Datto Networking Appliance (DNA): Setting up a Windows IKEv2 Client VPN



This article explains how to set up a client VPN on your DNA.


  1. Log in to the DNA and choose the Security tab.

  2. Choose the Client VPN tab from the left pane and download the VPN gateway certificate to the desired machine.

  3. From an Admin user account, open Microsoft Management Console (search for or run "mmc.exe").

  4. In the Console dialog box, select File > Add or Remove Snap-in.

  5. From the Available snap-ins list, select "Certificates," then click Add. In the resulting window, select "Computer Account" and click Next. Then select "Local Computer" and click Finish. Finally, click OK to close the Add or Remove Snap-ins dialog.


  6. Back in the Console1 dialog, expand the Certificates category and select Trusted Root Certification Authorities > Certificates. Choose Action in the menu bar > All tasks > Import. From here, click next on the Welcome screen. 




  7. Click browse and make sure the drop down for file type is set to All Files shown at the bottom right. Then choose the Certificate you saved earlier from Step 2 and click open. Click Next and then Finished.


  8. Click the Windows start button and type "network".  From the list of options, choose Network and Sharing Center. Select Set Up a new Connection or Network > Connect to a Workplace > Use my Internet Connection (VPN) and enter the Assigned Public Address of the DNA which you can find on the Network Overview tab of the DNA under Router Details.




  9. Back on the "Network and Sharing Center" Click Change Adapter Settings, right click on the VPN Connection and click "properties".


  10. From the connection's Properties window, choose the Security tab and choose "IKEv2" for the Type of VPN. For Authentication, choose Microsoft: Secured Password (EAP-MSCHAP v2) (encryption enabled) and then click the Networking tab, select IPv4 -> click Properties -> select Advanced and verify that "Use default gateway" is checked. Click OK to and exit all dialogue boxes. You should now be able to connect to the VPN. 



  11. When you choose connect for the first time, it will prompt you for login credentials which you should have set from the DNA client VPN page.

Was this article helpful?

6 out of 9 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Datto Community Forum or the Datto Community Online.

For more Business Management resources, see the Datto RMM Online Help and the Autotask PSA Online Help .

Still have questions? Get live help.

Datto Homepage