Securing DNS while connected to a VPN

DNS is the system which translates the domain name you enter to a numerical IP, making possible to route the traffic when you request to the destination server IP. So, everytime you enter in your browser a website, the request is sent to the DNS server, server IP (where the targeted website is being hosted) obtained and the traffic is getting routed to the destination server.

Recently, we have noticed a privacy threat for Windows users who use VPN. The problem is that when you connect to the VPN server, Windows does not update the DNS server information to the anonymous VPN's DNS, which causes the leak of information regarding which sites a VPN user visits. In other words, when you request a website the request is still forwarded to your ISP's DNS server instead of VPN's DNS.

Luckily, there are multiple fixes available.

1. Manually flushing the DNS cache

After connected to the VPN server, run Windows command line (cmd.exe) as an administrator and execute the following command:

ipconfig /flushdns

2. Automated solution

For Win XP / Vista / Win 7 users who use OpenVPN (OK for VPN users) an automated script is available, which will update the DNS every time you connect to the VPN.

Download and install, no other configuration needed.

3. If the above 2 do not work

It was also noticed that on wi-fi connection the above 2 solution may not work. In this case you are strongly recommended to manually update your DNS configuration to one of the public DNS - OpenDNS or Google DNS. What you need to do...

1. Open Network and Shareing Center

2. Change Adapter Settings

3. Choose the one you are connected to or the one you mostly use, right mouse click, "Properties"

4. Double click Internet Protocol Version 4 (TCP/IPv4)

5. Under DNS choose: "Use the following DNS server addresses" and enter

For OpenDNS:


For Google DNS:


Press "OK"

Was this answer helpful?

 Print this Article