Datto Networking Appliance (DNA): Configuring IKEv2 for Mac



This article provides a walkthrough for configuring an IKEv2 VPN connection to the Datto Networking Appliance (DNA) for Mac clients.


  • Datto Networking Appliance (DNA)



1. Log into the DNA web interface, and click Status, as shown in Figure 1.

mceclip0.pngFigure 1: Status (click to enlarge)

You will see the WAN Details and Router Details cards displayed on the right-hand side of the page. From this card, make note of the Assigned Public Address (Figure 2).

Figure 2: Router Details card (click to enlarge)

2. Click the Networks tab on the Status page, and scroll down to the Client VPN section.

Figure 3: Client VPN card (click to enlarge)

3. Select the Yes radio button in the Enable Client VPN field.

4. Choose the LAN that you would like to allow the VPN access to.

5. Download the VPN Gateway Certificate.

6. If you have not done so already, create a VPN user account that your client will use to access the network.

7. Click Save Changes.

8. On your Mac, double click the certificate you downloaded from step 5. This will open Keychain Access.

Figure 4: Keychain Access (click to enlarge)

9. Under Keychains, select System and scroll to the bottom of the certificates. Double-click on VPN Gateway.

Figure 5: VPN Gateway (click to enlarge)

10. Expand Trust.

11. Change the When using this certificate dropdown to Always Trust and click the red X to exit the VPN Gateway certificate window. On exit, enter the root password for the user.

Figure 6: Always Trust (click to enlarge)

12. You will notice the VPN Gateway should now have a blue plus indicating the certificate is trusted.

Figure 7: Trusted VPN gateway (click to enlarge)

13. Open Network from the System Preferences.

Figure 8: System Preferences → Network (click to enlarge) 

14. Click the plus option to add a new network.

Figure 9: Add a Network (click to enlarge)

15. On the Interface dropdown box, select VPN. From the VPN Type dropdown box, select IKEv2. Name your VPN in the Service Name text box.

Figure 10: Interface selection (click to enlarge)

16. In the Server Address and Remote ID fields, enter the Assigned Public Address gathered from Step 1.

Figure 11: VPN configuration (click to enlarge)

17. Click Authentication Settings. Enter the email address and password you created from Step 6. Click OK

18. Click Connect.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Have a feature request?

Head on over to our Datto Community Forum or the Datto Community Online.

For more Business Management resources, see the Datto RMM Online Help and the Autotask PSA Online Help .

Still have questions? Get live help.

Datto Homepage