can I fix a DNS leak
The solution is to ensure that once connected to the VPN,
you are using ONLY the DNS server/s provided by the VPN service.
OpenVPN v2. 3. 9+
As of OpenVPN version 2. 9 you can now prevent DNS leaks by specifying a new OpenVPN option. Simply open the
(or) file for the server that you are connecting to
and add the following on a new line. For more information see the OpenVPN manual.
block-outside-dnsIf for any reason you are unable to use the solution above continue reading.
If you are using a version of OpenVPN older than v2. 9
Please note that as this problem normally only affects windows clients, only solutions for Windows appear
3 basic steps to fix the problem;
Before connecting to the VPN, set static IP address properties if you are using DHCP
After connecting, remove DNS settings for the primary interface
After disconnecting, switch back to DHCP if neccessary or reapply original static DNS servers
Solution A – Automatic
If you are using OpenVPN on Windows XP/Vista/7 then a fully automated solution is available.
Download – (md5 checksum:
After installation, when you connect to a VPN server, a batch file will be run executing the 3 steps
Three scripts are generated for each OpenVPN configuration file;
– executed when you initiate the connection but before the
connection is established – Calls – If any active DHCP adapters exist, switch to static
– executed when the connection is established – Calls –
Clear the DNS servers for all active adapter except the TAP32 adapter
– executed after the connection is disconnected – Calls
– Reconfigure adapters back to their original configuration
Solution B – Manually clearing the DNS
The solution below does not switch the adapter to static if you are using DHCP. If you do not
switch to a static IP configuration and your computer renews its IP address whilst connected to
the VPN, the DNS settings may be overwritten. It is highly recommended to switch to a static
Open the command prompt () as an administrator.
Before connecting identify the name of the connected network interface. In the case below it is
“Local Area Connection”
netsh interface show interface
Connect to the VPN. Once connected proceed to the next step.
Flush the DNS resolver cache
Disable the DNS configuration for the Interface identified in step 1
netsh interface IPv4 set dnsserver “Local Area Connection” static 0. 0. 0 both
Test for DNS leaks.
After disconnecting, reconfigure the adapter to renew the previous DNS settings
netsh interface IPv4 set dnsserver “Local Area Connection” dhcp
Once again, flush the DNS resolver cache.
VPN test: Check if your VPN is working | NordVPN
ContentsThe most common VPN leaksHow to do a VPN test check for IP and/or DNS leaksHow do I stop a DNS leak in a VPN? How to check for WebRTC leaksWhat to do if your WebRTC is leakingWhy is my VPN connected but not working? How to fix your VPN connectionThe most common VPN leaksThere are many reasons why your VPN software might not be providing 100% security and exposing your private information. Here are the most common ways that your VPN could be leaking:IP leakYour IP address says a lot about you, like your location or the websites you visit. A VPN protects you from snoopers trying to access this information, so if your original IP leaks it defeats the purpose of using a VPN. This usually happens due to two internet protocols, IPv4 and IPv6 and their leakSometimes your IP might stay hidden while your DNS address secretly reveals your location. The DNS server changes plain text URLs into numerical IP addresses. If you’re not using a VPN, this process is handled by your ISP and their servers, which can see who visited what websites. If your DNS leaks, then anyone snooping on your traffic will be able to access this information too. It could even lead to a DNS hijacking leakWeb Real-Time Communication (WebRTC) is built into most popular browsers (i. e., Firefox, Opera, Chrome, and Brave). It enables real-time communications such as voice and video chat, but it also presents another vulnerability for VPN websites can take advantage of WebRTC by inserting a few lines of code to see past your VPN and discover your original IP. This is very useful for websites that provide or block content based on your geo-location. It’s possible to prevent these leaks, but first, you have to identify them. You can do so by running some basic VPN tests that anyone can to do a VPN test: check for IP or DNS leaksTo check if your VPN is working, you’ll need to know your IP address; you can find it need to find out your original IP address given by your ISP. If you are currently using a VPN, turn it off and head to this page. Make a note of your real IP on your VPN and go back to the test website. It should now show a different IP address and the country you connected your VPN to. If the results show your original IP address, then, unfortunately, your VPN is leaking. Sometimes IPLeak tests fail to detect DNS leaks, which can also reveal your identity. So it’s advisable to check it on your VPN is on, DNSLeakTest should show the location you’ve chosen and your new Extended Test to dig even deeper. This test might take a few minutes. If the results now show your new IP address and your chosen country, you are safe. Your VPN isn’t leaking. If it’s the opposite, you have a VPN leak. NordVPN prevents DNS leaks by sending all your DNS queries through a secure VPN tunnel to keep them private at all times. When you’re connected to NordVPN, your device will only use DNS servers operated by us. Online security starts with a NordVPN, you won’t have to worry about DNS or IP do I stop a DNS leak in a VPN? The easiest way is to change your VPN provider to one that has dedicated DNS servers or offers DNS leak protection, like NordVPN. Or you could manually turn IPv6 off on your device. However, this might require some technical know-how. How to check for WebRTC leaksIf you haven’t already, find out your original IP address on the IPLeak website. Make a note of nnect to your VPN and refresh the webpage (or go to its alternative dedicated to WebRTC Testing). It should now show your new IP address and new location based on the country you’ve ‘Your IP addresses – WebRTC detection’ you should see a private IP that should be different from your original public IP