OpenVPN Connect for Windows

This is the official OpenVPN Connect client software for Windows workstation platforms developed and maintained by OpenVPN Inc. This is the recommended client program for the OpenVPN Access Server to enable VPN for Windows. The latest version of OpenVPN for Windows is available on our website.

If you have an OpenVPN Access Server, it is recommended to download the OpenVPN Connect client software directly from your own Access Server, as it will then come pre configured for use for VPN for Windows. The version available here contains no configuration to make a connection, although it can be used to update an existing installation and retain settings.

sha256 signature: 58973ceba1dfb77ac98977f264b5aebe4ca094c17ada72c4d2767d2a2c7607c5

For Windows 7, 8, 8.1, and 10.

sha256 signature: bfd176271cca8c1e7fae446621a985388bf55d023668af8e5dcec9ec4560dd85

Previous generation OpenVPN Connect V2 is available here:

sha256 signature: f65dd0ea784dd63632be64f89b1f83d51c199fd7319888883780cb9e975c325a

For Windows 7, 8, 8.1, and 10.

The Interface

Our latest line of OpenVPN for Windows (OpenVPN Connect) software available for the major platforms features a new and improved user interface, making the experience of installing and using the OpenVPN for Windows software a snap. With an easy to use import feature you can import profiles straight from your OpenVPN Access Server or just import a saved profile from disk.

Frequently Asked Questions

Can the new and old client co-exist?

Yes, you may continue to use both v2 and v3 on the same connect device and import the profiles desired into each. If you like, you can run either one or both.

Can I connect to multiple servers at the same time?

No, the client cannot connect to multiple servers at once. It does support multiple connection profiles, giving you the option to switch easily from one server to the next, but you can only be connected to one at a time. This is by design, to prevent unexpected traffic paths when connecting to multiple VPN servers at the same time. If you are a system administrator and you require a complex setup where multiple connections are active at the same time, there is the option to use the open source community OpenVPN client software available from our website.

Is the old client still available?

The OpenVPN client v1 was called “OpenVPN Desktop Client” and is no longer available. It is also not safe to use this anymore as it hasn’t been maintained for many years. It was replaced with the OpenVPN client v2. The OpenVPN client v2 is called “OpenVPN Connect Client” and has been in use for many years. It is still available from our website. You can download it from the direct link new the top of this page. The OpenVPN client v3 is called “OpenVPN Connect” and is the latest generation of our software. It is available on our website as a beta version. It is also offered in the OpenVPN Access Server client web interface itself.

Where can I get this for other OS?

Should I use this client or the client from my instance of Access Server?

This is the official OpenVPN Connect software for Windows workstation platforms developed and maintained by OpenVPN Inc. This is the recommended client program for the OpenVPN Access Server. The latest versions are available on our website. If you have an OpenVPN Access Server, you can download the OpenVPN Connect client software directly from your own Access Server, and it will then come pre-configured for use. The version available here contains no configuration to make a connection, although it can be used to update an existing installation and retain settings.

How do I install the Windows client?

1. Download the MSI file
2. Open and start the setup wizard.
3. Give permissions to install on your Windows OS.
4. Complete the OpenVPN Connect Setup Wizard.
5. The OpenVPN logo displays in your tray (bottom right) with DISCONNECTED status.
6. Click on the icon to start the Onboarding Tour.
7. Review how to import a profile from a server by entering the Access Server Hostname and credentials or uploading a profile from your computer.
8. Agree to the data collection use and retention policies after reviewing them.
9. Import a profile, either from the server or from file.

How do I install the client directly from my Access Server?

1. Navigate to your OpenVPN Access Server client web interface.
2. Login with your credentials.
3. Select ‘OpenVPN Connect for Windows’.
4. Wait until the download completes, and then open it (specifics vary depending on your browser).
5. Click Run to start the installation process.
6. Click Yes to approve the privilege escalation request.
7. Wait until the installation process completes.
8. In the system tray, the OpenVPN Connect Client is now ready for use.

How do I import a profile from a server?

1. From the OpenVPN Connect UI, choose “Import from Server”.
2. Enter your Access Server Hostname, Title, Port (optional), and your credentials–username and password.
3. Click Add.
4. If you choose to Import autologin profile, it is less secure, but you won’t need to re-enter credentials.

How do I import a profile from my computer?

1. Choose “Import from File”.
2. Drag and drop a .OVPN file or click on Browse to navigate to the location on your computer.
3. The message displays that the profile is successfully imported and displays the hostname and the title. You can change the title if desired.
4. Click on Add to complete the import.

Why did I receive an error message that TAP mode is not supported when importing a profile?

Layer 2 bridging (TAP) is no longer supported. Switch over to TUN Mode to resolve this issue.

Why am I getting a certificate error? How can I fix using a self signed certificate?

OpenVPN Access Server starts with a self-signed certificate. With this, you will receive warnings from your web browser about the site not being secure as well as a certificate error when importing a profile with the Connect Client. You can simply override the warnings or add an exception for your web browser. To resolve this, you can set up a DNS host name that resolves to the public address of your Access Server and install a valid SSL certificate that corresponds to that DNS host name. Going forward, you would use that hostname to access your server instead of the IP address. This is also the recommended method as validated SSL certificates can only ever function with a valid public DNS hostname.

