Since firmware version 3.9.0, Vigor Router also supports dialing out an IKEv2 EAP VPN tunnel to NordVPN server. This article introduces how to create IKEv2 EAP VPN tunnel from Vigor Router to NordVPN server in this document.
Note: Vigor2860/2925 support the feature since v18.104.22.168
1. You will need a NordVPN account. You may apply for a 3-day free trial NordVPN account via https://free.nordvpn.com/
2. Download the NordVPN root CA certificate from https://downloads.nordvpn.com/certificates/root.der
3. Get the NordVPN server domain from https://nordvpn.com/servers/
You may get a recommended server by selecting the country you located. In the following picture,
de241.nordvpn.com is the hostname of the VPN server.
4. Log into the router's management page. Go to Certificate Management >> Trusted CA Certificate page, and click IMPORT. Click Choose File to select the root.der file we downloaded in step 2. Then, click Import.
5. Wait for few seconds until the router responds “Import Success” and the Certificate Status shows OK
6. Go to VPN and Remote Access >> IPsec Peer Identity, edit a profile to for NordVPN server.
7. Go to VPN and Remote Access >> LAN to LAN, click on an available index number, and edit the profile as follows. In Common Settings,
8. In Dial-Out Settings,
9. Click Advanced button, In the IKE advanced settings pop-up windows, confgure:
10. Click OK to close the window. At TCP/IP Network Settings:
11. After finishing above settings, we can check the VPN status via VPN and Remote Access >> Connection Management page.
12. (optional) We can create Policy Route via Routing >> Load-Balance/Route Policy to send specific traffic to the NordVPN tunnel. To verify the policy, we can use the command “tracert” to check if the defined traffic is going through the VPN tunnel correctly.
Note: In order to accept large packets from NordVPN, Allow pass inbound fragmented large packets (required for certain games and streaming) should be enabled.
Published On: Nov 27, 2018
Was this helpful?
Thank you for your feedback :)
Sorry about that. Contact Support if you need further assistance, or leave us some comments below to help us improve.