"IKE Authentication Credentials Are Unacceptable" Error Message When Using Client VPN

Issue

When you try to connect to your Datto Networking Appliance's client VPN via a Windows IKEv2 connection, you see the error message, "IKE authentication credentials are unacceptable."

Environment

Datto Networking Appliance (DNA)
All Windows IKEv2 Clients

Resolution

1. Log into your Datto Networking Appliance and select the Security tab.

2. Choose the Client VPN tab from the left pane and download the VPN gateway certificate to the desired machine.

Figure 1: Client VPN

3. From an Admin user account, open Microsoft Management Console (search for or run "mmc.exe").

4. In the Console dialog box, select File ? Add or Remove Snap-in.

5. From the Available snap-ins list, select "Certificates," then click Add. In the resulting window, select "Computer Account" and click Next. Then select "Local Computer" and click Finish. Click OK to close the Add or Remove Snap-ins dialog.

Figure 2: Add or Remove Snap-ins

6. In the Console dialog, expand the Certificates category, and select Trusted Root Certification Authorities → Certificates. Choose Action in the menu bar ? All tasks ? Import.

Figure 3: Beginning the import process

7. At the Welcome screen, click Next.

Figure 4: Certificate Import Wizard

8. Click Browse and make sure the drop down for file type is set to All Files, as shown in Figure 5. Then, choose the certificate you saved earlier and click Open. Click Next and then Finished.

Figure 5: Importing a certificate

9. Attempt your VPN connection again.

10. If you are still unable to connect, reboot your Datto Networking Appliance, and attempt the connection again.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.