< Back

How to set up IKEv2 IPsec on Windows

This guide was created using Windows 10 operating system.

First of all, you will need to download Surfshark IKEv2 certificate here at the bottom of the page. 

mceclip0.png

After downloading the certificate, open it and a prompt window will appear.

certificate.png

Then, select to install in the Local machine (this option requires you to have administrative privileges) and then select the Trusted Root Certification Authorities store to install it.

certificate_store.png

Press Next and then Finish to complete the installation.

Setting up the VPN connection:

1. Open Windows start menu, type in 'Control panel' and open Control panel application.

img1.png

2. Click on the Network and Internet category.

Control_panel.png

3. Then select Network and Sharing Center tab.

network_center.png

4. Click on the Set up a new connection or network option.

new_connection.png

5. Select the Connect to a workplace option and press Next.

workplace.png

6. Choose Use my Internet connection (VPN) method.

internet_connection.png

7. Enter the following information:

Internet address: Enter the domain name of the server you wish to connect to.

You can find the whole list of our servers in the third step here. 

Destination name: you can name this connection however you want.

Use a smart card: unmarked.

Remember my credentials: you can leave it unmarked if you wish to enter your credentials every time you connect.

Allow other people to use this connection: if you leave it unmarked, only the user that you are setting up this connection will be able to connect. (If you wish that all of the users would be able to connect, you require Administrator rights.)

After filling in all the fields, click Create.

hostname_and_description.png

8. Press Create and right-click the adapter that you have created. Select Properties and open the Security tab.

Set the following options:
Type of VPN: IKEv2;
Data encryption: Require encryption (disconnect if server declines);
Authentication: Use Extensible Authentication Protocol (EAP) and EAP-MSCHAPv2.

Then, click OK to save these changes.

security_settings.png

9. Open your Network settings (you can do so in the bottom right corner of the screen by pressing the Network icon) and select Network & Internet settings.

img8.png

10. In the newly opened window, select VPN, click on the newly created connection and select Advanced options.

img9.png

11. In the Advanced option settings, click Edit and fill in your service credentials which you can find here at the bottom of the page. After that, click Save to confirm the changes.

mceclip0.png

user_credentials.png

12. Now, open your Network settings again, press on the newly created connection and click Connect.

img8.png

 

13. To make sure that you have connected successfully, please take a look at this article.

If something's not going according to the tutorial or you have further questions, feel free to contact our Customer Success Sharks anytime - they will help you out!

Was this article helpful?