VPN Compatibility
Overall, the Portmaster is compatible with VPNs. Here we describe what to look out for and known issues with special VPN software.
Setup
Under normal circumstances, VPNs should work right out of the box. If not, you can always use OpenVPN as a workaround.
Where Incompatibility Comes From
Incompatibility is created when both Portmaster and a VPN client hook into DNS. Check your VPN app if you can somewhere disable DNS redirection.
Portmaster needs to hook into DNS in order to understand which connection goes where and to which app it belongs. Without it, users would have to start filtering by IP address, making Portmaster basically useless.
Portmaster automatically secures DNS requests by encrypting them to a secured DNS resolver - which you can configure if you do not like the defaults. You can even set your VPN provider as the resolver if you want. We are all about empowering users.
VPNs do sometimes hook into DNS too - creating the compatibility conflict. Their idea is that since you redirect all your normal traffic through them, you might as well redirect all your DNS to them too. Now that comes from good intentions - but if they do not provide a way to disable this behavior, then this goes against user choice.
The same can apply when VPNs enforce traffic re-routing with kill switches.
There sadly is not much we can do than to ask VPN providers to empower users and allow them to disable their various integrations.
Workaround: OpenVPN
If a VPN Client does not work, you can try restoring compatibility with this FAQ guide. Or alternatively, you can always work around this by using OpenVPN instead. This is a bit more technical but worth a shot if the normal VPN client does not work out.
DNS Leak Detection
Please note that pretty much all the DNS leak detection tests by the VPN providers will be a false positive, as the only thing they check is if you are using their DNS servers. Rest assured that your DNS queries are well protected by the Portmaster and there is no need to be concerned.
Community Reports
Please report your experience to help others know whether Portmaster works with a certain VPN client or not.
| Native Client | OS | Mode | Status | Link |
|---|---|---|---|---|
| MullvadVPN | OpenVPN | 🚫 issue confirmed | #445 | |
| WireGuard | 🚫 issue confirmed | #445 | ||
| OpenVPN | 🟢 confirmed compatible, setup required → | #313 | ||
| WireGuard | 🟢 confirmed compatible, setup required → | #313 | ||
| Mysterium VPN | 🟡 issue reported | #649 | ||
| NordVPN <= v3.12.4 | NordLynx | 🟢 reported compatible | #297 | |
| OpenVPN | 🟢 reported compatible | #297 | ||
| NordVPN >= v3.12.5 | NordLynx | 🚫 issue confirmed | #643 | |
| OpenVPN | 🚫 issue confirmed | #643 | ||
| PIA VPN | OpenVPN | 🟢 reported compatible | #317 | |
| WireGuard | 🟡 issue reported | #317 | ||
| ProtonVPN | 🟢 reported compatible | #320 | ||
| 🟢 confirmed compatible | #160 | |||
| RiseupVPN | 🟡 issue reported | #284 | ||
| Surfshark VPN | OpenVPN | 🟢 confirmed compatible | #785 | |
| WireGuard | 🚫 issue confirmed | #785 | ||
| VyprVPN | OpenVPN | 🚫 issue confirmed | #563 | |
| IKEv2 | 🚫 issue confirmed | #563 | ||
| WindscribeVPN | 🟢 confirmed compatible, setup required → | #311 | ||
| WireGuard | native | 🟡 issue confirmed, workaround available | #292 |