Storm season is back, bringing with it the potential for significant weather events. If you have clients in areas prone to infrastructure disruption, visit the Disaster Recovery Resources guide for preparedness information. Datto recommends performing proactive disaster recovery testing to mitigate potential downtime. See our articles about the importance of disaster recovery testing and Preparing For A Cloud Virtualization Test: Policies, Procedures, And Partner Responsibilities to learn more. For live updates, follow @datto on Twitter.

DNA: Configuring IKEv2 for Mac



This article provides a walkthrough for configuring an IKEv2 VPN connection to the Datto Networking Appliance (DNA) for Mac clients.


  • Datto Networking Appliance (DNA)


1. Log into the DNA web interface, and click Status, as shown in Figure 1.

Figure 1: Status

You will see the WAN Details and Router Details cards displayed on the right-hand side of the page. From this card, make note of the Assigned Public Address (Figure 2).

Figure 2: Router Details card

2. Click the Networks tab on the Status page, and scroll down to the Client VPN section.

Figure 3: Client VPN card

3. Select the Yes radio button in the Enable Client VPN field.

4. Choose the LAN that you would like to allow the VPN access to.

5. Download the VPN Gateway Certificate.

6. If you have not done so already, create a VPN user account that your client will use to access the network.

7. Click Save Changes.

8. On your Mac, double click the certificate you downloaded from step 5. This will open Keychain Access.

Figure 4: Keychain Access

9. Under Keychains, select System and scroll to the bottom of the certificates. Double-click on VPN Gateway.

Figure 5: VPN Gateway

10. Expand Trust.

11. Change the When using this certificate dropdown to Always Trust and click the red X to exit the VPN Gateway certificate window. On exit, enter the root password for the user.

Figure 6: Always Trust

12. You will notice the VPN Gateway should now have a blue plus indicating the certificate is trusted.

Figure 7: Trusted VPN gateway

13. Open Network from the System Preferences.

Figure 8: System Preferences → Network

14. Click the plus option to add a new network.

Figure 9: Add a Network

15. On the Interface dropdown box, select VPN. From the VPN Type dropdown box, select IKEv2. Name your VPN in the Service Name text box.

Figure 10: Interface selection

16. In the Server Address and Remote ID fields, enter the Assigned Public Address gathered from Step 1.

Figure 11: VPN configuration

17. Click Authentication Settings. Enter the email address and password you created from Step 6. Click OK

18. Click Connect.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!