OpenVPN is a robust and highly flexible VPN daemon. OpenVPN supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT, support for dynamic IP addresses and DHCP, scalability to hundreds or thousands of users, and portability to most major OS platforms.
OpenVPN is tightly bound to the OpenSSL library, and derives much of its crypto capabilities from it.
OpenVPN supports conventional encryption using a pre-shared secret key (Static Key mode) or public key security (SSL/TLS mode) using client & server certificates. OpenVPN also supports non-encrypted TCP/UDP tunnels.
OpenVPN is designed to work with the TUN/TAP virtual networking interface that exists on most platforms.
Overall, OpenVPN aims to offer many of the key features of IPSec but with a relatively lightweight footprint.
With OpenVPN, you can:
- tunnel any IP subnetwork or virtual ethernet adapter over a single UDP or TCP port,
- configure a scalable, load-balanced VPN server farm using one or more machines which can handle thousands of dynamic connections from incoming VPN clients,
- use all of the encryption, authentication, and certification features of the OpenSSL library to protect your private network traffic as it transits the internet,
- use any cipher, key size, or HMAC digest (for datagram integrity checking) supported by the OpenSSL library,
- choose between static-key based conventional encryption or certificate-based public key encryption,
- use static, pre-shared keys or TLS-based dynamic key exchange,
- use real-time adaptive link compression and traffic-shaping to manage link bandwidth utilization,
- tunnel networks whose public endpoints are dynamic such as DHCP or dial-in clients,
- tunnel networks through connection-oriented stateful firewalls without having to use explicit firewall rules,
- tunnel networks over NAT,
- create secure ethernet bridges using virtual tap devices, and
- control OpenVPN using a GUI on Windows or Mac OS X.
This is primarily a maintenance release with bugfixes and improvements. One of the big things is enhanced TLS 1.3 support. A summary of the changes is available in Changes.rst, and a full list of changes is available here.
Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.
Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.
Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). Also, the new --tls-crypt feature can be used to increase users' connection privacy.
OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.
Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18,
- Android version updated to 3.0.5
Apps similar to OpenVPN 3
UltraVNC Server and Viewer are a powerful, easy to use, free software that can display the screen of one computer (Server) on the screen of another (Viewer).
Comodo EasyVPN creates secure peer-to-peer networks for unlimited PCs.
Many internet marketers and companies such as Google, Facebook, and most ISP's (Internet Service Providers) follow you around on the web by your IP address.
- Free to Try