How to Configure & Use NordVPN on MikroTik

MikroTik routers can run VPN connections through the IKEv2 EAP protocol. But having RouterOS version 6.45 or later is mandatory as NordVPN won't work on older versions. However, you have to create an IKEv2 EAP VPN tunnel from your router to your preferred NordVPN server to secure your complete web connection. So, without further delay, let's learn how to set up and use NordVPN on MikroTik.

1. First, visit the NordVPN website.

2. Click the Grab the Deal button next.

3. Now, choose a VPN subscription on the upcoming screen and enter your payment details to complete your purchase.

4. Once done, wait for a confirmation on your subscription.

5. Next, open a terminal in your RouterOS settings.

6. Now, install the root CA certificate of NordVPN by entering the below command- 

/tool fetch url=""
/certificate import file-name=root.der

7. After that, click here to get the hostname for the VPN server you want to connect to. 

8. Now, set up the IPsec tunnel by creating a Phase 1 profile and a separate Phase 2 proposal configuration

/ip ipsec profile
add name=NordVPN
/ip ipsec proposal
add name=NordVPN pfs-group=none

9. You have to create a new policy group and template now- 

/ip ipsec policy group add name=NordVPN
/ip ipsec policy add dst-address= group=NordVPN proposal=NordVPN src-address= template=yes

10. Once done, create a new mode configuration entry with responder=no, which will request the configuration parameters from the NordVPN server-

/ip ipsec mode-config
add name=NordVPN responder=no

11. Set peer and identity configurations next and specify your NordVPN credentials under the username and password parameters- 

/ip ipsec peer
add exchange-mode=ike2 name=NordVPN profile=NordVPN
/ip ipsec identity
add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=NordVPN peer=NordVPN policy-template-group=NordVPN username=YourNordVPNServiceUsername password=YourNordVPNServicePassword

Find your NordVPN service credentials from your online account dashboard under the Advanced tab.

12. You've to choose now what to send over the VPN tunnels; for that, first, use the below commands to create a new IP/Firewall/Address list- 

/ip firewall address-list
add address=YourLocalNetworkIP list=local

13. Next, assign this list to mode-config using the below commands-

/ip ipsec mode-config
set [ find name=NordVPN ] src-address-list=local

14. When done, verify the correct source NAT rule is generated dynamically in the presence of the IPsec tunnel by using the following command- 

/ip firewall nat print

That's all! Now you know how to configure and use NordVPN on MikroTik. Connect with us using the below button in case of any queries. Thanks for reading!

How to Watch Between the Covers Season 6 Online for Free: Stream the Sara Cox Talk Show from Anywhere
Between the Covers Season 6 is around the corner, and we’re excited to see the new book selection. We have the premiere...
How to Watch Shelved Online: Stream the 2023 Series from Anywhere
Shelved is a Canadian television sitcom, and we have the premiere date, episode release schedule, plot, cast, and more. Plus, it will...
How to Watch Street Outlaws: Fastest in America Season 4 Online from Anywhere
It’s race time again! Street Outlaws: Fastest in America Season 4 is returning with extra punch, more money to win for racers,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari