OpenVPN Community Downloads
OpenVPN 2.3.4 - released on 2014.05.02
The most important change in this release is that TLS version negotiation is no longer used unless it's explicitly turned on in the configuration files, thus reverting back to the 2.3.2 behaviour as interoperability issues were encountered in 2.3.3. Other notable changes include addition of SSL library version reporting, fixing of SOCKSv5 authentication logic and making serial env exporting consistent between OpenSSL and PolarSSL. This release also contains a number of other bug fixes and small enhancements.
The Windows installer I001 had additional code to prevent problems during install and uninstall if installer bitness is wrong or if the OpenVPN-GUI or an OpenVPN process is running. The Windows I001 installers also bundled OpenSSL 1.0.1g, which means that they are immune to the heartbleed vulnerability (OpenVPN-specifics). WIndows I002 installers bundle OpenSSL 1.0.1h, which fixes several vulnerabilities, including a MITM vulnerability that affects OpenVPN. Windows installers I003 and I603 bundle OpenSSL 1.0.1i, which fixes several vulnerabilities.
|Source Tarball (gzip)||openvpn-2.3.4.tar.gz||GnuPG Signature|
|Source Tarball (xz)||openvpn-2.3.4.tar.xz||GnuPG Signature|
|Source Zip||openvpn-2.3.4.zip||GnuPG Signature|
|Installer (32-bit), Windows XP and later||openvpn-install-2.3.4-I003-i686.exe||GnuPG Signature|
|Installer (32-bit), Windows XP and later||openvpn-install-2.3.4-I003-x86_64.exe||GnuPG Signature|
|Installer (32-bit), Windows XP and later||openvpn-install-2.3.4-I603-i686.exe||GnuPG Signature|
|Installer (32-bit), Windows XP and later||openvpn-install-2.3.4-I603-x86_64.exe||GnuPG Signature|
Note that OpenVPN Windows installers with build numbers of I6xx are bundled with tap-windows6 (NDIS 6) driver. Builds with I0xx come with older tap-windows (NDIS 5) driver.
Older OpenVPN releases not explicitly listed above can be downloaded directly from the main fileserver or the alternative fileserver. Note, however, that the Windows installers for these old releases may contain OpenSSL versions that have the heartbleed vulnerability or other serious security issues. You should not use any of these old OpenVPN Windows installers, unless you are absolutely sure it's safe in your use case. If you depend on an old OpenVPN version make sure you build the Windows binaries yourself and link them to an up-to-date OpenSSL version. You may also be able to replace the OpenSSL libraries bundled with OpenVPN with upgraded OpenSSL libraries built by the OpenSSL project.
OpenVPN uses TAP-windows to provide virtual tap device functionality on Windows. Normally you don't need to install TAP-windows separately, as OpenVPN installers include it. Most other operating systems have virtual tap device functionality built into their kernels. There are two flavors of the tap-windows driver:
|Driver||Driver interface||Works on||Version number||OpenVPN build numbers|
|tap-windows||NDIS 5||Windows XP and above||9.9.x||I0xx|
|tap-windows6||NDIS 6||Windows Vista and above||9.21.x||I6xx|
Note that the NDIS 5 is being phased out by Microsoft and tap-windows (NDIS 5) will not work in future Windows versions. Thus tap-windows6 (NDIS 6) is a better choice for most people. Here are download links for the old tap-windows (NDIS 5) driver:
|Source Zip||tap-windows-9.9.2_3.zip||GnuPG Signature|
|Windows installer, Windows XP and later||tap-windows-9.9.2_3.exe||GnuPG Signature|
Separate installers for tap-windows6 (NDIS 6) are not yet available.
OpenVPN packages and ports
OpenVPN is available in repositories of most open source operating systems such as Debian, Ubuntu, Fedora, FreeBSD and Maemo. Some of them may have several versions available, e.g. one for latest beta branch, one for latest development code and one for stable releases. Using these OS-provider versions is usually easiest. However the OpenVPN project also packages latest OpenVPN releases for some open source operating systems. Take a look here to see if these packages are available for your OS.
Users of OpenVPN Windows installers are strongly encouraged to always use the latest OpenVPN version. This is because of the numerous OpenSSL security vulnerabilities found since the heartbleed vulnerability was discovered.
If you find a bug in OpenVPN or tap-windows, please file a bug report to our bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at the official documentation in the Trac Wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).
Static download links
OpenVPN releases are also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64.