Return to protonvpn.com Facebook   Twitter   Reddit   ProtonMail
Support Center / Troubleshooting / How to activate DNS leak protection?

How to activate DNS leak protection?

Whenever a web connection is made, a computer will first translate a domain name into an IP address. This lookup is done via DNS servers. Thus, DNS lookup records also contain a log of all websites visited.

To activate ProtonVPN’s DNS leak protection, please follow these steps:

 

  1. Open the ProtonVPN app
  2. Press Settings and select account
  3. Locate ‘DNS Option’, you can find it in the Preferences section on the right
  4. Click the box titled ‘Leak protection’

 

 

Related questions

How to change VPN protocols?

How to check for updates?

How to improve internet speed?

Does ProtonVPN store user information?

Post Comment

26 comments

  1. Vincent

    Is it possible that the DNS leak protection actually slows down the DNS loopup by several seconds? I did some test with the developer options in Opera and a DNS loopup of 5 Secs is not unusual with the VPN enabled. I am connected to the server in my country.

  2. wow

    In the script you can just add “block-outside-dns” if user run OpenVPN v2.3.9+ it’s working for me

  3. EquinoxMist

    Any update on the DNS leak situation?

  4. ProtonVPN

    We see limited options to stop DNS leaks while using network manager. We’ll have linux specific config files which will include necessary commands to prevent DNS leak when running from the command line soon, stay tuned

  5. Luigi

    I can confirm that 16.04 with network manager does not look like its leaking on dnsleaktest.com

  6. sam

    When will the new ovpn scripts be released?

  7. sam

    I just downloaded the new scripts dated 04/26. Are these the corrected update scripts?

  8. sam

    What is the status of these updates? When can we expect them?

  9. UltraViolet

    so after all these comments on leaking DNS on Linux how do i get this to work on Mint 18 in the network manager?

  10. ProtonVPN

    for now, the best fix is to append the below lines to your ovpn config file
    script-security 2
    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf

    and then running it through the command line using
    sudo openvpn --config name_of_your_file.ovpn
    To be clear, the network manager does _not_ execute these properly.
    We’ll be releasing properly adjusted linux ovpn files and instructions soon.

  11. Tod

    On Ubuntu 16.4, this solution does not seem to execute properly either. A test will show the VPN’s servers as well as the ISP’s. Thanks

  12. Nathan Meadows

    bash script to update all ovpn files (copy&paste into terminal next to your ovpn files):

    echo ”
    script-security 2
    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf
    ” | tee -a *.ovpn

  13. V

    Thanks for this. Any word on when these files will be updated to prevent the dns leak via nm?
    FWIW, I run my own VPNs and have no dns leaks — but I connect via the command line. I never use nm. I’d love to, though, so if you figure out how to make the nm configs work, I’m all ears!

  14. ProtonVPN

    currently the best bet looks like running it via CLI with the necessary script security lines included. Config generator will be available for launch

  15. Mario

    Under Ubuntu 16.04 LTS, there is indeed a DNS leak when using Ubuntu’s network manager.
    When i add

    script-security 2
    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf

    to the end of the .ovpn file and launch it via the terminal:

    sudo openvpn ch-01.protonvpn.com.udp1194.ovpn

    everything is fine (checked via dnsleaktest.com).

    However, if I start the same .ovpn with the Ubuntu Network manager (edit connections…), the DNS leaks…

  16. Anon

    I’m using linux and its network manager. I just tested the “is-nl-01” config file with OpenVPN and then went to : https://www.dnsleaktest.com/ and performed an “extended test”.
    The previously mentioned website states :
    “If you are connected to a VPN service and ANY of the servers listed above are not provided by the VPN service then you have a DNS leak and are choosing to trust the owners of the above servers with your private data.”

    I get a server in NL, and one… In Germany. I guess this is not normal behaviour, right ?
    The german DNS : 78.46.223.24 static.78-46-223-24.clients.your-server.de Hetzner Online GmbH

    Side note : I can tell you it’s not likely a misconfiguration on my part since my usual VPN works the same way as yours (using a config file in NW Manager) and I have no such behavior.
    Also it doesn’t happen all the time. Sometimes, only the NL one shows up.

  17. anonimo-x

    if I use ubuntu and I connect using ubuntu network manager, I have DNS leak protection? thank you

  18. ProtonVPN

    Hi Anonimo-X, yes you will have DNS leak protection when using the Ubunutu Network Manager.

  19. fewter

    I don’t believe this is correct. At least it doesn’t work for me on the latest version of Linux Mint. If I use the standard .ovpn files, DNS requests are still resolved by my ISP. (Tested using https://www.dnsleaktest.com.) I need to do two things to stop this.

    First, add the following to the .ovpn file, just before the … block:

    script-security 2
    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf

    Second, don’t use Network Manager but run the script from the command line:

    sudo openvpn –config [path to config file]

  20. ProtonVPN

    Hi fewter, could you please contact our support team using the support form. We’ll be happy to take a look at your DNS situation.

  21. Casey

    I have the same issue. Was there a fix?

  22. John

    I can confirm the DNS leak and that this fix partly resolves it, but it will still fail the webrtc leak at ipleak.net

    How to disable WebRTC

    If you use Chrome:
    – Download the extension Block WebRTC

    If you use Firefox
    – Type about:config in the address bar
    – Click on “I’ll be careful”
    – In the searchbar type: media.peerconnection.enabled
    – Doubletap it so the value changes to “false”.

    The best solution however would probably be to use the VPN at your router if you can.

  23. anonyme

    Hi fewter same issue for me with mint, Dns leaks is ok only if if I use the terminal to start vpn

  24. mark

    Strange doesn’t seems to have dns leak protection on ubuntu 16.10 using network manager (conf imported).
    Checked on https://ipleak.net and https://dnsleaktest.com/.
    Could you please confirm ?

  25. ProtonVPN

    Hi mark, please contact our support team and we’ll be happy to have a look. Thanks

  26. protonuser

    I can confirm fewters comment.

    When connecting with the default ProtonVPN files, both from terminal and Network Manager, tests show the DNS servers that I use.

    After changing the .ovpn as specified by fewter and connecting from terminal, the test shows only the Proton server.
    Using the modified .ovpn file in Network Manager does not work. That still shows my DNS servers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Don't find your answer? We're happy to help you!     Contact Our Support Team

Secure Your Internet Today

Get ProtonVPN