Where do I find my Access Server Hostname and credentials?

Your Access Server Hostname is the address at which your Access Server can be reached. For example it could be https://vpn.yourcompany.com/. If a DNS hostname is not set up, it is also possible to specify the IP address where your Access Server. For example: https://55.193.55.55 Your credentials are your username and password. You may need to get that information from your Access Server administrator if you don’t know it.

What do I enter for “Title”?

Title is the name for the profile. It is automatically defined as the username with the hostname or IP address(example: user1@hostname). It differentiates between multiple profiles. You can define it manually as well. The title can be anything you want just so you can see which profile is which.

What does “import autologin profile” mean?

Choosing this option allows you to import an autologin profile with the address and credentials for your Access Server, then simply start the connection with the tap of a button. You would not need to re-enter credentials each time you connect. The autoprofile itself contains an embedded secure certificate that identifies and authorizes your connection automatically. It is an optional setting on the OpenVPN Access Server that the administrator of the server can choose to make available to you. If you find you cannot import the autologin profile, your administrator may not have allowed autologin through user permissions.

Why did I get this message: “In this version compression was disabled by default. If you need it, please re-enable this setting.”

During investigation of a vulnerability called VORACLE, it was found that using compression to make the data that goes through the VPN tunnel smaller, and thus faster, has an adverse effect on security. To learn more about this see our security notification on our website regarding the VORACLE attack vulnerability. In order to protect our customers, we are disabling compression by default. Some servers of the open source variety can be configured in such a way that the client must do compression, or else the client may not connect successfully. In such a case, you should get the server updated to disable compression. But we understand that this is not always possible, and you may need to be able to connect to such a server. In that event you can go into the settings and re-enable compression.

Community Downloads

OpenVPN 2.5.1 — Released 24 February, 2021

The OpenVPN community project team is proud to release OpenVPN 2.5.1. It includes several bug fixes and improvements as well as updated OpenSSL and OpenVPN GUI for Windows.

Source tarball (gzip)

Source tarball (xz)

Source zip

Windows 32-bit MSI installer

Windows 64-bit MSI installer

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• I mproved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (–tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronou s (d eferred ) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option –block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig /route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in –cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Connectivity to some VPN service provider may break

Linux packages are available from

Windows ARM64 installers

Our MSI installer do not currently support the Windows ARM64 platform. You need to use our NSI-based snapshot installers from here. We recommend using the latest installer that matches one of these patterns:

• openvpn-install-2.5_git-I900-release-2.5-* (stable 2.5 version)
• openvpn-install-2.6_git-I900-master-* (development version)

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.freenode.net)

OpenVPN 2.5.0 — Released 28 October, 2020

The OpenVPN community project team is proud to release OpenVPN 2.5.0 which is a new major release with many new features.

Source tarball (gzip)

Source tarball (xz)

Source zip

Windows 32-bit MSI installer

Windows 64-bit MSI installer

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• I mproved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (–tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronou s (d eferred ) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option –block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig /route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in –cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Connectivity to some VPN service provider may break

Linux packages are available from

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.freenode.net)

OpenVPN 2.4.10 — Released 9 December, 2020

This is primarily a maintenance release with bugfixes and small improvements. Windows installers include the latest OpenSSL version (1.1.1i) which includes security fixes.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

Instructions for verifying the signatures are available here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.9 — Released 17 April, 2020

This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810, trac #1272) which allows disrupting service of a freshly connected client that has not yet not negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.8 — Released 31 October, 2019

This is primarily a maintenance release with bugfixes and improvements. The Windows installers (I601) have several improvements compared to the previous release:

• New tap-windows6 driver (9.24.2) which fixes some suspend and resume issues
• Latest OpenVPN-GUI
• Considerable performance boost due to new compiler optimization flags

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.7 — Released 21 February, 2019

This is primarily a maintenance release with bugfixes and improvements. One of the big things is enhanced TLS 1.3 support. A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer will not work on Windows 7/8/8.1/Server 2012r2. This is because Microsoft’s driver signing requirements and tap-windows6. For the same reason you need to use an older installer with Windows Server 2016. This older installer has a local privilege escalation vulnerability issue which we cannot resolve for Windows Server 2016 until tap-windows6 passes the HLK test suite on that platform. In the meanwhile we recommend Windows Server 2016 users to avoid installing OpenVPN/tap-windows6 driver on hosts where all users can’t be trusted. Users of Windows 7-10 and Server 2012r2 are recommended to update to latest installers as soon as possible.

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10 installer (NSIS)

Windows Server 2016 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.6 — Released 24 April, 2018

This is primarily a maintenance release with minor bugfixes and improvements, and one security relevant fix for the Windows Interactive Service. Windows installer includes updated OpenVPN GUI and OpenSSL. Installer I601 included tap-windows6 driver 9.22.1 which had one security fix and dropped Windows Vista support. However, in installer I602 we had to revert back to tap-windows 9.21.2 due to driver getting reject on freshly installed Windows 10 rev 1607 and later when Secure Boot was enabled. The failure was due to the new, more strict driver signing requirements. The 9.22.1 version of the driver is in the process of getting approved and signed by Microsoft and will be bundled in an upcoming Windows installer.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.