Скачать vpn сервер для windows 10

Все пользователи могут защитить свою конфиденциальность и безопасность в Интернете с помощью бесплатного VPN для Windows (виртуальная частная сеть).

Одним из существенных преимуществ использования VPN является возможность обойти географические ограничения и избежать интернет-цензуры в некоторых странах. Пользователи Windows могут получить доступ к онлайн-контенту, который в противном случае был бы недоступен, подключившись к серверу, расположенному в регионе без ограничений.

Еще одним преимуществом использования нашего бесплатного VPN для ПК с Windows является возможность обойти интернет-цензуру в некоторых странах. VPN может помочь пользователям Windows подключаться к серверу в стране без цензуры и получать доступ к ограниченному контенту в регионах, где правительства подвергают цензуре интернет-контент, блокируя доступ к определенным сайтам или службам.

Кроме того, при использовании общедоступных сетей Wi-Fi использование VPN может помочь предотвратить перехват данных. Публичные сети Wi-Fi имеют репутацию небезопасных и открытых для хакерских атак. Однако пользователи Windows могут защитить свои данные и не дать хакерам или другим сторонам перехватить информацию, передаваемую между устройством пользователя и Интернетом, с помощью VPN.

Виртуальные частные сети могут помочь пользователям Windows избежать онлайн-отслеживания со стороны рекламодателей и других третьих лиц в дополнение к обеспечению безопасности. VPN может помешать рекламодателям отслеживать онлайн-активность пользователей и показывать целевую рекламу, шифруя данные и скрывая IP-адрес пользователя.

В целом, использование нашего бесплатного VPN для Windows может повысить безопасность и конфиденциальность в Интернете для всех пользователей. Подключение к защищенной и зашифрованной сети может помочь пользователям получить более безопасную и защищенную работу в Интернете, независимо от того, используют ли они настольный компьютер, ноутбук, планшет или мобильный телефон.

На правах рекламы

AdGuard VPN 2.1.0

Удобный инструмент для интернет-безопасности и защиты конфиденциальности в Сети, включающий безопасный алгоритм шифрования, серверы в 52 странах мира, списки исключений, пинги серверов, чтобы выбрать лучший, совместимость с блокировщиком рекламы AdGuard…

Бесплатная |

Planet VPN 2.1.19.1

Бесплатный VPN с возможностями, функционалом и защищенностью на уровне топовых платных конкурентов. Можно использовать Премиум-пакет, чтобы получить доступ к большему количеству серверов в более чем 50 странах мира и насладиться другими преимуществами…

Бесплатная |

Tor Browser 12.5.6

Предоставляет надежную защиту персональной информации и конфиденциальности, которая осуществляется за счёт маршрутизации сетевого трафика по распределённой сети серверов запущенных добровольцами со всего мира. Препятствует отслеживанию интернет-соединение…

get_app687 952 | Бесплатная |

Avast SecureLine VPN 5.24.7742

Avast SecureLine VPN — небольшая утилита для шифрования и защиты Вашего интернет-подключения от шпионских и следящих модулей…

get_app13 205 | Условно-бесплатная |

Speedify VPN 14.0.1.11493

Бесплатный VPN, предоставляющий возможность выбора локации сервера, позволяющий сохранить анонимность и зашифровать передаваемые данные, обходить блокировки и получать доступ к интернет-ресурсам, доступ к которым ограничен провайдером или самим ресурсом…

get_app30 177 | Бесплатная |

Psiphon VPN 3.179 (2023-09-05)

Инструмент обхода цензуры, предназначенный для доступа к открытой сети Интернет, минуя региональные блокировки. Дает возможность получить доступ к любимым сайтам, трансляциям и социальным сетям и защитить данные при подключении к открытым Wi-Fi сетям…

get_app181 123 | Бесплатная |

hide.me VPN 3.16.1

hide.me VPN — клиент VPN для Windows с набором уникальных функций, которые выделяют его среди других решений…

get_app107 550 | Бесплатная |

OpenVPN 2.6.6

Кроссплатформенное приложение, с помощью которого можно легко создавать виртуальные частные сети, позволяющее организовывать зашифрованные каналы типа «точка-точка» или «сервер-клиенты». Присутствует поддержка прокси, эффективное сжатие трафика и прочее…

get_app59 709 | Бесплатная |

Planet VPN 2.1.19.1

Бесплатный VPN с возможностями, функционалом и защищенностью на уровне топовых платных конкурентов. Можно использовать Премиум-пакет, чтобы получить доступ к большему количеству серверов в более чем 50 странах мира и насладиться другими преимуществами…

get_app103 440 | Бесплатная |

XX-Net 5.5.8

Бесплатная и постая в использовании утилита, благодаря которой можно получать доступ к информации, по разным причинам заблокированной в вашей стране. Программа поддерживает подключение через сканирование IP и другие каналы, поддерживает шифрование HTTPS…

