You’re using a web browser that we no longer support. For better security and an improved user experience, please update to a newer browser.

Setting up manual IKEv2 connection on macOS


The IKEv2/IPsec connection method is one of the alternative ways to connect to NordLayer private gateway on your macOS. If you prefer to use an official NordLayer application for macOS, you can download it from the App Store.

 

1. First, download the NordLayer IKEv2 certificate to your macOS

The easiest way is to click this link on your macOS device.

Once downloaded, open the certificate file in the Downloads folder.

01.png

2. The Add Certificates window will appear

Click Add to add the certificate to the login keychain.

02.png

3. Right-click the CyberHop Root CA certificate in the login keychain and select Get Info

03_2x.png

4. Under When using this certificate, set the IP Security (IPsec) and Extensible Authentication (EAP) fields to Always Trust

Leave all other fields as Never Trust. You will have to enter your Mac password to make these changes. Once done, close the keychain.
04.png

5. Click on the Apple logo in the upper-right corner of the screen and select System Preferences...

05.png

6. In the System Preferences, click on Network

06.png

7. When the network window opens, click on the + icon in the lower-left corner (you must have administrator privileges)

07.png

8. A new window will pop up

For Interface, select VPN from the drop-down menu. For VPN Type, select IKEv2. In the Service Name field, type any name you want. We recommend that you name the service NordLayer (IKEv2). Click Create.

08.png

9. The settings for the new VPN connection will now be displayed

In the Server Address and Remote ID fields, type the hostname of your Private Gateway.

09.png

10. Click on Authentication Settings… 

Select Username as the Authentication method, then type in your NordLayer service username and password. Click OK and then Apply.

10.pngYou can find your NordLayer service credentials (service username and password) and your private gateway configuration files on the Downloads page.

10_cp1.png

10_cp2.png

11. Check the Show VPN status in menu bar box (optional), click Connect, and then Apply

11.png

12. That’s it! You should now be connected.

If you have checked the Show VPN status in menu bar box, you’ll be able to connect to your VPN from the status bar.

12.png

 

Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.


Return to top