: My external IP.  This is an unregistered address on an ATT Uverse DSL line
Identity Type: Email
Identity: My gmail email address
Pre-shared Key (PSK): congruent to server's PSK
Perfect Forwarding Secrecy enabled
Disable Split Tunneling disabled
MOBIKE: disabled
Algorithm suite: Any (this is the one i'm least sure of)

Client Config (3 of 3):
IPSec Connection Type: L2TP pre-shared key (IKEv1)
Gateway: My external IP.  This is an unregistered address on an ATT Uverse DSL line
Identity Type: Email
Identity: My gmail email address
Pre-shared Key (PSK): congruent to server's PSK
Aggressive mode enabled
Perfect Forwarding Secrecy enabled
Disable Split Tunneling disabled
Algorithm suite: Any (this is the one i'm least sure of)
IKE Groups: IKE Group 2 (MODP-1024)

Server Configuration
Client to Gateway Server
Tunnel / Group VPN / Easy VPN: Tunnel
Interface: WAN1
Keying Mode: IKE with Preshared key
Enable: enabled
Local Group Setup
Local Security Gateway Type: IP Only
IP Address: My external IP, auto-detected and not editable
Local Security Group Type: IP Range
Begin IP: 192.168.1.151
End IP: 192.168.1.151
Remote Client Setup
Remote Security Gateway Type: Dynamic IP + Email Address(USER FQDN) Authentication
Email Address: my gmail address
IPSec Setup
Phase 1 DH Group: Group 2 - 1024 bit
Phase 1 Encryption: AES-256
Phase 1 Authentication: SHA1
Phase 1 SA Lifetime: 3600 sec
Perfect Forward Secrecy: Enabled
Phase 2 DH Group: Group 2 - 1024 bit
Phase 2 Encryption: AES-256
Phase 2 SA Lifetime: 3600
Advanced
Aggressive Mode: Enabled
Compress (Support IP Payload Compression Protocol (IPComp)): Disabled
Keep-Alive: Disabled, not editable
AH Hash Algorithm: Disabled, not editable
NetBIOS Broadcast: Enabled
NAT Traversal: Enabled
Dead Peer Detection Interval: 10 sec
Extended Authentication: Enabled
IPSec Host: Enabled w/ username / password established
Edge Device: Disabled
Mode Configuration: Disabled
 

If anybody can point out a flaw in my configuration, or can at least confirm that it looks right, or if anybody knows of any existing compatibility issues between android and cisco, i'd be grateful for any hints or a point in the right direction.