wiki:Downloads

OpenVPN 2.6.0 -- Released 25 January 2023

The OpenVPN community project team is proud to release OpenVPN 2.6.0. This is a release with some major new features.

For details see Changes.rst

Changes since RC2:

Windows MSI changes since RC2:

  • Included openvpn-gui updated to 11.37.0.0. See CHANGES.rst.
  • DCO driver is now included as a installer module (msm) so that other products (like OpenVPN Connect) can share the DCO installation.

Note: Windows MSI was updated to I003 on January 26th. Changes in I003:

  • Fix installation on Windows 7
  • Fix broken tray icon menu with single profile (regression in openvpn-gui 11.36.0)

New features and improvements in 2.6.0 compared to 2.5.8:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support, which is now the default on Windows.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Updated easy-rsa3 bundled with the installer on Windows.

On Windows DCO will be used by default for client connections unless the configuration contains settings that are not DCO compatible, such as compression. DCO support on Linux requires an additional kernel module to be installed, this is available from our software repositories for Linux, and is also available for OpenVPN3 Linux client.

Windows 64-bit MSI installerGnuPG SignatureOpenVPN-2.6.0-I003-amd64.msi
Windows ARM64 MSI installerGnuPG SignatureOpenVPN-2.6.0-I003-arm64.msi
Windows 32-bit MSI installerGnuPG SignatureOpenVPN-2.6.0-I003-x86.msi
Source archive fileGnuPG Signatureopenvpn-2.6.0.tar.gz

OpenVPN 2.6_rc2 -- Released 12 January 2023

The OpenVPN community project team is proud to release OpenVPN 2.6_rc2. This is a release with some major new features and currently in beta (you can also download the stable release should you require it).

For details see Changes.rst

Changes since RC1:

  • add rate limiter for incoming "initial handshake packets", enabled by default with a limit of 100 packets per 10 seconds. This change makes OpenVPN servers uninteresting as an UDP reflection DDoS engine.
  • report CONNECTED,ROUTE_ERROR to management GUI if connection to server succeeds but not all routes can be installed (Windows and Linux/Netlink only, so far)
  • Various bugfixes, see Changes.rst

Windows MSI changes since RC1:

  • Included openvpn-gui updated to 11.35.0.0. See CHANGES.rst.
    • New feature: Support the CONNECTED,ROUTE_ERROR management message (see above)
  • Fix some issues related to upgrading:
    • "Run on logon" option not preserved when updating from 2.5 to 2.6
    • Fix check for running service when upgrading from old NSIS installations

Debian packages changes since RC1:

  • Packages for Debian bookworm are now available.

New features and improvements in 2.6.0 compared to 2.5.8:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support, which is now the default on Windows.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Updated easy-rsa3 bundled with the installer on Windows.

On Windows DCO will be used by default for client connections unless the configuration contains settings that are not DCO compatible, such as compression. DCO support on Linux requires an additional kernel module to be installed, this is available from our software repositories for Linux, and is also available for OpenVPN3 Linux client.

Windows 64-bit MSI installerGnuPG SignatureOpenVPN-2.6_rc2-I002-amd64.msi
Windows ARM64 MSI installerGnuPG SignatureOpenVPN-2.6_rc2-I002-arm64.msi
Windows 32-bit MSI installerGnuPG SignatureOpenVPN-2.6_rc2-I002-x86.msi
Source archive fileGnuPG Signatureopenvpn-2.6_rc2.tar.gz

OpenVPN 2.6_rc1 -- Released 28 December 2022

The OpenVPN community project team is proud to release OpenVPN 2.6_rc1. This is a release with some major new features and currently in beta (you can also download the stable release should you require it).

