Community Downloads

OpenVPN 2.3.4 -- released on 2014.05.02 (Change Log)

The most important change in this release is that TLS version negotiation is no longer used unless it's explicitly turned on in the configuration files, thus reverting back to the 2.3.2 behaviour as interoperability issues were encountered in 2.3.3. Other notable changes include addition of SSL library version reporting, fixing of SOCKSv5 authentication logic and making serial env exporting consistent between OpenSSL and PolarSSL. This release also contains a number of other bug fixes and small enhancements.

The Windows installer I001 had additional code to prevent problems during install and uninstall if installer bitness is wrong or if the OpenVPN-GUI or an OpenVPN process is running. The Windows I001 installers also bundled OpenSSL 1.0.1g, which means that they are immune to the heartbleed vulnerability (OpenVPN-specifics here). WIndows I002 installers bundle OpenSSL 1.0.1h, which fixes several vulnerabilities, including a MITM vulnerability that affects OpenVPN. Windows installers I003 and I603 bundle OpenSSL 1.0.1i, which fixes several vulnerabilities. The I603 installers and above are bundled with a modern, NDIS 6-compatible tap-windows driver which only works on Windows Vista and above. Windows installers I005 and I605 bundle OpenSSL 1.0.1j which fixes several vulnerabilities two of which potentially affect OpenVPN.

All Windows users of OpenVPN 2.3.4 should upgrade to the latest release immediately.

If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).

Source Tarball (gzip)
openvpn-2.3.4.tar.gz GnuPG Signature
Source Tarball (xz)
openvpn-2.3.4.tar.xz GnuPG Signature
Source Zip openvpn-2.3.4.zip GnuPG Signature
Installer (32-bit), Windows XP and later
openvpn-install-2.3.4-I005-i686.exe GnuPG Signature
Installer (64-bit), Windows XP and later
openvpn-install-2.3.4-I005-x86_64.exe

GnuPG Signature

Installer (32-bit), Windows Vista and later
openvpn-install-2.3.4-I605-i686.exe GnuPG Signature
Installer (64-bit), Windows Vista and later
openvpn-install-2.3.4-I605-x86_64.exe

GnuPG Signature


Instructions for verifying the signatures are available here.

We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.

This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.

Note that easy-rsa is no longer bundled with OpenVPN source code archives. To get it, visit the easy-rsa page on GitHub, or download it from our Linux software repositories.


OpenVPN 2.3.2 -- released on 2013.06.03 (Change Log)

This is an old point release and you should in general use OpenVPN 2.3.4 instead. However, as OpenVPN 2.3.4 contains a few potentially disruptive changes you may want to use this older release instead. Windows I004 installers included a fix for the very serious heartbleed vulnerability (OpenVPN-specifics here). Windows I005 installers bundle OpenSSL 1.0.0h, which fixes severe security issues. Windows installer I006 bundles OpenSSL 1.0.1i, which fixes several vulnerabilities.

All Windows users of OpenVPN 2.3.2 should upgrade to latest 2.3.2 or 2.3.4 release immediately.

Source Tarball openvpn-2.3.2.tar.gz GnuPG Signature
Source Zip openvpn-2.3.2.zip GnuPG Signature
Windows Installer (32-bit)
openvpn-install-2.3.2-I006-i686.exe GnuPG Signature
Windows Installer (64-bit) openvpn-install-2.3.2-I006-x86_64.exe GnuPG Signature

Instructions for verifying the signatures are available here.


OpenVPN -- Older Releases

Older OpenVPN releases not explicitly listed above can be downloaded from here (alternate link).

WARNING: The Windows installers for these old releases may contain OpenSSL versions that have the heartbleed vulnerability or other serious security issues. You should not use any of these old OpenVPN Windows installers, unless you are absolutely sure it's safe in your use case. If you depend on an old OpenVPN version make sure you build the Windows binaries yourself and link them to an up-to-date OpenSSL version.


OpenVPN -- Packages and ports

OpenVPN is available in repositories of most open source operating systems such as Debian, Ubuntu, Fedora, FreeBSD and Maemo. Some of them may have several versions available, e.g. one for latest beta branch, one for latest development code and one for stable releases. Using these OS-provider versions is usually easiest. However the OpenVPN project also packages latest OpenVPN releases for some open source operating systems. Take a look here to see if these packages are available for your OS.


Tap-windows

OpenVPN uses TAP-windows to provide virtual tap device functionality on Windows. Normally you don't need to install TAP-windows separately, as OpenVPN installers include it.

Source Zip tap-windows-9.9.2_3.zip GnuPG Signature
Windows Installer tap-windows-9.9.2_3.exe GnuPG Signature

Most other operating systems have virtual tap device functionality in their kernels.


Easy-rsa

Starting with openvpn-2.3_alpha2 easy-rsa is no longer part of the OpenVPN source or binary packages. It can be downloaded separately from it's GitHub project page.


Openvpn-build

Official Windows binary packages are cross-compiled on Linux using mingw_w64 and the openvpn-build buildsystem. For details, look at the Wiki documentation.


LZO RPM Packages

The OpenVPN RPM package requires the LZO library for real-time link compression. (sources: Dag Wieers and SuSE distribution).