get_app9 510 | Бесплатная |

AdGuard VPN 2.1.0

Удобный инструмент для интернет-безопасности и защиты конфиденциальности в Сети, включающий безопасный алгоритм шифрования, серверы в 52 странах мира, списки исключений, пинги серверов, чтобы выбрать лучший, совместимость с блокировщиком рекламы AdGuard…

get_app137 625 | Бесплатная |

ChrisPC Free VPN Connection 4.07.06

Удобная программа, позволяющая получить доступ к сайтам, видео на YouTube, социальным сетям и прочему контенту, который по ряду причин может быть заблокирован в вашей стране заблокирован. Доступно более 90 бесплатными VPN серверами из США, Великобритании…

get_app14 869 | Бесплатная |

TunnelBear 4.7.2.0

TunnelBear — кроссплатформенный VPN-клиент, который позволяет безопасно серфить в Интернете, скрывать от посторонних глаз конфиденциальные данные и получать доступ к запрещенным в Вашей стране сайтам…

get_app79 166 | Условно-бесплатная |

Radmin VPN 1.3.4570.5

Простой в использовании VPN-клиент для решения практически любых задач, с помощью которого можно быстро и легко объединить удаленные ПК в одну виртуальную сеть. Приложение надежно защищает все передаваемые данные и отличается высокой скоростью работы…

get_app97 349 | Бесплатная |

ZenMate VPN 8.0.4.12

Простой и надежный способ обеспечить себе безопасный веб-серфинг. VPN-клиент умеет шифровать трафик, защищает сетевое соединение и ПК от всевозможных мошенников, позволяет обходить региональные ограничения и обеспечивает защиту приватной жизни в Интернете…

get_app32 864 | Условно-бесплатная |

TunnelBear VPN 3.5.1 для Google Chrome, Mozilla Firefox

Простой использования и быстрый в работе плагин для Google Chrome и Opera, с помощью которого можно быстро и легко скрыть от посторонних ваше реальное местоположение, защитить личные данные и обходить различные блокировки и ограничения в сети Интернет…

get_app10 483 | Бесплатная |

Windscribe 2.6.14

Удобное решение, которое представляет собой набор инструментов, которые работают вместе блокируя рекламные трекеры (следящие cookie) и веб маяки, восстанавливают доступ к заблокированному контенту и помогают вам защитить конфиденциальность в Интернете…

get_app166 722 | Бесплатная |

The OpenVPN community project team is proud to release OpenVPN 2.6.6. This is a small bugfix release.

For details see Changes.rst

User visible changes:

  • OCC exit messages are now logged more visibly See GH #391.
  • OpenSSL error messages are now logged with more details (for example, when loading a provider fails, which .so was tried, and why did it fail) See GH #361.
  • print a more user-friendly message when tls-crypt-v2 client auth fails
  • packaging now includes all documentation in the source tarball

New features:

  • set WINS server via interactive service — this adds support for «dhcp-option WINS 192.0.2.1» for DCO + wintun interfaces where no DHCP server is used. See GH #373.

Windows MSI changes since 2.6.5:

  • Included openvpn-gui updated to 11.44.0.0
  • MSIs now use OpenSSL 3.1.2

For Community-maintained packages for Linux distributions see OpenvpnSoftwareRepos

Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.6-I001-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.6-I001-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.6-I001-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.6.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.6.4. This is a small bugfix release.

For details see Changes.rst

Note:

  • License amendment: all new commits fall under a modified license that explicitly permits linking with Apache2 libraries (mbedTLS, OpenSSL) — see COPYING for details. Existing code will fall under the new license as soon as all contributors have agreed to the change — work ongoing.

Feature changes:

  • DCO: support kernel-triggered key rotation (avoid IV reuse after 232 packets). This is the userland side, accepting a message from kernel, and initiating a TLS renegotiation. As of 2.6.4 release, only implemented in FreeBSD kernel.

Windows MSI changes since 2.6.3:

  • Rebuilt included tap-windows driver with the correct version of the old Windows 7 driver, removing a warning about unsigned driver on Windows 7 installation. See GH openvpn-build#365.
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.4-I001-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.4-I001-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.4-I001-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.4.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.6.3. This is a small bugfix release.

For details see Changes.rst

Feature changes:

  • Windows: support setting DNS domain in configurations without GUI and DHCP (typically wintun or windco drivers), see GH openvpn#306.

Windows MSI changes since 2.6.2:

  • Several Windows-specific issues fixed:
    • ensure interactive service stays enabled after silent reinstall, see GH openvpn-build#348, openvpn-build#349 and openvpn-build#351
    • repair querying install path info for easyrsa-start.bat on some Windows language versions, see GH openvpn-build#352.
  • MSIs are now built against OpenSSL 3.1.0.
  • Update included openvpn-gui to 11.41.0.0
    • This update removes the ability to change the password of a private key from the GUI. This was a niche feature which caused a direct dependency of GUI on OpenSSL. Use openssl.exe directly if you need to edit a private key.

