OpenVPN Logo

OpenVPN Community Downloads

OpenVPN downloads

OpenVPN 2.3.4 - released on 2014.05.02

The most important change in this release is that TLS version negotiation is no longer used unless it's explicitly turned on in the configuration files, thus reverting back to the 2.3.2 behaviour as interoperability issues were encountered in 2.3.3. Other notable changes include addition of SSL library version reporting, fixing of SOCKSv5 authentication logic and making serial env exporting consistent between OpenSSL and PolarSSL. This release also contains a number of other bug fixes and small enhancements.

The Windows installer I001 had additional code to prevent problems during install and uninstall if installer bitness is wrong or if the OpenVPN-GUI or an OpenVPN process is running. The Windows I001 installers also bundled OpenSSL 1.0.1g, which means that they are immune to the heartbleed vulnerability (OpenVPN-specifics). WIndows I002 installers bundle OpenSSL 1.0.1h, which fixes several vulnerabilities, including a MITM vulnerability that affects OpenVPN. Windows installers I003 and I603 bundle OpenSSL 1.0.1i, which fixes several vulnerabilities.

Source Tarball (gzip) openvpn-2.3.4.tar.gz GnuPG Signature
Source Tarball (xz) openvpn-2.3.4.tar.xz GnuPG Signature
Source Zip openvpn-2.3.4.zip GnuPG Signature
Installer (32-bit), Windows XP and later openvpn-install-2.3.4-I003-i686.exe GnuPG Signature
Installer (32-bit), Windows XP and later openvpn-install-2.3.4-I003-x86_64.exe GnuPG Signature
Installer (32-bit), Windows XP and later openvpn-install-2.3.4-I603-i686.exe GnuPG Signature
Installer (32-bit), Windows XP and later openvpn-install-2.3.4-I603-x86_64.exe GnuPG Signature

Note that OpenVPN Windows installers with build numbers of I6xx are bundled with tap-windows6 (NDIS 6) driver. Builds with I0xx come with older tap-windows (NDIS 5) driver.

Older OpenVPN releases not explicitly listed above can be downloaded directly from the main fileserver or the alternative fileserver. Note, however, that the Windows installers for these old releases may contain OpenSSL versions that have the heartbleed vulnerability or other serious security issues. You should not use any of these old OpenVPN Windows installers, unless you are absolutely sure it's safe in your use case. If you depend on an old OpenVPN version make sure you build the Windows binaries yourself and link them to an up-to-date OpenSSL version. You may also be able to replace the OpenSSL libraries bundled with OpenVPN with upgraded OpenSSL libraries built by the OpenSSL project.

Tap-windows downloads

OpenVPN uses TAP-windows to provide virtual tap device functionality on Windows. Normally you don't need to install TAP-windows separately, as OpenVPN installers include it. Most other operating systems have virtual tap device functionality built into their kernels. There are two flavors of the tap-windows driver:

Driver Driver interface Works on Version number OpenVPN build numbers
tap-windows NDIS 5 Windows XP and above 9.9.x I0xx
tap-windows6 NDIS 6 Windows Vista and above 9.21.x I6xx

Note that the NDIS 5 is being phased out by Microsoft and tap-windows (NDIS 5) will not work in future Windows versions. Thus tap-windows6 (NDIS 6) is a better choice for most people. Here are download links for the old tap-windows (NDIS 5) driver:

Source Zip tap-windows-9.9.2_3.zip GnuPG Signature
Windows installer, Windows XP and later tap-windows-9.9.2_3.exe GnuPG Signature

Separate installers for tap-windows6 (NDIS 6) are not yet available.

OpenVPN packages and ports

OpenVPN is available in repositories of most open source operating systems such as Debian, Ubuntu, Fedora, FreeBSD and Maemo. Some of them may have several versions available, e.g. one for latest beta branch, one for latest development code and one for stable releases. Using these OS-provider versions is usually easiest. However the OpenVPN project also packages latest OpenVPN releases for some open source operating systems. Take a look here to see if these packages are available for your OS.

Notes

OpenSSL vulnerabilities

Users of OpenVPN Windows installers are strongly encouraged to always use the latest OpenVPN version. This is because of the numerous OpenSSL security vulnerabilities found since the heartbleed vulnerability was discovered.

Getting help

If you find a bug in OpenVPN or tap-windows, please file a bug report to our bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at the official documentation in the Trac Wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Signatures

Instructions for verifying the signatures are available on the signatures page. We also provide static URLs pointing to latest releases to ease automation.

Static download links

OpenVPN releases are also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64.

Easy-rsa

Note that easy-rsa is no longer bundled with OpenVPN source code archives. To get it, visit the easy-rsa page on GitHub, or download it from our Linux software repositories.

Openvpn-build

Official Windows binary packages are cross-compiled on Linux using mingw_w64 and the openvpn-build buildsystem. Use of openvpn-build is documented to the Trac wiki.