IKEv2/IPSec setup on Windows 10

This is a guide on how to connect to Untangle on Windows 10 using the IKEv2/L2TP protocol through Windows' built-in VPN connection.

Certificate installation:

  1. Download the Untangle root certificate by logging into your Untangle and going to Config > Adminstration > Certificates tab. While on this page, verify that there are no errors listed to the right under Server Certificate Verification. If there are errors listed, the server certificate will need to be regenerated. Click here for instructions that help with regenerating the certificate.
    Note: Your browser may try to save the file into its own certificate location, or open it immediately. Make sure to download the file, instead of opening it. On Firefox, right-click the link above and select “Save Link As…”. In Internet Explorer, select “Save” instead of “Open”. Chrome will download the file correctly.

  2. Then, open the root_authority.cer file.

  3. Click “Install Certificate…

  4. Select “Local Machine” and click Next.

  5. Select “Place all certificates in the following store” and click “Browse…

  6. Select “Trusted Root Certification Authorities”, click OK, then click “Next”.

  7. Click “Finish”.

  8. Click “OK” on both windows.


Set up a VPN connection:

  1. Open the Windows Start Menu and start typing “control panel“. Click on the Control Panel in the results.

  2. Open Network and Internet.

  3. Click on Network and Sharing Center.Win10-2.png

  4. Click Set up a new connection or network.Win10-3.png

  5. Click Connect to a workplace and click Next.

  6. If you are asked “Do you want to use a connection that you already have?”, select “No, create a new connection” and click Next.

  7. Click Use my Internet connection (VPN).

  8. Internet address =  This is the Server Listen Address configured on your Untangle.  You can find the Server Listen Address under IPsec VPN > VPN Config tab.server_listen_address.png

  9. Destination name = Can be anything

  10. Open Network and Sharing Center again and click Change adapter settings.

  11. Right click the adapter with the name you created, then click Properties. Select the Security tab.

  12. Enter the following:
    • Type of VPN: IKEv2
    • Data encryption: Require encryption (disconnect if server declines)
    • Authentication: Use Extensible Authentication Protocol(EAP) and EAP-MSCHAPv2
    Click OK.

  13. Click OK.

Connecting the VPN:

  1. Move the cursor to the right corner of your screen and click the Network icon and click on connection name that you created, then Connect.

  2. In the Sign in dialog, enter your Untangle credentials.




Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk