• How to setup Windscribe VPN IKEv2 on the pcWRT router

    Download root CA certificates for Windscribe VPN IKEv2 connections

    Windscribe VPN server certificates are signed by Let’s Encrypt. You need to download two certificates and paste them into one file (named lets-encrypt-chain.pem in screenshots below):

    1. https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt
    2. https://letsencrypt.org/certs/isrgrootx1.pem.txt

    Get Windscribe IKEv2 server host and login credentials

    1. Log in to Windscribe
    2. Click the Download button.
    3. Scroll down to the bottom of the page and click IKEv2 in the “Config Generators” section.
    4. Choose a server location, then click Get Profile Details.

    Add a Windscribe VPN IKEv2 connection

    1. Log on the pcWRT console, open the strongSwan (IPsec) page under Apps.
    2. Under the Client tab, check the network you want to enable Windscribe VPN for, then click the Add button under “Auth Configs” to add a new authentication configuration for Windscribe VPN.
    3. In the “Add IPsec Auth Config” dialog:
      • Enter a name for the Auth Config.
      • In the Server Certificate field, select the the file you pasted the two Let’s Encrypt CA certificates into.
      • Enter your Windscribe IKEv2 username and password in the MSCHAPv2 username & password fields.
      • Click OK to dismiss the dialog.

    4. Click the Add button under Connections. Then, enter a name for the IKEv2 connection, enter the server host name to connect to, select the Auth Config created in the previous step. Click OK.
    5. Click the Save button to save changes.

    Start a Windscribe VPN IKEv2 connection

    1. Click on the blue “Play” button to start the Windscribe VPN IKEv2 connection.
    2. If the connection is successful, a green dot will appear on the left of the connection configuration line. In case of a connection failure, click on the “log” icon to view IKEv2 logs.

Leave a Reply