Secure all data communications and extend private network services

OpenVPN (32-bit)

OpenVPN 2.4.7 (Windows 10)

  -  4.1 MB  -  Open Source

Sometimes latest versions of the software can cause issues when installed on older devices or devices running an older version of the operating system.

Software makers usually fix these issues but it can take them some time. What you can do in the meantime is to download and install an older version of OpenVPN 2.4.7 (Windows 10).


For those interested in downloading the most recent release of OpenVPN (32-bit) or reading our review, simply click here.


All old versions distributed on our website are completely virus-free and available for download at no cost.


We would love to hear from you

If you have any questions or ideas that you want to share with us - head over to our Contact page and let us know. We value your feedback!

  • OpenVPN 2.4.7 (Windows 10) Screenshots

    The images below have been resized. Click on them to view the screenshots in full size.

    OpenVPN 2.4.7 (Windows 10) Screenshot 1

What's new in this version:

New features:
- ifconfig-ipv6(-push): allow using hostnames (in place of IPv6 addresses)
- new option: --ciphersuites to select TLS 1.3 cipher suites (--cipher selects TLS 1.2 and earlier ciphers)
- enable dhcp on tap adapter using interactive service (previously this required a privileged netsh.exe call from OpenVPN)
- clarify and expand management interface documentation
- add Interactive Service developer documentation

User visible changes:
- add message explaining early TLS client hello failure (if TLS 1.0 only clients try to connect to TLS 1.3 capable servers)
- --show-tls will now display TLS 1.3 and TLS 1.2 ciphers in separate lists (if built with OpenSSL 1.1.1+)
- don't print OCC warnings about 'key-method', 'keydir' and 'tls-auth' (unnecessary warnings, and will cause spurious warnings with tls-crypt-v2)
- bump version of openvpn plugin argument structs to 5
- plugin: Export base64 encode and decode functions
- man: add security considerations to --compress section

Bug fixes:
- print port numbers (again) for incoming IPv4 connections received on a dual-stacked IPv6 socket. This got lost at some point during rewrite of the dual-stack code and proper printing of IPv4 addresses.
- fallback to password authentication when auth-token fails
- fix combination of --dev tap and --topology subnet across multiple platforms (BSDs, MacOS, and Solaris).
- fix Windows CryptoAPI usage for TLS 1.2 signatures
- fix option handling in combination with NCP negotiation and OCC (--opt-verify failure on reconnect if NCP modified options and server verified "original" vs. "modified" options)
- mbedtls: print warning if random personalisation fails
- fix subnet topology on NetBSD (2.4)