Настройка OpenVPN. Подключение к бесплатным серверам VPN Gate

Настройка OpenVPN для Windows

Данная инструкция демонстрирует, как подключиться к серверу ретрансляции VPN Gate, используя клиент OpenVPN в системах Windows XP, 7, 8, 10, Server 2003, 2008, 2012.

1. Установите клиентское приложение OpenVPN для вашей операционной системы. Запустите установочный файл. Откроется мастер установки. Следуйте подсказкам на экране, чтобы выполнить установку приложения.

2. Скачайте и загрузите файл конфигурации подключения OpenVPN (файл. ovpn). Данная процедура требуется только при первичной настройке подключения.

Файл конфигурации формата *.ovpn понадобиться для подключения к серверу ретрансляции VPN Gate через протокол OpenVPN.

Загрузить файл конфигурации (OpenVPN Config file) можно на странице списка открытых бесплатных серверов ретрансляции http://www.vpngate.net/en/. Выберите VPN-сервер, к которому вы хотите подключиться и нажмите на соответствующий файл *.ovpn, чтобы скачать его на рабочий стол или папку загрузки.

После сохранения файла на компьютере, он будет отображаться как иконка OpenVPN. Тем не менее, вы не сможете установить подключение, просто дважды кликнув по файлу.

Нужно переместить файл *.ovpn в папку “config” основной директории установки OpenVPN.

Откройте папку C:\Program Files\OpenVPN\config и скопируйте файл *.ovpn в нее.

3. Подключение к VPN

Кликните правой кнопкой мыши по иконке “OpenVPN GUI” на рабочем столе и выберите опция “Запустить от имени администратора”. В противном случае, установить VPN подключение не удастся.

Иконка OpenVPN GUI появится в области уведомления панели задач (системном трее). В некоторых случаях иконка может быть скрытой, нажмите по значку стрелки, чтобы показать все скрытые иконки.

Щелкните правой кнопкой мыши по иконке OpenVPN GUI и нажмите “Подключить”.

Запуститься VPN подключение. Статус подключения будет отображаться на экране. Если вы увидите диалоговое окно запроса имени пользователя и пароля. Введите “vpn” в оба поля. Данное окно появляется очень редко.

Если VPN подключение успешно установлено, то появится всплывающее сообщение как на скриншоте.

4. Интернет без ограничений

Когда подключение VPN установлено, в системе Windows создается виртуальный сетевой адаптер TAP-Windows Adapter V9. Этот адаптер получит IP-адрес, который начинается с “10.211”. Виртуальный адаптер получит адрес шлюза по умолчанию.

Вы сможете проверить конфигурацию сети, запустив команду ipconfig /all в командной строке Windows.

Когда соединение установлено, весь сетевой трафик будет проходить проходить через VPN-сервер. Убедиться в этом вы сможете с помощью команды tracert 8.8.8.8 в командной строке Windows.

Как показано на скриншоте выше, если пакеты проходят через «10.211.254.254», значит ваше подключение ретранслируется через один из серверов VPN Gate. Вы также можете перейти на основную страницу VPN Gate, чтобы посмотреть глобальный IP-адрес.

Вы сможете увидеть видимое из сети местоположение, которое будет отличаться от вашей фактической локации.

Настройка OpenVPN для MacOS

Данная инструкция демонстрирует, как подключиться к серверу ретрансляции VPN Gate, используя приложение Tunnelblick. Tunnelblick является версий клиента OpenVPN с графической оболочкой. для систем MacOS.

1. Установите приложение Tunnelblick

Скачайте и установите последнюю версию приложения Tunnelblick. Во время установки на экране будут показываться инструкции.

После завершения установки появится следующий экран. Выберите опцию “У меня есть файлы конфигурации”.

На экране будет показана инструкция по добавлению конфигурации в Tunnelblick.

Нажмите ОК, чтобы закрыть окно.

2. Скачайте и загрузите файл конфигурации подключения OpenVPN (файл .ovpn). Данная процедура требуется только при первичной настройке подключения.

Файл конфигурации формата *.ovpn понадобиться для подключения к серверу ретрансляции VPN Gate через протокол OpenVPN.

Скачать файл конфигурации (OpenVPN Config file) можно на странице списка открытых бесплатных серверов ретрансляции http://www.vpngate.net/en/. Выберите VPN-сервер, к которому вы хотите подключиться и нажмите на соответствующий файл *.ovpn, чтобы его загрузить в папку загрузок (Downloads).

Чтобы установить файл конфигурации *.ovpn, перетащите его на значок Tunnelblick в строке меню, либо на список конфигураций во вкладке «Конфигурации» окна «Детали VPN». Если необходимо установить сразу несколько конфигурационных файлов — выделите их все, а затем перетащите.

Во время добавления нужно будет ввести имя пользователя и пароль от учетной записи MacOS.

3. Подключение к VPN

Нажмите по иконке Tunnelblick на верхней панели инструментов MacOS и выберите опцию “Соединить [название конфигурации]”. Будет запущено подключение к VPN.

Появится статус подключения к VPN, как показано на скриншоте. После успешной установки подключения, в основном окне Tunnelblick будет показываться состояние “Соединен”.