Note: Windows MSI was updated to I003 on April 26th. Changes in I003:

  • The GPG subkey for creating the .asc files for the downloads has been updated. You might need to re-download or update the GPG key if verifying the signatures.
  • Fix the encoding of some documentation/sample files included in the installer. See GH openvpn-build#358
  • Update include tap-windows6 driver to 9.25.0
    • Fixes a problem with sending small non-IP packets (e.g. PPPoE) over the VPN connection. See GH tap-windows6#158
    • Note: The new driver is only used on Windows 10 and newer. We can’t rebuild drivers for Windows 7/8 since Microsoft doesn’t support the signing mechanism anymore. We include the previous driver version to still allow installation on Windows 7/8.
  • Update included openvpn-gui to 11.42.0.0
    • Fixes a problem with passphrase prompt was sometimes not displayed. See GH openvpn-gui#619
    • Adds «Password Reveal» feature which allows you to see passwords while entering them.
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.3-I003-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.3-I003-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.3-I003-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.3.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.6.2. This is mostly a bugfix release with some improvements.

For details see Changes.rst

Feature changes:

  • implement byte counter statistics for DCO Linux (p2mp server and client)
  • implement byte counter statistics for DCO Windows (client only)
  • --dns server <n> address ... now permits up to 8 v4 or v6 addresses

Important note for Linux DCO users:

  • New control packets flow for data channel offloading on Linux: 2.6.2+ changes the way OpenVPN control packets are handled on Linux when DCO is active, fixing the lockups observed with 2.6.0/2.6.1 under high client connect/disconnect activity. This is an INCOMPATIBLE change and therefore an ovpn-dco kernel module older than v0.2.20230323 (commit ID 726fdfe0fa21) will not work anymore and must be upgraded. The kernel module was renamed to «ovpn-dco-v2.ko» in order to highlight this change and ensure that users and userspace software could easily understand which version is loaded. Attempting to use the old ovpn-dco with 2.6.2+ will lead to disabling DCO at runtime.

Windows MSI changes since 2.6.1:

  • Update included openvpn-gui to 11.39.0.0
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.2-I001-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.2-I001-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.2-I001-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.2.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.6.1. This is mostly a bugfix release with some improvements.

For details see Changes.rst

Feature changes:

  • Dynamic TLS Crypt: When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically create a tls-crypt key that is used for renegotiation. This ensure that only the previously authenticated peer can do trigger renegotiation and complete renegotiations.
  • CryptoAPI (Windows): support issuer name as a selector. Certificate selection string can now specify a partial issuer name string as
    «—cryptoapicert ISSUER:<string>» where <string> is matched as a substring of the issuer (CA) name in the certificate.

Note: configure now enables DCO build by default on FreeBSD and Linux. On Linux this brings in a new default dependency for libnl-genl (for Linux distributions that are too old to have a suitable version of the library, use «configure —disable-dco»)

Windows MSI changes since 2.6.1:

  • Update included ovpn-dco-win driver to 0.9.2
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.1-I001-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.1-I001-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.1-I001-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.1.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.6.0. This is a new stable release with some major new features.

For details see: Changes.rst

The Changes document also contains a section with workarounds for common problems encountered when using OpenVPN with OpenSSL 3.

New features and improvements in 2.6.0 compared to 2.5.8:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added —peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Included openvpn-gui updated to 11.37.0.0. See CHANGES.rst.
  • Updated easy-rsa3 bundled with the installer on Windows.
  • Various bug fixes.
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.6.0-I005-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.6.0-I005-arm64.msi
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.6.0-I005-x86.msi
Source archive file
GnuPG Signature openvpn-2.6.0.tar.gz

The OpenVPN community project team is proud to release OpenVPN 2.5.4. This release include a number of fixes and small improvements. One of the fixes is to password prompting on windows console when stderr redirection is in use — this breaks 2.5.x on Win11/ARM, and might also break on Win11/amd64. Windows executable and libraries are now built natively on Windows using MSVC, not cross-compiled on Linux as with earlier 2.5 releases. Windows installers include updated OpenSSL and new OpenVPN GUI. The latter includes several improvements, the most important of which is the ability to import profiles from URLs where available. Installer version I602 fixes loading of pkcs11 files on Windows. Installer version I603 fixes a bug in the version number as seen by Windows (was 2.5..4, not 2.5.4). Installer I604 fixes some small Windows issues.

Source tarball (gzip)
GnuPG Signature openvpn-2.5.4.tar.gz
Source tarball (xz)
GnuPG Signature openvpn-2.5.4.tar.xz
Source zip
GnuPG Signature openvpn-2.5.4.zip
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.5.4-I604-x86.msi
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.5.4-I604-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.5.4-I604-arm64.msi

Overview of changes since OpenVPN 2.4

Faster connections

Crypto specific changes

  • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
  • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
  • Client-specific tls-crypt keys (—tls-crypt-v2)
  • Improved Data channel cipher negotiation
  • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

  • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
  • Asynchronous (deferred) authentication support for auth-pam plugin
  • Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

  • Support IPv4 configs with /31 netmasks now
  • 802.1q VLAN support on TAP servers
  • IPv6-only tunnels
  • New option —block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

  • VRF support
  • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

  • Wintun driver support, a faster alternative to tap-windows6
  • Setting tun/tap interface MTU
  • Setting DHCP search domain
  • Allow unicode search string in —cryptoapicert option
  • EasyRSA3, a modern take on OpenVPN CA management
  • MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no «default cipher BF-CBC» anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able  to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the —data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no —cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in —data-ciphers or there is a «—cipher BF-CBC» in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC.  But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that

implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it.  This is not something the OpenVPN community can fix.  If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

The OpenVPN community project team is proud to release OpenVPN 2.5.3. Besides a number of small improvements and bug fixes, this release fixes a possible security issue with OpenSSL config autoloading on Windows (CVE-2021-3606). Updated OpenVPN GUI is also included in Windows installers.

