Have a look at this page for NordVPN, if your provider has no specific certificate then you need the root cert from/for that provider
https://wiki.mikrotik.com/wiki/IKEv2_EA ... d_RouterOS
In windows, it needs username and password only.Have a look at this page for NordVPN, if your provider has no specific certificate then you need the root cert from/for that provider
https://wiki.mikrotik.com/wiki/IKEv2_EA ... d_RouterOS
emils How can I find which certificate is used? thanks!msatter All EAP methods require at least the root CA certificate for IKEv2. On Windows, it is possible, that the CA certificate is already in the Trusted Windows Certificate store so you do not have to import anything. Either ask your provider for the CA certificate or try finding out which certificate is used on Windows and export it to RouterOS.
Also there is no wildcard support for remote-id fqdn field. I would suggest leaving the remote-id to auto.
mezzovide no, conntrack has nothing to do with it, however we have already fixes for your described issues in previous betas. Did you try the latest beta and can verify the issue is still present?
The website says it should be:MD5 (routeros-mipsbe-6.45beta62.npk) = 637a0bbb58bb0a3012ae9289dc9e7cbc
MD5 routeros-mipsbe-6.45beta62.npk: d7b9284935f8123cbf4df0c735c995c3