matomo

OpenVPN is an award-winning open source VPN protocol

Started in 2001, OpenVPN is a proven, secure and stable VPN protocol.

OVPN has been using OpenVPN since 2014 on all our servers and it's the VPN protocol that our custom desktop client uses.

Encryption & security

OpenVPN uses a custom security protocol and SSL/TLS for key exchange. OpenSSL is used for encryption, which means a wide range of various cryptographic algorithms can be used. OVPN uses AES-based algorithms, with AES-256-GCM being the default algorithm.

There are no known major vulnerabilities and OpenVPN is considered secure. OpenVPN supports Perfect Forward Secrecy.

Perfect forward secrecy means that the encryption key used to encrypt and decrypt data is changed automatically and regularly. If the encryption key is compromised, it exposes only a small portion of the user's sensitive data.

OVPN rotates encryption keys automatically every 45-75 minutes, ensuring consistent and constant security.

Speed

The speed & latency depends on which encryption algorithm is used. As mentioned, OVPN uses AES-256-GCM by default which is a secure algorithm. Our VPN servers have the processing power to encrypt up to 2000 Mbit/s using it.

OpenVPN is a single core process which means that encryption can't be offloaded by using multiple cores. Reaching speeds over 100 Mbit/s can potentially be difficult depending on the processor used in devices — specifically routers and older computers.

Modern computers should be able to reach speeds of 100 Mbit/s. OpenVPN combined with our premium networking partners allows OVPN to provide our customers with fast speeds and low latencies.

Stability

OpenVPN is very stable and supports a variety of different operating systems. OpenVPN works both over UDP and TCP, while we mainly recommend using UDP.

TCP can be suitable when on an unreliable connection, or on a network that censors content. TCP will lead to reduced throughput due to the inefficiency of encapsulating TCP within TCP.

User experience

OpenVPN works well on Windows, macOS, Linux, iOS, Android and a bunch of other operating systems. It is, however, not included in any operating system releases and therefore requires manual installation.

Installation only takes a few minutes. The default software has improved over the years and is quite user friendly. OVPN has released a custom desktop client that makes OpenVPN super easy to use, together with several other security enhancements.

Active development

OpenVPN is still under active development and some very exciting changes are around the corner in their next major release. One of the biggest improvements will be the possibility to use ChaCha20-Poly1305 as a stream cipher, which should improve the bandwidth speeds signficantly for users.