Source tarball (gzip)
GnuPG Signature openvpn-2.5.3.tar.gz
Source tarball (xz)
GnuPG Signature openvpn-2.5.3.tar.xz
Source zip
GnuPG Signature openvpn-2.5.3.zip
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.5.3-I601-x86.msi
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.5.3-I601-amd64.msi
Windows ARM64 MSI installer
GnuPG Signature OpenVPN-2.5.3-I601-arm64.msi

Overview of changes since OpenVPN 2.4

Faster connections

  • Connections setup is now much faster

Crypto specific changes

  • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
  • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
  • Client-specific tls-crypt keys (—tls-crypt-v2)
  • Improved Data channel cipher negotiation
  • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

  • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
  • Asynchronous (deferred) authentication support for auth-pam plugin
  • Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

  • Support IPv4 configs with /31 netmasks now
  • 802.1q VLAN support on TAP servers
  • IPv6-only tunnels
  • New option —block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

  • VRF support
  • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

  • Wintun driver support, a faster alternative to tap-windows6
  • Setting tun/tap interface MTU
  • Setting DHCP search domain
  • Allow unicode search string in —cryptoapicert option
  • EasyRSA3, a modern take on OpenVPN CA management
  • MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no «default cipher BF-CBC» anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able  to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the —data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no —cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in —data-ciphers or there is a «—cipher BF-CBC» in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC.  But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that

implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it.  This is not something the OpenVPN community can fix.  If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

The OpenVPN community project team is proud to release OpenVPN 2.5.2. It fixes two related security vulnerabilities (CVE-2020-15078) which under very specific circumstances allow tricking a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. In combination with «—auth-gen-token» or a user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. OpenVPN 2.5.2 also includes other bug fixes and improvements. Updated OpenSSL and OpenVPN GUI are included in Windows installers.

Source tarball (gzip)
GnuPG Signature openvpn-2.5.2.tar.gz
Source tarball (xz)
GnuPG Signature openvpn-2.5.2.tar.xz
Source zip
GnuPG Signature openvpn-2.5.2.zip
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.5.2-I601-x86.msi
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.5.2-I601-amd64.msi

Overview of changes since OpenVPN 2.4

Faster connections

  • Connections setup is now much faster

Crypto specific changes

  • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
  • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
  • Client-specific tls-crypt keys (—tls-crypt-v2)
  • Improved Data channel cipher negotiation
  • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

  • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
  • Asynchronous (deferred) authentication support for auth-pam plugin
  • Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

  • Support IPv4 configs with /31 netmasks now
  • 802.1q VLAN support on TAP servers
  • IPv6-only tunnels
  • New option —block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

  • VRF support
  • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

  • Wintun driver support, a faster alternative to tap-windows6
  • Setting tun/tap interface MTU
  • Setting DHCP search domain
  • Allow unicode search string in —cryptoapicert option
  • EasyRSA3, a modern take on OpenVPN CA management
  • MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no «default cipher BF-CBC» anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able  to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the —data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no —cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in —data-ciphers or there is a «—cipher BF-CBC» in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC.  But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that

implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it.  This is not something the OpenVPN community can fix.  If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

The OpenVPN community project team is proud to release OpenVPN 2.5.1. It includes several bug fixes and improvements as well as updated OpenSSL and OpenVPN GUI for Windows.

Source tarball (gzip)
GnuPG Signature openvpn-2.5.1.tar.gz
Source tarball (xz)
GnuPG Signature openvpn-2.5.1.tar.xz
Source zip
GnuPG Signature openvpn-2.5.1.zip
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.5.1-I601-x86.msi
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.5.1-I601-amd64.msi

Overview of changes since OpenVPN 2.4

Faster connections

  • Connections setup is now much faster

Crypto specific changes

  • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
  • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
  • Client-specific tls-crypt keys (—tls-crypt-v2)
  • Improved Data channel cipher negotiation
  • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

  • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
  • Asynchronous (deferred) authentication support for auth-pam plugin
  • Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

  • Support IPv4 configs with /31 netmasks now
  • 802.1q VLAN support on TAP servers
  • IPv6-only tunnels
  • New option —block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

  • VRF support
  • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

  • Wintun driver support, a faster alternative to tap-windows6
  • Setting tun/tap interface MTU
  • Setting DHCP search domain
  • Allow unicode search string in —cryptoapicert option
  • EasyRSA3, a modern take on OpenVPN CA management
  • MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no «default cipher BF-CBC» anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able  to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the —data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no —cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in —data-ciphers or there is a «—cipher BF-CBC» in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC.  But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that

implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it.  This is not something the OpenVPN community can fix.  If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

The OpenVPN community project team is proud to release OpenVPN 2.5.0 which is a new major release with many new features.

