This is a tutorial on how to connect to NordVPN servers on Windows 10 using the IKEv2 protocol.
The IKEv2/IPsec connection method is one of the alternative options for connecting to NordVPN servers on your Windows PC. This connection method is preferred by privacy enthusiasts, as IKEv2/IPsec security protocol is currently one of the most advanced in the market. Having said that, this manual set-up lacks the additional features of the native NordVPN app and it is a bit more complicated to set up.
Note: due to Windows system configuration features, it downgrades the cipher to a weaker 3DES-CBC encryption cipher.
Disclaimer: To use this connection method, you have to add the certificate to Trusted Root Authorities. It applies to all certificates. This way, your system can potentially fall for a MITM attack if someone gets that certificate’s private key. Our private keys are completely secure and although there is a very small chance for that, we recommend avoiding this connection method unless you cannot connect using our native app or any other alternative way.
What makes this connection method so unique is that the only file that needs to be downloaded and installed is the NordVPN digital certificate. Windows provides the connection application itself – it's built right into Windows.
Note: Your browser may try to save the file into its own certificate location, or open it immediately. Make sure to download the file, instead of opening it. On Firefox, right-click the link above and select "Save Link As…". In Internet Explorer, select "Save" instead of "Open". Chrome will download the file correctly. Then, open the root.der file. (Double-click on it)
Destination name = Any name that you would like your connection to have, for example United States #936 Connection.
Type of VPN: IKEv2
Data encryption: Require encryption (disconnect if server declines)
Authentication: Use Extensible Authentication Protocol(EAP) and EAP-MSCHAPv2.