Your IP: Unknown · Your Status: Unprotected Protected


Don’t want to manage the VPN setup manually? Download the NordVPN app for Windows, where all you need to do is install the app, log in, and pick the server you want.

This is a tutorial on how to connect to NordVPN servers on Windows 10 using the IKEv2 protocol.

The IKEv2/IPsec connection method is one of the alternative options for connecting to NordVPN servers on your Windows PC. This connection method is preferred by privacy enthusiasts, as IKEv2/IPsec security protocol is currently one of the most advanced in the market. Having said that, this manual set-up lacks the additional features of the native NordVPN app and it is a bit more complicated to set up.

Note: due to Windows system configuration features, it downgrades the cipher to a weaker 3DES-CBC encryption cipher.

What makes this connection method so unique is that the only file that needs to be downloaded and installed is the NordVPN digital certificate. Windows provides the connection application itself – it's built right into Windows.

Windows 10

  1. Download our NordVPN certificate:

    Note: Your browser may try to save the file into its own certificate location, or open it immediately. Make sure to download the file, instead of opening it. On Firefox, right-click the link above and select "Save Link As…". In Internet Explorer, select "Save" instead of "Open". Chrome will download the file correctly. Then, open the root.der file. (Double-click on it)

  2. Click “Open”.

  3. Click “Install Certificate…

  4. Select “Local Machine”, and click Next.

  5. Select “Place all certificates in the following store”, and click “Browse..”.

  6. Select “Trusted Root Certification Authorities”, and click OK, then “Next”.

  7. Click “Finish”.
  8. Click “OK” on both windows.

Set up a VPN connection:

  1. Open the Windows Start Menu, and start typing "control panel". Click on the Control Panel in the results.

  2. Open Network and Internet.

  3. Click on Network and Sharing Center.

  4. Click Set up a new connection or network.

  5. Click Connect to a workplace and click Next.

  6. If you are asked "Do you want to use a connection that you already have?", select "No, create a new connection" and then click Next.
  7. Click Use my Internet connection (VPN).

  8. Internet address = Write down the host name of a server suggested to you at

    Destination name = Any name that you would like your connection to have, for example United States #936 Connection.

  9. Open Network and sharing center again and click Change adapter settings.

  10. Right-click the adapter with the name you created, for example, United States #936 connection, click properties and show the Security tab.
  11. Enter the following:

    Type of VPN: IKEv2
    Data encryption: Require encryption (disconnect if server declines)
    Authentication: Use Extensible Authentication Protocol(EAP) and EAP-MSCHAPv2.

  12. Open the Networking tab and disable Internet Protocol Version 6 (TCP/IPv6).

  13. Click OK.
  14. Open the Network settings on the bottom right corner. It may be either Wi-Fi icon, or the Ethernet connection icon. Select Network & Internet settings.

  15. In the opened settings, select VPN, find your created IKEv2 connection and click on Advanced options.

  16. Click the Edit button and fill in your NordVPN username and password. Click Save to confirm changes.

  17. Click on your network icon again on the bottom right corner and click Connect under the NordVPN IKE.

  18. Once that is done, you should be connected!