Source tarball (gzip)
GnuPG Signature openvpn-2.5.0.tar.gz
Source tarball (xz)
GnuPG Signature openvpn-2.5.0.tar.xz
Source zip
GnuPG Signature openvpn-2.5.0.zip
Windows 32-bit MSI installer
GnuPG Signature OpenVPN-2.5.0-I601-x86.msi
Windows 64-bit MSI installer
GnuPG Signature OpenVPN-2.5.0-I601-amd64.msi

Overview of changes since OpenVPN 2.4

Faster connections

  • Connections setup is now much faster

Crypto specific changes

  • ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
  • Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
  • Client-specific tls-crypt keys (—tls-crypt-v2)
  • Improved Data channel cipher negotiation
  • Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

  • HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
  • Asynchronous (deferred) authentication support for auth-pam plugin
  • Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

  • Support IPv4 configs with /31 netmasks now
  • 802.1q VLAN support on TAP servers
  • IPv6-only tunnels
  • New option —block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

  • VRF support
  • Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

  • Wintun driver support, a faster alternative to tap-windows6
  • Setting tun/tap interface MTU
  • Setting DHCP search domain
  • Allow unicode search string in —cryptoapicert option
  • EasyRSA3, a modern take on OpenVPN CA management
  • MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no «default cipher BF-CBC» anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able  to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the —data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no —cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in —data-ciphers or there is a «—cipher BF-CBC» in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC.  But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that

implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it.  This is not something the OpenVPN community can fix.  If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

The OpenVPN community project team is proud to release OpenVPN 2.4.11. It fixes two related security vulnerabilities (CVE-2020-15078) which under very specific circumstances allow tricking a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. This release also includes other bug fixes and improvements. The I602 Windows installers fix a possible security issue with OpenSSL config autoloading on Windows (CVE-2021-3606). Updated OpenSSL and OpenVPN GUI are included in Windows installers.

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.11.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.11.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.11.zip
Windows 7/8/8.1/Server 2012r2 installer (NSIS)
GnuPG Signature openvpn-install-2.4.11-I602-Win7.exe
Windows 10/Server 2016/Server 2019 installer (NSIS)
GnuPG Signature openvpn-install-2.4.11-I602-Win10.exe

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

This is primarily a maintenance release with bugfixes and small improvements. Windows installers include the latest OpenSSL version (1.1.1i) which includes security fixes.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.10.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.10.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.10.zip
Windows 7/8/8.1/Server 2012r2 installer (NSIS)
GnuPG Signature openvpn-install-2.4.10-I601-Win7.exe
Windows 10/Server 2016/Server 2019 installer (NSIS)
GnuPG Signature openvpn-install-2.4.10-I601-Win10.exe

Instructions for verifying the signatures are available here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

The Windows installers are bundled with OpenVPN-GUI — its source code is available on its project page and as tarballs on our alternative download server.

This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810, trac #1272) which allows disrupting service of a freshly connected client that has not yet not negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new —tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.9.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.9.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.9.zip
Windows 7/8/8.1/Server 2012r2 installer (NSIS)
GnuPG Signature openvpn-install-2.4.9-I601-Win7.exe
Windows 10/Server 2016/Server 2019 installer (NSIS)
GnuPG Signature openvpn-install-2.4.9-I601-Win10.exe

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI — its source code is available on its project page and as tarballs on our alternative download server.

This is primarily a maintenance release with bugfixes and improvements. The Windows installers (I601) have several improvements compared to the previous release:

  • New tap-windows6 driver (9.24.2) which fixes some suspend and resume issues
  • Latest OpenVPN-GUI
  • Considerable performance boost due to new compiler optimization flags

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new —tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.8.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.8.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.8.zip
Windows 7/8/8.1/Server 2012r2 installer (NSIS)
GnuPG Signature openvpn-install-2.4.8-I602-Win7.exe
Windows 10/Server 2016/Server 2019 installer (NSIS)
GnuPG Signature openvpn-install-2.4.8-I602-Win10.exe

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI — its source code is available on its project page and as tarballs on our alternative download server.

This is primarily a maintenance release with bugfixes and improvements. One of the big things is enhanced TLS 1.3 support. A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new —tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer will not work on Windows 7/8/8.1/Server 2012r2. This is because Microsoft’s driver signing requirements and tap-windows6. For the same reason you need to use an older installer with Windows Server 2016. This older installer has a local privilege escalation vulnerability issue which we cannot resolve for Windows Server 2016 until tap-windows6 passes the HLK test suite on that platform. In the meanwhile we recommend Windows Server 2016 users to avoid installing OpenVPN/tap-windows6 driver on hosts where all users can’t be trusted. Users of Windows 7-10 and Server 2012r2 are recommended to update to latest installers as soon as possible.