address. Note that the website showing your private IP (usually begins with or or sometimes an alpha-numeric IPv6) doesn’t mean that your WebRTC is leaking. What to do if your WebRTC is leakingThis time, changing your VPN or tinkering with your settings won’t help. However, you can:Use a browser that doesn’t have WebRTC. You can find the full list of browsers that exclude it on Wikipedia. Disable WebRTC by following these stall browser extensions:Chrome: Install WebRTC Network is my VPN connected but not working? If you’ve performed all of these VPN tests and there’s still an issue, there may be other reasons why it might seem that your VPN isn’t working:Your browsing speed has dropped. This might happen for several reasons. For example, you’ve chosen a server which is on the other side of the world, the server is overloaded, or your ISP is throttling bandwidth. However, you can check your VPN speed and increase it with a few simple ISP or your country is blocking VPN usage. In some countries, especially with online censorship, VPN usage can be blocked or considered illegal. In China, for example, only government-approved VPNs are legal. Your VPN connection has dropped. Most VPNs offer an automatic kill switch (including NordVPN), which means that if your VPN connection drops, it will terminate your internet connection ( application-level kill switches will only terminate individual programs). The kill switch makes sure that you don’t access the internet outside of the encrypted VPN tunnel and that your personal information isn’t exposed if the connection your VPN connection dropped and activated your system-level kill switch, you will not be able to access the internet until you connect back to a VPN malware. Technology experts would never recommend using a free VPN. Not only do most contain annoying ads, some actually contain malware. If you are using a free VPN, you might already be exposing more personal information than you wanted to. You’ve been hacked. You might think that your VPN isn’t working because someone has broken into it. In reality, it’s pretty difficult to do so. It’s more likely that you’ve visited a malicious website or fell for a phishing attack and someone has taken control of your device. Unfortunately, if someone hacks you, a VPN can’t do much to protect you. Check the video below for a brief overview of the to fix your VPN connectionSometimes your VPN connection might drop for no discernable reason, or your VPN speed might be slow. Here’s a few tips for solving your VPN issues:Reset your VPN app. This is probably the most obvious advice, but resetting your VPN can do miracles. Switch off the app, using the Force Stop function on your phone if necessary, and a VPN protocol. If you’re experiencing connectivity issues, try changing from UDP to TCP protocol in your VPN between servers. A slow VPN connection might suggest that something’s wrong with the server you’ve connected to. Change to another server and see if your VPN works your internet connection. Unstable Wi-Fi might also be the reason that your VPN service is not working. You can try to connect your device directly to a router to get more speed or contact your internet service your VPN software. This can not only help you to fix VPN issues, but also provides you with the latest security and privacy features. We recommend that you always update your software whenever your firewall settings. Your firewall might be blocking your VPN traffic, preventing you from connecting to the server. Try disabling your firewall temporarily to see if this is the to technical support. If you’re still struggling to understand what’s wrong with your VPN, contact NordVPN technical support, available 24/7, and they will help you to solve any otect yourself from IP and DNS safe with the world’s leading VPN
Emily Green is a content writer who loves to investigate the latest internet privacy and security news. She thrives on looking for solutions to problems and sharing her knowledge with NordVPN readers and customers.
Standard vs Extended test
In early 2014 the site was upgraded in order to more comprehensively search for DNS leaks and as a result two separate tests were created.
The DNS leak test works by sending your client a series of domain names to resolve within a specific test domain. Each request is sent from your client to your configured DNS server. Even if you have configured a single DNS server, there may be many other servers that the request is passed on to in order to be resolved (normally to load balance the requests). For example if you configure Google DNS then you will often find 6-10 Google DNS servers which are fullfilling the DNS requests. The Standard test performs 1 round of 6 queries for a total of 6 queries. This should be more than sufficient to discover if you have a DNS leak. The original test prior to the 2014 upgrade did 3 queries. The advantage of this test is that it is fast. Use this test to quickly check for dns leaks when you connect to your VPN service.
The Extended test performs 6 rounds of 6 queries for a total of 36 queries. This high number ensures that all DNS servers are discovered. However for the purposes of discovering if you have a DNS leak this is not normally neccessary and can take 10-30 seconds longer to complete. If you have strong anonymity/privacy requirements you can choose the extended test just to be certain.
Frequently Asked Questions about dnsleak com
How do I fix a DNS leak?
3 basic steps to fix the problem;Before connecting to the VPN, set static IP address properties if you are using DHCP.After connecting, remove DNS settings for the primary interface.After disconnecting, switch back to DHCP if neccessary or reapply original static DNS servers.
Does my VPN leak?
The most common VPN leaks Your IP address says a lot about you, like your location or the websites you visit. A VPN protects you from snoopers trying to access this information, so if your original IP leaks it defeats the purpose of using a VPN.Apr 15, 2019
What is DNS leak test?
The DNS leak test works by sending your client a series of domain names to resolve within a specific test domain. Each request is sent from your client to your configured DNS server. … Use this test to quickly check for dns leaks when you connect to your VPN service.