diff --git a/client/android/src/org/amnezia/vpn/IKEv2Thread.kt b/client/android/src/org/amnezia/vpn/IKEv2Thread.kt
index de602afa7..771d62143 100644
--- a/client/android/src/org/amnezia/vpn/IKEv2Thread.kt
+++ b/client/android/src/org/amnezia/vpn/IKEv2Thread.kt
@@ -58,13 +58,27 @@ class IKEv2Thread(
         mAppDir = filesDirAbsolutePath
     }
 
+    fun setNextProfile(profile: VpnProfile) {
+
+        // TODO: take a look at "vpnprofileimportactivity" in starongswan repo 
+        //       to understand how to pass the profile object before starting of ikev2 tunnel
+
+        synchronized(this) {
+            mNextProfile = profile
+            mProfileUpdated = true
+            notifyAll()
+        }
+    }
+
     override fun run() {
         while (true) {
             synchronized(this) {
                 try {
                     while (!mProfileUpdated) {
+                        Log.i(TAG, "charon contunue")
                         continue
                     }
+
                     mProfileUpdated = false
                     stopCurrentConnection()
 
diff --git a/client/android/src/org/amnezia/vpn/VPNService.kt b/client/android/src/org/amnezia/vpn/VPNService.kt
index 60bcd91e0..971ed9855 100644
--- a/client/android/src/org/amnezia/vpn/VPNService.kt
+++ b/client/android/src/org/amnezia/vpn/VPNService.kt
@@ -150,6 +150,8 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
     private var mOpenVPNThreadv3: OpenVPNThreadv3? = null
     var currentTunnelHandle = -1
 
+    private var ikev2VpnThread: IKEv2Thread? = null
+
     private var intent: Intent? = null
     private var flags = 0
     private var startId = 0
@@ -165,6 +167,7 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
         Log.e(tag, "Wireguard Version ${wgVersion()}")
         mOpenVPNThreadv3 = OpenVPNThreadv3(this)
         mAlreadyInitialised = true
+        ikev2VpnThread = IKEv2Thread(mbuilder, getFilesDir().getAbsolutePath())
     }
 
     override fun onCreate() {
@@ -384,8 +387,11 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
                 startShadowsocks()
                 startTest()
             }
+            "ikev2" -> {
+                startIPSEC()
+            }
             else -> {
-                Log.e(tag, "No protocol")
+                Log.e(tag, "Unknown protocol ($mProtocol)")
                 return 0
             }
         }
@@ -393,6 +399,18 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
         return 1
     }
 
+    private fun startIPSEC() {
+        Log.v(tag, "start ipsec")
+        ikev2VpnThread = IKEv2Thread(mbuilder, getFilesDir().getAbsolutePath())
+        
+        // TODO: pass the "vpnprofile" instance as a parameter
+        // ikev2VpnThread.setNextProfile() 
+
+        Thread({
+            ikev2VpnThread?.run()
+        }).start()
+    }
+
     fun establish(): ParcelFileDescriptor? {
         Log.v(tag, "Aman: establish....................")
         mbuilder.allowFamily(OsConstants.AF_INET)
diff --git a/client/cmake/3rdparty.cmake b/client/cmake/3rdparty.cmake
index 120695d60..8a492daaf 100644
--- a/client/cmake/3rdparty.cmake
+++ b/client/cmake/3rdparty.cmake
@@ -12,16 +12,16 @@ set(LIBS ${LIBS} SortFilterProxyModel)
 include(${CLIENT_ROOT_DIR}/3rd/qrcodegen/qrcodegen.cmake)
 include(${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/QSimpleCrypto.cmake)
 
-set(BUILD_SHARED_LIBS ON CACHE BOOL "" FORCE)
-add_subdirectory(${CLIENT_ROOT_DIR}/3rd/zlib)
-if(WIN32)
-    set(ZLIB_LIBRARY $<IF:$<CONFIG:Debug>,zlibd,zlib>)
-else()
-    set(ZLIB_LIBRARY z)
-endif()
-set(ZLIB_INCLUDE_DIR "${CLIENT_ROOT_DIR}/3rd/zlib" "${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib")
-link_directories(${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib)
-link_libraries(${ZLIB_LIBRARY})
+#set(BUILD_SHARED_LIBS ON CACHE BOOL "" FORCE)
+#add_subdirectory(${CLIENT_ROOT_DIR}/3rd/zlib)
+#if(WIN32)
+#    set(ZLIB_LIBRARY $<IF:$<CONFIG:Debug>,zlibd,zlib>)
+#else()
+#    set(ZLIB_LIBRARY z)
+#endif()
+#set(ZLIB_INCLUDE_DIR "${CLIENT_ROOT_DIR}/3rd/zlib" "${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib")
+#link_directories(${CMAKE_CURRENT_BINARY_DIR}/3rd/zlib)
+#link_libraries(${ZLIB_LIBRARY})
 
 if(IOS)
     set(ENABLE_PROGRAMS OFF CACHE BOOL "" FORCE)
@@ -105,6 +105,7 @@ set(BUILD_WITH_QT6 ON)
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/qtkeychain)
 set(LIBS ${LIBS} qt6keychain)
 
+
 include(${CLIENT_ROOT_DIR}/3rd/strongswan/strongswan.cmake)
 
 include_directories(
diff --git a/client/containers/containers_defs.cpp b/client/containers/containers_defs.cpp
index cca77e7db..cdfb045a1 100644
--- a/client/containers/containers_defs.cpp
+++ b/client/containers/containers_defs.cpp
@@ -170,6 +170,7 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
     case DockerContainer::WireGuard: return true;
     case DockerContainer::OpenVpn: return true;
     case DockerContainer::ShadowSocks: return true;
+    case DockerContainer::Ipsec: return true;
     default: return false;
     }
 
diff --git a/client/platforms/android/android_controller.cpp b/client/platforms/android/android_controller.cpp
index ad00abdfb..c0161378a 100644
--- a/client/platforms/android/android_controller.cpp
+++ b/client/platforms/android/android_controller.cpp
@@ -176,6 +176,21 @@ ErrorCode AndroidController::start()
                 appContext.object());
 
     QJsonDocument doc(m_vpnConfig);
+
+    /*** The following code snippet needs to correct displaying of config in debug console
+     * (Android's stdout limits length of output message)
+     * 
+     * QString string(doc.toJson(QJsonDocument::Compact));
+     * 
+     * qDebug() << "*** config: ";
+     * for (int i = 0; i <= string.length()/100; i++) {
+     *  int start = i*100;
+     *  qDebug() << string.mid(start, 100);
+     * }
+     * 
+     * qDebug() << "*** config: " << m_vpnConfig;
+     ***/
+
     AndroidVPNActivity::sendToService(ServiceAction::ACTION_ACTIVATE, doc.toJson());
 
     return NoError;