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.7.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.7.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.7.zip
Windows 7/8/8.1/Server 2012r2 installer (NSIS)
GnuPG Signature openvpn-install-2.4.7-I607-Win7.exe
Windows 10 installer (NSIS)
GnuPG Signature openvpn-install-2.4.7-I607-Win10.exe
Windows Server 2016 installer (NSIS)
GnuPG Signature openvpn-install-2.4.7-I603.exe

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI — its source code is available on its project page and as tarballs on our alternative download server.

This is primarily a maintenance release with minor bugfixes and improvements, and one security relevant fix for the Windows Interactive Service. Windows installer includes updated OpenVPN GUI and OpenSSL. Installer I601 included tap-windows6 driver 9.22.1 which had one security fix and dropped Windows Vista support. However, in installer I602 we had to revert back to tap-windows 9.21.2 due to driver getting reject on freshly installed Windows 10 rev 1607 and later when Secure Boot was enabled. The failure was due to the new, more strict driver signing requirements. The 9.22.1 version of the driver is in the process of getting approved and signed by Microsoft and will be bundled in an upcoming Windows installer.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new —tls-crypt feature can be used to increase users’ connection privacy.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developha er IRC channel (#openvpn-devel at irc.libera.chat). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.libera.chat).

Source Tarball (gzip)
GnuPG Signature openvpn-2.4.6.tar.gz
Source Tarball (xz)
GnuPG Signature openvpn-2.4.6.tar.xz
Source Zip
GnuPG Signature openvpn-2.4.6.zip
Windows installer (NSIS)
GnuPG Signature openvpn-install-2.4.6-I602.exe

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI — its source code is available on its project page and as tarballs on our alternative download server.

You can download Windows developments snapshots (MSI installers) from here (Index of /downloads/snapshots/github-actions/openvpn2/ ). Those are automatically built from commits to OpenVPN master branch and include functionality which will be available in the next release. Development snapshots are less stable than releases, so use at your own risk.

Сохраняйте приватность, не тратя на это ни копейки.

7 лучших бесплатных VPN-сервисов для компьютеров и смартфонов

Официальные сайты некоторых VPN‑сервисов могут работать нестабильно. Если у вас не получается перейти по ссылке и установить определённый вариант из списка, попробуйте другой.

1. Proton VPN

Proton VPN — один из продуктов швейцарской компании Proton AG, известной своим защищённым почтовым сервисом. Приложение для мобильных устройств и настольных компьютеров скрывает и меняет IP‑адрес, шифрует интернет‑трафик, помогая преодолевать географические ограничения, может фильтровать нежелательный контент.

Сервис предлагает тысячи серверов в 65 странах, на бесплатном тарифе доступно подключение к сотне точек в трёх государствах. Не со всеми маршрутами приложение связывается одинаково стабильно, поэтому стоит пробовать разные варианты, если самый первый не срабатывает.

В Proton VPN нет рекламы и ограничений по трафику, но регулярно появляется предложение оформить подписку с дополнительными функциями.

Скачать Proton VPN для Windows, macOS, Linux, iPhone →

2. VPN Super

Это приложение предназначено исключительно для мобильных устройств под управлением Android и iOS. В VPN Super нет ограничений по трафику. У программы достаточно простой интерфейс — подключение выполняется одним нажатием кнопки, сервис не требует регистрации аккаунта. Также для пользователей не сохраняется список действий.

Скорости загрузки около 10 Мбит/c должно быть достаточно для просмотра видеороликов и прослушивания музыки. В бесплатной версии можно вручную выбрать один из нескольких десятков серверов в разных странах.

3. Vpnify

Бесплатное приложение с простым интерфейсом для мобильных устройств и macOS. Vpnify работает без временного лимита и фиксированного трафика. Подключение можно запустить нажатием одной кнопки без регистрации.

Сервис способен выполнять маршрутизацию автоматически через наименее нагруженный сервер, но вручную также получится указать один из 25 вариантов. В интерфейсе есть индикаторы приблизительной нагрузки для каждой точки.

Через Vpnify вполне можно смотреть видеоролики на популярных хостингах и на бесплатном тарифе. Во время запуска приложение предлагает перейти на один из вариантов подписки, а также периодически появляется реклама.

4. iTop VPN

Сервис для компьютеров и смартфонов с бесплатной версией без ограничения трафика. Для подключения доступны 16 серверов в нескольких странах, которые подходят для конкретных целей: обмена файлами, игр и стриминга, использования социальных сетей и мессенджеров.

Программа работает без регистрации аккаунта и дополнительной настройки — достаточно просто установить и запустить соединение кнопкой. В мобильном приложении при включении VPN всплывает реклама и предложение купить подписку.

Скачать iTop VPN для Windows →

Скачать iTop VPN для macOS →

5. TurboVPN

VPN-сервис с неограниченным трафиком доступен на разных платформах. В TurboVPN есть встроенный браузер, а также предусматривается выбор протокола соединения. А вот расположение сервера менять нельзя — для этого необходимо купить подписку.