4. Интернет без ограничений

Когда соединение установлено, весь сетевой трафик будет проходить проходить через VPN-сервер. Вы также можете перейти на основную страницу VPN Gate, чтобы посмотреть глобальный IP-адрес. Вы сможете увидеть видимое из сети местоположение, которое будет отличаться от вашей фактической локации.

При подключении к VPN вы сможете посещать заблокированные веб-сайты и играть в заблокированные игры.

Community Downloads

OpenVPN 2.5.1 — Released 24 February, 2021

The OpenVPN community project team is proud to release OpenVPN 2.5.1. It includes several bug fixes and improvements as well as updated OpenSSL and OpenVPN GUI for Windows.

Source tarball (gzip)

Source tarball (xz)

Source zip

Windows 32-bit MSI installer

Windows 64-bit MSI installer

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• I mproved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (–tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronou s (d eferred ) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option –block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig /route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in –cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Connectivity to some VPN service provider may break

Linux packages are available from

Windows ARM64 installers

Our MSI installer do not currently support the Windows ARM64 platform. You need to use our NSI-based snapshot installers from here. We recommend using the latest installer that matches one of these patterns:

• openvpn-install-2.5_git-I900-release-2.5-* (stable 2.5 version)
• openvpn-install-2.6_git-I900-master-* (development version)

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.freenode.net)

OpenVPN 2.5.0 — Released 28 October, 2020

The OpenVPN community project team is proud to release OpenVPN 2.5.0 which is a new major release with many new features.

Source tarball (gzip)

Source tarball (xz)

Source zip

Windows 32-bit MSI installer

Windows 64-bit MSI installer

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• I mproved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (–tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronou s (d eferred ) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option –block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig /route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in –cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Connectivity to some VPN service provider may break

Linux packages are available from

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.freenode.net)

OpenVPN 2.4.10 — Released 9 December, 2020

This is primarily a maintenance release with bugfixes and small improvements. Windows installers include the latest OpenSSL version (1.1.1i) which includes security fixes.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

Instructions for verifying the signatures are available here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.9 — Released 17 April, 2020

This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810, trac #1272) which allows disrupting service of a freshly connected client that has not yet not negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.8 — Released 31 October, 2019

This is primarily a maintenance release with bugfixes and improvements. The Windows installers (I601) have several improvements compared to the previous release:

• New tap-windows6 driver (9.24.2) which fixes some suspend and resume issues
• Latest OpenVPN-GUI
• Considerable performance boost due to new compiler optimization flags

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer works on Windows 10 and Windows Server 2016/2019. The Windows 7 installer will work on Windows 7/8/8.1/Server 2012r2. This is because of Microsoft’s driver signing requirements are different for kernel-mode devices drivers, which in our case affects OpenVPN’s tap driver (tap-windows6).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10/Server 2016/Server 2019 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.7 — Released 21 February, 2019

This is primarily a maintenance release with bugfixes and improvements. One of the big things is enhanced TLS 1.3 support. A summary of the changes is available in Changes.rst, and a full list of changes is available here.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. We are moving to MSI installers in OpenVPN 2.5, but OpenVPN 2.4.x will remain NSIS-only.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP. The last OpenVPN version that supports Windows XP is 2.3.18, which is downloadable as 32-bit and 64-bit versions.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Important: you will need to use the correct installer for your operating system. The Windows 10 installer will not work on Windows 7/8/8.1/Server 2012r2. This is because Microsoft’s driver signing requirements and tap-windows6. For the same reason you need to use an older installer with Windows Server 2016. This older installer has a local privilege escalation vulnerability issue which we cannot resolve for Windows Server 2016 until tap-windows6 passes the HLK test suite on that platform. In the meanwhile we recommend Windows Server 2016 users to avoid installing OpenVPN/tap-windows6 driver on hosts where all users can’t be trusted. Users of Windows 7-10 and Server 2012r2 are recommended to update to latest installers as soon as possible.

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows 7/8/8.1/Server 2012r2 installer (NSIS)

Windows 10 installer (NSIS)

Windows Server 2016 installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.

OpenVPN 2.4.6 — Released 24 April, 2018

This is primarily a maintenance release with minor bugfixes and improvements, and one security relevant fix for the Windows Interactive Service. Windows installer includes updated OpenVPN GUI and OpenSSL. Installer I601 included tap-windows6 driver 9.22.1 which had one security fix and dropped Windows Vista support. However, in installer I602 we had to revert back to tap-windows 9.21.2 due to driver getting reject on freshly installed Windows 10 rev 1607 and later when Secure Boot was enabled. The failure was due to the new, more strict driver signing requirements. The 9.22.1 version of the driver is in the process of getting approved and signed by Microsoft and will be bundled in an upcoming Windows installer.

Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.

Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client’s IP address changes (Peer-ID). Also, the new –tls-crypt feature can be used to increase users’ connection privacy.

A summary of the changes is available in Changes.rst, and a full list of changes is available here.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Source Tarball (gzip)

Source Tarball (xz)

Source Zip

Windows installer (NSIS)

NOTE: the GPG key used to sign the release files has been changed since OpenVPN 2.4.0. Instructions for verifying the signatures, as well as the new GPG public key are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

You can use EasyRSA 2 or EasyRSA 3 for generating your own certificate authority. The former is bundled with Windows installers. The latter is a more modern alternative for UNIX-like operating systems.

The Windows installers are bundled with OpenVPN-GUI – its source code is available on its project page and as tarballs on our alternative download server.