Hi, the topic has been discussed many times.
After the recent changes in IPSEC, MT is able to connect with NordVPN (IKEv2 with EAP).
And the second question, was anyone having fun trying to connect OpenVPN to NordVPN ?

Thank You in advance

Nope to both (moreover, non-accelerated AES on OVPN will be slow).
Since NordVPN has deprecated L2TP/IPsec in late 2018 (for some obscure reasons), ROS is no longer able to connect to NordVPN.

I've replaced my CHR with OPNsense because of that, and currently using OVPN from it.
Runs well, including AES-NI support (but I had to request certain changes to virtual hw as my VPS provider hasn't forwarded CPU flags correctly by default).

Still NordVPN is not very handy as they tend to change servers quite often, and doesn't have accessible registry of currently available servers.

Nope to both (moreover, non-accelerated AES on OVPN will be slow).
Since NordVPN has deprecated L2TP/IPsec in late 2018 (for some obscure reasons), ROS is no longer able to connect to NordVPN.

I've replaced my CHR with OPNsense because of that, and currently using OVPN from it.
Runs well, including AES-NI support (but I had to request certain changes to virtual hw as my VPS provider hasn't forwarded CPU flags correctly by default).

Still NordVPN is not very handy as they tend to change servers quite often, and doesn't have accessible registry of currently available servers.

Ok, that is, from your speech, I understand that if it's just OpenVPN ?
And IKEv2 is gone.

IKEv2 from NordVPN should work with latest testing releases, where support for EAP authentication methods was added.

See this post for details: viewtopic.php?f=2&t=126221#p731754

I can not test as I do not have a NordVPN account.

IKEv2 from NordVPN should work with latest testing releases, where support for EAP authentication methods was added.
See this post for details: viewtopic.php?f=2&t=126221#p731754

Confirmed working with 6.45beta54.
You may create identity with GUI (you'll need to select any cert as client certificate in order to save the entry) and then change EAP method to MSCHAPv2 in command line:
set <identity number> certificate="" eap-methods=eap-mschapv2.

Proposal could be up to auth-algorithms=sha512 enc-algorithms=aes-256-cbc pfs-group=ecp521. Only AES-CBC is supported by NordVPN.

Confirmed working with 6.45beta54.

Phase2 rekeying doesn't work, but increasing SA lifetime to 365 days in the proposal could be used as a workaround.

can confirm rekeying is broken in 6.45.1stable, the only solution to don't drop connection is to set PFS Group to: none, in IPsec proposal

can confirm rekeying is broken in 6.45.1stable, the only solution to don't drop connection is to set PFS Group to: none, in IPsec proposal

Did anybody report the PFS rekeying issue to Mikrotik? Any news on this topic?

Just enabled ipsec logs to see what's going to. A lot of debug messages, including: Possibly it does not find its proposal when rekeying...

It is normal to leave pfs-group to 'none' for IKEv2. It actually uses the group from phase 1 (profile) for child SA creation if set to 'none' when rekeying too. In IKEv2 the first child SA is created during the IKE SA creation, meaning it uses the same PFS group too. And not all implementations support different PFS groups between the first child SA and the subsequent (rekeyed) child SA's. Even the IKEv2 RFC is not very clear about how it should work.

With "group from phase 1" you refer to dh-group? Got it...

However this could cause a lot of confusion... Selecting "none" looks like disabling the feature. Does it make sense to have values "inherit" or "dh-group" here? Probably confuses even more...

Still wondering why rekeying does not fail for my other ikev2 connections. And if dh-group and pfs-group are the same - is that different from pfs-group=none?

emils, I do not agreen.
I've set pfs-group=none for my personal site-to-site IKEv2 connections on an initiator. These connections start to have rekeying issues now.

Or do I have to set pfs-group=none on the responder as well? Explicit and implicit pfs setting is not the same?

Between two RouterOS devices PFS group must match on both ends. You can not set 'none' on one side and a different PFS group on the other (regardless if it matches the group configured under Profile menu).

If you want to learn how this works internally, I would suggest reading the IKEv2 RFC (rfc7296) and some documents about forward secrecy. Basically, PFS generates a session key. If PFS group is set to 'none' the same key (generated when phase 1 was created) is used in all rekeying Child SAs. When you set another PFS group, a new session key will be generated upon rekeying and obviously it will not match with the key on other side causing the rekeying to fail.

I have another problem. Connecting to the Internet via PPPoE (with a gray IP), configured via IKEv2 with NordVPN according to the wiki, I drove the local IP address I need into the adresslist, pings go through nordvpn, and the sites do not open. I tried to configure on hap ac (RB962UiGS-5HacT2HnT), I know about the lack of an encryption unit in it. Everything works through the USB modem (but I checked it on hap ac square).

First - check if packets are not being FastTracked. You can easily verify this by looking at the Connections table under IP Firewall. If there is "F" flag for the specific connection, you have to either disable FastTrack completely or exclude this traffic from being FastTracked.

If FastTrack is not a problem, you may have to manually reduce the TCP MSS. You can do this with Mangle Firewall's change-mss option (check documentation).

Thanks for the explanation emils!
So after all it's not possible to configure IKEv2 without PFS. That's good news.

NordVPN was hacked recently. I have seen a lot of user accounts leaked on pastebins and forums. I would suggest users to stay away from that provider for a while

NordVPN was hacked recently. I have seen a lot of user accounts leaked on pastebins and forums. I would suggest users to stay away from that provider for a while

Information about this hack from the side of NordVPN:

https://nordvpn.com/blog/official-respo ... er-breach/