The all new IVPN Client v2.0 for Windows

Releases By Fedir Nepyivoda | Posted on January 27, 2015

After much hard work we are proud to present our new IVPN Client for Windows. Behind the completely reworked user interface and improved stability we are thrilled to introduce the IVPN Firewall. When enabled it completely protects your data from leaking outside of the secure VPN tunnel, no matter what.

Please note that this release is for Windows only, we are already working on a similar update for the Mac OSX IVPN client that should be available in the next few months.


IVPN Firewall — Complete leak protection implemented properly

Once enabled the IVPN Firewall integrates deep into the OS using Microsoft’s own WFP API (Windows Filtering Platform API) and filters all network packets. The Firewall is independent of the IVPN client so even if a component of the IVPN Client crashes filtering will continue uninterrupted.

The IVPN Firewall can be configured to switch on automatically during VPN connection or you can enable it manually when you need it. You can even configure the ‘always-on’ IVPN Firewall to protect the system all the time even before Windows is booted. This will ensure that no traffic will bypass the VPN tunnel even during the boot up phase.

To get a better idea how data is protected by the IVPN Firewall let’s review the weak points of any VPN software.

Network configuration and routing table changes

VPN security relies heavily on the integrity of a systems network configuration, most importantly the routing table. This presents a significant risk if the network configuration and/or routing table is changed inadvertently. This may lead to some or all traffic bypassing the VPN tunnel silently and a complete loss of privacy and anonymity.

A few examples of events that could cause the network to be reconfigured suddenly and without notice:

The IVPN Firewall completely eliminates these threats by only allowing traffic through the VPN tunnel.

Boot time protection

Native and third-party Windows services can use your internet connection even before the system is fully booted. Any application installed on your system has the opportunity to connect to a server on the Internet and to exchange data long before you are able to connect to a VPN. However the IVPN Firewall can be configured to protect your system all the time, ensuring that no traffic will leak outside the VPN tunnel even when the IVPN Client, its service, or even Windows is not fully booted. Such traffic will just be filtered out until everything finishes loading and the connection with the VPN is established.


As IPv6 becomes more popular, more and more ISP’s and Wi-Fi hotspots around the world allocate an IPv6 subnetwork for their clients along with an IPv4 address.

According to the Google IPv6 adoption statistics 14.5% of all US traffic is IPv6. Some countries such as Belgium have an adoption rate exceeding 30%.

Its important to understand that when IPv6 is enabled on the network you are connected to it will take precedence over IPv4 for all of connections to hosts with IPv6 support.

This IPv6 traffic will most likely silently bypass your VPN tunnel.

As a result if you have no control over the configuration of the router you are connected to (e.g. a public Wi-Fi hotspot), or when the default configuration of your router is set to announce any IPv6 network your ISP has allocated to you and you haven’t disabled IPv6 in your Windows OS (which is enabled by default), you may find that you have IPv6 support which is a major potential threat to your privacy.

When the IVPN Firewall is enabled its impossible for any IPv6 traffic to leak outside of the VPN tunnel, giving you absolute peace of mind.

Software stability and crashes

All software has bugs and may crash for a variety of reasons. For example, out of memory errors will crash practically any foreground application.

Software designed for security must fail safe in the event of a crash, fully maintaining the security of the host system.

The IVPN Firewall ensures that if the VPN client, any part of the tunnel or Windows OS crashes, no traffic will leave the computer until IVPN Firewall is disabled manually or a new VPN tunnel is established.

A few screenshots of the new UI

IVPN Client connected to the VPN with IVPN Firewall enabled.

Selecting a server for a VPN connection.

IVPN Firewall configuration

Try IVPN today by signing up for one of our subscription plans. We offer a full 7 day unconditional money back guarantee if you are not satisfied.

To download the IVPN Client 2.0 for all versions of Windows please visit the setup page.

We invite you to discuss this post in our Reddit community or on Twitter. You can also send your feedback to




Great job guys, really nice program, but small problem relating to the old DNS issue like /knowledgebase/troubleshooting/my-vpn-is-connected-but-i-cannot-browse-the-internet-why/

I used to have to tick box to stop IVPN from setting dns and input opendns but now I have not an option for this, so I can connect but not use IVPN, unless I re-enter dns everytime.

Thanks for the good work.



Nice move, IVPN team! I’ve set it on always-on. Works flawlessly.



Hurry it up on the Mac version will ya? XP Can we get an ETA on it please??

Independent security audit concluded

By Nick Pestell


IVPN applications are now open source

By Viktor Vecsei


Beta IVPN Linux app released

By Viktor Vecsei

DNS over HTTPS (DoH) support on macOS, Linux and Windows Releases

DNS over HTTPS (DoH) support on macOS, Linux and Windows

Posted on April 5, 2022 by IVPN Staff

IVPN offers custom DNS servers which, when accessed through the VPN ensure that your DNS queries are encrypted between your device and our DNS server. This is a necessity, as DNS queries are not encrypted by the DNS protocol and can be easily read by an adversary observing your traffic (even when using HTTPS for your web traffic).
WireGuard Port Forwarding enabled Releases

WireGuard Port Forwarding enabled

Posted on February 16, 2022 by Viktor Vecsei

After the recent addition of Multi-Hop for WireGuard, we are now introducing port forwarding support for Wireguard. Port forwarding allows incoming connections on a specific port, enabling you to run various services on your device that need to be accessible from the Internet.
Spotted a mistake or have an idea on how to improve this page?
Suggest an edit on GitHub.