Как и все бесплатные VPN‑сервисы, при запуске TurboVPN предлагает всё-таки выбрать тариф и показывает рекламу, но не слишком навязчиво.

6. Hotspot Shield

Один из самых популярных VPN‑сервисов в мире. Приложение имеет достаточно удобный интерфейс, с которым не придётся долго разбираться. В Hotspot Shield ограничен дневной объём трафика, но время использования можно продлить просмотром рекламы. В бесплатной версии нельзя выбирать сервер вручную, а максимальная скорость подключения — 2 Мбит/с.

Установленные на устройстве программы можно вносить в список исключений, чтобы для них соединение осуществлялось без VPN. Разработчики утверждают, что не сохраняют действия пользователей в Сети. Но сервис записывает некоторую информацию, включая IP‑адреса. После отключения от сервера эти данные удаляются.

Скачать Hotspot Shield для Windows →

Скачать Hotspot Shield для macOS →

Скачать Hotspot Shield для iOS →

7. Psiphon

Канадский VPN‑сервис, доступный на ПК и мобильных устройствах. Приложение выбирает регион сервера автоматически, но можно указать конкретную страну из трёх десятков вариантов.

В Psiphon используется сочетание нескольких технологий защищённой связи: VPN, SSH и HTTP‑прокси. Сервис маскирует трафик пользователя, шифрует его и скрывает источник. Исходный код доступен на GitHub.

Ограничений на количество трафика нет, но в бесплатной версии заявлена скорость до 2 Мбит/c. Для ускорения разработчики предлагают покупать внутреннюю валюту Psicash и оплачивать с её помощью премиум‑доступ. Он действует от часа до месяца. Взять паузу не получится — время отсчитывается с момента активации, даже если вы отключите приложение.

Скачать Psiphon для Windows, macOS →

8. PotatoVPN

Этот сервис обеспечивает бесплатное подключение к шести различным серверам: в США, Канаде, Великобритании, Германии, Сингапуре и Индии. Для соединения не потребуется даже регистрация.

Также PotatoVPN предлагает на выбор различные протоколы доступа, включая FTP, и не хранит IP‑адреса, выданные пользователям.

Скачать PotatoVPN для Windows и macOS →

UPD. Текст обновлён в мае 2023 года: заменили некоторые пункты из списка актуальными.

Читайте также 🧐

  • 3 специальных браузера для анонимного сёрфинга
  • 7 лучших бесплатных прокси-серверов
  • Как создать и настроить свой VPN-сервер
  • Что такое прокси-серверы и как ими пользоваться
  • Как защитить личные данные в интернете

Удобный интерфейс Windows VPN в котором разберутся абсолютно все

Очень быстрые сервера работающие в любой точке мира

Самые безопасные и надежные протоколы VPN для ПК

Надежный ВПН сервис для Windows 7, 8, 10, 11

Начни работу с VPN для ПК без лишних усилий

ZoogVPN для Windows — это решение, которое является одновременно быстрым и безопасным. Простой и удобный интерфейс приложения обеспечит вам комфорт в использовании.

create account

Создай аккаунт в ZoogVPN

Пройдите простую процедуру регистрации по этой ссылке.

install

Установите приложение для Windows

Скачайте, установите и откройте VPN приложение на своем Windows компьютере.

click

Нажми «Connect» и наслаждайся!

ВПН сервис для Windows

С ВПН сервисом для Windows от ZoogVPN вы можете за считанные секунды подключиться к VPN-локациям по всему миру. Клиент Windows VPN имеет множество замечательных функций, обеспечивающих полную свободу, конфиденциальность и безопасность в интернете.

safe browsing

Анонимный и безопасный просмотр

При подключении к ZoogVPN мы предоставляем вам анонимный IP-адрес, что делает невозможным связать что-либо с вами.

УЗНАТЬ БОЛЬШЕ

No censorship

Без цензуры и гео-ограничений

Получите доступ к любому веб-сайту независимо от вашего местоположения. Просматривайте любой веб-сайт, социальные сети и получайте наилучшие впечатления от стриминга и игр с клиентом ZoogVPN для Windows.

УЗНАТЬ БОЛЬШЕ

rocket

Остановите ограничения интернет-провайдера

Ваш интернет-провайдер может снизить скорость вашего интернета. ZoogVPN использует серверы, оптимизированные для максимально возможной скорости.

УЗНАТЬ БОЛЬШЕ

Упростите рабочий процесс с помощью Windows VPN


Автоматическое подключение к лучшему VPN-серверу

Заблудились среди десятков серверов?
Пусть приложение выберет для вас лучший сервер.

Как только вы нажмете «Подключиться», ZoogVPN быстро проведет несколько проверок, чтобы найти лучший незагруженный сервер с самым низким пингом для вашего местоположения. Вы будете подключены к VPN-серверу с максимальной скоростью за считанные секунды.


Автоматическое переподключение

Нет необходимости выполнять повторное подключение вручную.

Уже все схвачено!