For details see Changes.rst

Changes since Beta 2:

  • Officially deprecate NTLMv1 proxy auth method in 2.6. Will be removed in 2.7.
  • Support unlimited number of connection entries and remote entries.
  • New management commands to enumerate and list remote entries.
  • Various bugfixes, see Changes.rst

Windows MSI changes since Beta 2:

  • Included openvpn-gui updated to 11.34.0.0. See CHANGES.rst.
    • New feature: Connections active on exit/logout are now automatically restarted in the next session of the GUI
  • Windows installers are now built with Visual Studio 17 2022 (previously built with VS 16 2019)

New features and improvements in 2.6.0 compared to 2.5.8:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support, which is now the default on Windows.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Updated easy-rsa3 bundled with the installer on Windows.

On Windows DCO will be used by default for client connections unless the configuration contains settings that are not DCO compatible, such as compression. DCO support on Linux requires an additional kernel module to be installed, this is available from our software repositories for Linux, and is also available for OpenVPN3 Linux client.

Windows 64-bit MSI installerGnuPG SignatureOpenVPN-2.6_rc1-I001-amd64.msi
Windows ARM64 MSI installerGnuPG SignatureOpenVPN-2.6_rc1-I001-arm64.msi
Windows 32-bit MSI installerGnuPG SignatureOpenVPN-2.6_rc1-I001-x86.msi
Source archive fileGnuPG Signatureopenvpn-2.6_rc1.tar.gz

OpenVPN 2.6_beta2 -- Released 15 December 2022

The OpenVPN community project team is proud to release OpenVPN 2.6_beta2. This is a release with some major new features and currently in beta (you can also download the stable release should you require it).

For details see Changes.rst

Changes since Beta 1:

  • Transport statistics (bytes in/out) for DCO environments. Currently only for Windows clients and FreeBSD servers. Other platforms will be fixed in next release.
  • Various bugfixes, see Changes.rst

Windows MSI changes since Beta 1:

  • Included openvpn-gui updated to 11.33.0.0. See CHANGES.rst.
  • Update included pkcs11-helper so it can load pkcs11 providers from outside of its own install directory.
  • Add legacy provider for included OpenSSL so that the workarounds documented for old ciphers work on Windows.

New features and improvements in 2.6.0 compared to 2.5.8:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support, which is now the default on Windows.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Updated easy-rsa3 bundled with the installer on Windows.

On Windows DCO will be used by default for client connections unless the configuration contains settings that are not DCO compatible, such as compression. DCO support on Linux requires an additional kernel module to be installed, this is available from our software repositories for Linux, and is also available for OpenVPN3 Linux client.

Windows 64-bit MSI installerGnuPG SignatureOpenVPN-2.6_beta2-I001-amd64.msi
Windows ARM64 MSI installerGnuPG SignatureOpenVPN-2.6_beta2-I001-arm64.msi
Windows 32-bit MSI installerGnuPG SignatureOpenVPN-2.6_beta2-I001-x86.msi
Source archive fileGnuPG Signatureopenvpn-2.6_beta2.tar.gz

OpenVPN 2.6_beta1 -- Released 2 December 2022

The OpenVPN community project team is proud to release OpenVPN 2.6_beta1. This is a release with some major new features and currently in beta (you may find stable release should you require it).

For details see Changes.rst

There were a number of new features and improvements:

  • Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
  • OpenSSL 3 support, which is now the default on Windows.
  • Improved handling of tunnel MTU, including support for pushable MTU.
  • Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
  • Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
  • Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
  • Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
  • Improved protocol negotiation, leading to faster connection setup.
  • Updated easy-rsa3 bundled with the installer on Windows.

On Windows DCO will be used by default for client connections unless the configuration contains settings that are not DCO compatible, such as compression. DCO support on Linux requires an additional kernel module to be installed, this is available from our software repositories for Linux, and is also available for OpenVPN3 Linux client.

Windows 64-bit MSI installerGnuPG SignatureOpenVPN-2.6_beta1-I001-amd64.msi
Windows ARM64 MSI installerGnuPG SignatureOpenVPN-2.6_beta1-I001-arm64.msi
Windows 32-bit MSI installerGnuPG SignatureOpenVPN-2.6_beta1-I001-x86.msi
Source archive fileGnuPG Signatureopenvpn-2.6_beta1.tar.gz
Last modified 25 hours ago Last modified on 01/26/23 17:26:08