Setting up manual IKEv2 connection on macOS
  • 1 Minute to read

    Setting up manual IKEv2 connection on macOS

      Article Summary

      The IKEv2/IPsec connection method is one of the alternative ways to connect to NordLayer private gateway on your macOS. If you prefer to use an official NordLayer application for macOS, you can download it from the App Store.

      1. First, download the NordLayer IKEv2 certificate to your macOS

      The easiest way is to click this link on your macOS device.

      Once downloaded, open the certificate file in the Downloads folder.

      Setting up manual IKEv2 connection on macOS

      1. The Add Certificates window will appear

      Click Add to add the certificate to the login keychain.


      1. Right-click the CyberHop Root CA certificate in the login keychain and select Get Info


      1. Under When using this certificate, set the IP Security (IPsec) and Extensible Authentication (EAP) fields to Always Trust

      Leave all other fields as Never Trust. You will have to enter your Mac password to make these changes. Once done, close the keychain.


      1. Click on the Apple logo in the upper-right corner of the screen and select System Preferences...


      1. In the System Preferences, click on Network


      1. When the network window opens, click on the + icon in the lower-left corner (you must have administrator privileges)


      1. A new window will pop up

      For Interface, select VPN from the drop-down menu. For VPN Type, select IKEv2. In the Service Name field, type any name you want. We recommend that you name the service NordLayer (IKEv2). Click Create.


      1. The settings for the new VPN connection will now be displayed

      In the Server Address and Remote ID fields, type the hostname of your Private Gateway.


      1. Click on Authentication Settings…

      Select Username as the Authentication method, then type in your NordLayer service username and password. Click OK and then Apply.


      You can find your NordLayer service credentials (service username and password) and your private gateway configuration files on the Downloads page.

      1. Check the Show VPN status in menu bar box (optional), click Connect, and then Apply


      1. That’s it! You should now be connected.

      If you have checked the Show VPN status in menu bar box, you’ll be able to connect to your VPN from the status bar.

      Setting up manual IKEv2 connection on macOS

      Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.

      Was this article helpful?