Ваше соединение может быть прервано по разным причинам в любое время. В отличие от других VPN-провайдеров, клиент ZoogVPN автоматически повторно подключается к тому же серверу, обеспечивая безопасность ваших данных и ничего не раскрывая.


Автозапуск

Настройте ZoogVPN на запуск сразу после включения ПК. Никаких дополнительных усилий не требуется.

Клиент автоматически запускается и подключается к VPN-серверу при запуске.

Вам не нужно думать об этом каждый раз, когда ваш ПК включен — все для вашего удобства!

Лучший Функционал Windows VPN

С ZoogVPN ваш трафик защищен, ваши данные в безопасности и ваш интернет не подлежит никакой цензуре.

shield

Приложение для Windows оснащено самыми быстрыми протоколами OpenVPN и IKEv2, которые никогда не подвергались риску.

kill-switc

Встроенная функция Kill Switch защищает вас в случае неожиданного обрыва VPN-подключения, поэтому ваш IP-адрес никогда не будет раскрыт.

leak-protection

В нашем программном обеспечении по умолчанию включена расширенная защита от утечек, которая гарантирует отсутствие утечек IP или DNS.

mask

Приложение оптимизировано для обхода файрволов и ограничений стран с жесткой цензурой с помощью передовых методов запутывания.

login-pass

Клиент сохраняет ваше имя пользователя и пароль для удобного входа в систему и аутентификации VPN-сервера.

split-tunneling

Сплит-туннелирование (скоро)

Выберите, какие приложения используют ZoogVPN, когда вы подключены, а какие нет.

Лучший VPN-сервис для Windows в России

Вот что пишут о ZoogVPN эксперты и наши клиенты.

Часто задаваемые вопросы

🚀 Что делает приложение VPN для Windows?

Приложение VPN для Windows защищает весь трафик, направляемый с вашего ПК через Интернет. Как только вы подключаетесь к VPN-серверу в Windows, мы шифруем каждую часть данных, которые вы отправляете и получаете, и изменяем ваш IP-адрес. В результате вы получаете полную конфиденциальность в Интернете и безопасность просмотра веб-страниц.

💻 Подходит ли VPN для ноутбуков с Windows?

VPN — хорошее решение для ноутбуков с Windows. VPN шифрует ваш трафик и защищает каждую часть передаваемых данных. Windows — очень гибкая операционная система, оптимизированная для использования VPN как на ноутбуках, так и на настольных устройствах.

👨‍💻 Как использовать программное обеспечение VPN в Windows?

Использовать программное обеспечение VPN в Windows очень просто. Это займет 3 коротких шага: загрузите приложение VPN, установите его на свое устройство Windows и запустите. После этого вы сможете подключиться к VPN-серверу, который защитит ваше интернет-соединение с помощью шифрования банковского уровня. ZoogVPN — одно из самых простых VPN-приложений в России.

⚙️ Как настроить VPN в Windows вручную?

Если вы хотите настроить VPN в Windows вручную, вам нужно выбрать протокол, который вы собираетесь использовать, узнать имя сервера VPN-сервера, а также ваше имя пользователя и пароль. Процесс настройки отличается для разных протоколов VPN, и у нас есть подробное руководство, которое поможет вручную настроить VPN в Windows.

💸 Есть ли бесплатный VPN для Windows?

Да, есть много бесплатных VPN для Windows. Однако большинство бесплатных VPN-приложений не так безопасны, как платные, и могут собирать ваши личные данные и продавать их третьим лицам. В отличие от некоторых наших конкурентов, ZoogVPN предлагает совершенно бесплатное VPN-приложение со строгой политикой отсутствия журналов. ZoogVPN предлагает бесплатный VPN для Windows с 5 локациями, 10 ГБ бесплатного трафика и многое другое. Вы можете скачать его бесплатно, кредитная карта не требуется.

🗔 Есть ли в Windows 10 или 11 встроенный VPN?

И в Windows 10, и в 11 есть встроенная функция VPN, но они не предлагают серверы VPN, к которым вы можете подключиться. Хотя Windows оснащена функцией VPN, вам все равно нужно настроить ее вручную, иметь сервер, к которому вы хотите подключиться, имя пользователя, пароль, протокол и многое другое. Очень просто загрузить специальное приложение ZoogVPN, установить его и нажать одну кнопку, чтобы подключиться к нужному серверу по всему миру.

Есть сомнения? Попробуйте премиум версию с гарантией возврата денег!

Подождите! У нас отличное предложение.

3 месяца БЕСПЛАТНО + 76% скидка 🎁

✅  Оформите годовую подписку и получите +3 месяца бесплатно

✅  Защитите ваше устройство лучшим VPN

✅  Разблокируйте все сайты, которые хотите

✅  Безлимит по скорости и все 70+ доступных локаций

7-дневная гарантия возврата средств

  • Скачать what s app для windows
  • Скачать vpn крякнутый для windows торрент
  • Скачать wechat на русском для windows 10
  • Скачать vpn клиент для windows 10 бесплатно
  • Скачать watts up на компьютер windows 10