How to Configure & Use NordVPN on MikroTik

MikroTik routers can run VPN connections through the IKEv2 EAP protocol. But having RouterOS version 6.45 or later is mandatory as NordVPN won't work on older versions. However, you have to create an IKEv2 EAP VPN tunnel from your router to your preferred NordVPN server to secure your complete web connection. So, without further delay, let's learn how to set up and use NordVPN on MikroTik.

1. First, visit the NordVPN website.

2. Click the Grab the Deal button next.

3. Now, choose a VPN subscription on the upcoming screen and enter your payment details to complete your purchase.

4. Once done, wait for a confirmation on your subscription.

5. Next, open a terminal in your RouterOS settings.

6. Now, install the root CA certificate of NordVPN by entering the below command- 

/tool fetch url="https://downloads.nordcdn.com/certificates/root.der"
/certificate import file-name=root.der

7. After that, click here to get the hostname for the VPN server you want to connect to. 

8. Now, set up the IPsec tunnel by creating a Phase 1 profile and a separate Phase 2 proposal configuration

/ip ipsec profile
add name=NordVPN
/ip ipsec proposal
add name=NordVPN pfs-group=none

9. You have to create a new policy group and template now- 

/ip ipsec policy group add name=NordVPN
/ip ipsec policy add dst-address=0.0.0.0/0 group=NordVPN proposal=NordVPN src-address=0.0.0.0/0 template=yes

10. Once done, create a new mode configuration entry with responder=no, which will request the configuration parameters from the NordVPN server-

/ip ipsec mode-config
add name=NordVPN responder=no

11. Set peer and identity configurations next and specify your NordVPN credentials under the username and password parameters- 

/ip ipsec peer
add address=nl125.nordvpn.com exchange-mode=ike2 name=NordVPN profile=NordVPN
/ip ipsec identity
add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=NordVPN peer=NordVPN policy-template-group=NordVPN username=YourNordVPNServiceUsername password=YourNordVPNServicePassword

Note

Find your NordVPN service credentials from your online account dashboard under the Advanced tab.

12. You've to choose now what to send over the VPN tunnels; for that, first, use the below commands to create a new IP/Firewall/Address list- 

/ip firewall address-list
add address=YourLocalNetworkIP list=local

13. Next, assign this list to mode-config using the below commands-

/ip ipsec mode-config
set [ find name=NordVPN ] src-address-list=local

14. When done, verify the correct source NAT rule is generated dynamically in the presence of the IPsec tunnel by using the following command- 

/ip firewall nat print

That's all! Now you know how to configure and use NordVPN on MikroTik. Connect with us using the below button in case of any queries. Thanks for reading!

REVIEW OVERVIEW

Latest

How to Watch Two Shallow Graves: The McStay Family Murders Online From Anywhere

If you enjoy crime documentaries, we have a recommendation for you as Investigation Discovery has just released a brand-new limited docu-series. It...

How to Watch Beat Shazam Season 5 Online From Anywhere

The game show that will have you on your feet is set to launch a new season pretty soon, and we have...

How to Watch Don’t Forget the Lyrics! Online From Anywhere 

It's summer, so game shows are on! The newest addition to the list comes from Fox, and it's a revival of a...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari