VPN deals Advertisement

How to install a VPN on your Android phone or tablet

By far the easiest way to set up and use a VPN on your Android device is by installing a trusted service from the Google Play store. Many, if not most, providers offer custom Android apps.

  • You can sign-up for an account first via the provider’s webpage. Take a look at our list of the best VPNs for Android. Once this has been done you will usually receive a Welcome email with a download link to the Google Play Store.
  • Or you can download a VPN app directly from the Google Play Store and sign-up via an in-app purchase when the usual free trial expires. If taking this route, please be very careful to only download apps from reputable providers. There are a lot of fake or actively malicious apps available through the Play Store.

How to Install a VPN on an Android device: Step-by-step

Follow the steps below to install a VPN app on an Android device:

  1. Follow the link provided by your VPN service, or search the Google Play Store for a reputable VPN app.
  2. On the app’s download page it is always a good idea to read users’ comments in order to check that the app is legitimate. If you are satisfied, then select “Install.”

VPN on Android

  1. Read through the Permissions the app requires on your device and ensure that you are happy with them. In-app purchases are needed to buy a subscription from within the app, and every VPN app will need access to your WiFi settings. No other permissions should be required. Touch “Accept” when you are ready to proceed.

Android Install 2

The app will then download and install to your Android device. Once this is completed, launch the app and sign-in if required. Once in the app, simply select a server you wish to connect to, and hit “Connect.”

How to setup OpenVPN for Android

OpenVPN is now the industry standard VPN protocol. It is the one that BestVPN.com recommends you use under almost all circumstances.

The main third-party OpenVPN apps for Android are OpenVPN Connect and the more fully featured and open source OpenVPN for Android (F-Droid version available). Below are instructions for configuring OpenVPN for Android, which now features full Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6) and Web Real-Time Communication (WebRTC) leak protection.

  1. Download the OpenVPN configuration files from your VPN provider’s website. Unzip them (if required) and transfer to a folder on your Android device. Alternatively, download them directly to your Android device and unzip them.
  2. Download, install and run OpenVPN for Android (if you haven’t already). Touch the + icon to the top right of the screen to Add Profile. Give the profile a suitable name, then hit “Import.”

Android Ovpn 1

  1. Navigate to the folder where you saved the unzipped OpenVPN config file(s), and choose a server (.ovpn file). Once imported, touch the tick ✔ icon to continue.

Android Ovpn 2

  1. Once done, you’ll see the server name under the Profiles tab. To start the VPN, just touch it. You can import .ovpn files for as many servers as you like, and they will show up here.

Android Ovpn 3

Many providers include all necessary keys and account information in customized .ovpn files, so no further configuration is needed. Others may require that you enter your account information and other details. Please see your provider’s documentation for specific instructions.

Additional OpenVPN for Android settings (Optional but Recommended)

Enable IPv6 Routing

You can prevent IPv6 DNS leaks by telling OpenVPN for Android to properly route all IPv6 traffic over the VPN. To ensure this is enabled:

  1. Edit the specific VPN connection in the “Profiles” tab.

Ovpn Android 1

  1. Ensure that IPv6 -> Use default Route is checked. While you are here, also check that IPv4 leak protection is enabled (it should be by default).

Ovpn Android Dns Leak Protection

Download the Android .apk file

There are many reasons to de-Google your Android device. If you go down this route, then most VPNs will be happy provide you with an Android application package (.apk) file of their software that you can sideload to Android.

Note that sideloading files from outside the Play Store presents a security risk. So be sure to obtain the .apk from a reputable source - such a directly from your provider. It can’t hurt to run a malware scan on it either.

  1. Download an Android file manager app.
  2. Download the .apk file to your device. You can download it directly from the web using your web browser, send it to your Android device as an email attachment, transfer it from a desktop computer via USB lead or USB stick, access it from your Dropbox account, or whatever….

Android Install Ipv Apk2

IPVanish allows you to download the .apk direct from its website

  1. Find the downloaded file using a file explorer (or just select it in the drop-down Android notifications shade) and select “Install”. Once the app is installed simply open it.

Android Install Ipv Apk

Manually configure PPTP or L2TP/IPsec VPN settings

Android comes with a VPN client baked-in which supports the PPTP and L2TP/IPsec protocols.  For reasons discussed in detail in VPN Encryption: The Complete Guide, I always recommend using an OpenVPN app instead (via either a custom app or OpenVPN for Android).

Some users, however, like the fact that a PPTP or L2TP/IPsec connection can be setup without the need to download a third party app. Note that setup details may differ a little from the instructions below depending on what device and version of Android you are using.

  1. Go to your VPN Settings page. On my phone this is can be found at Settings -> Connections -> More connection settings -> VPN. Select “Add VPN.”

Android Install 3

  1. Enter the PPTP or L2TP/IPsec settings given to you by your provider. These settings are usually available on the setup pages of its website, or you can ask support. Touch “Save” when you are done.

Android Install 4

Note that use of pre-shared keys is strongly frowned upon from a security perspective, although this is mitigated somewhat if accounts are secured using a unique username and password.

  1. On the VPN Settings page select the newly created connection.

Android Install 6

  1. Sign into your VPN account and hit “Connect”.

Android Install 7

How to test your VPN

No matter what kind of VPN you use, Android will display a small key icon in the notification bar whenever it is connected. This lets you know at-a-glance that you are protected.

Android Vpn Key

For additional confirmation, you can run an IP leak test…

Check for VPN for IP leaks

Android is much less susceptible to DNS and WebRTC leaks than desktop platforms. Once connected, however, you should nevertheless check for IP leaks. Just in case.

Note that Private-Use - [RFCxxxx] IPs are local IPs only. They cannot be used to identify an individual or device, and so do not constitute an IP leak.

Enable a kill switch

Method 1 (Android Nougat 7+)

Newer versions of Android now include a built-in kill switch that works with any VPN. This includes Android's built-in PPTP/L2TP app, OpenVPN for Android, and custom apps. If your device runs Android Nougat 7+, use this method.

1. Ensure the VPN is turned off, then go to your device's settings. On my Samsung Galaxy S8+ these can be found at Settings -> Connections -> More connection settings -> VPN, but this may vary by device.

2.Click on the gear icon next to the app or connection you want to set a kill switch for.

Android Kill 1

3. Turn on both "Always -on VPN" and Block connections without VPN.

Android Kill 2

4. Confirm that you want a kill switch for your VPN

Android Kill 3

And ta-da! Pretty groovy, eh?

Method 2

If you run an older version of Android, never fear! You can configure OpenVPN for Android to act as a kill switch. This may not be quite as secure as the above method as it will not protect you if the OpenVPN for Android app crashes, but it is still pretty effective.

  1. Edit the specific connection in the “Profiles” tab (see above).
  2. Go to the “Advanced” tab and check “Persistent Tun” and set “Connection retries” to Unlimited.

Ovpn Android 3

You now have an OpenVPN kill switch for Android.

Conclusion

Using a dedicated VPN app from the Google Play Store is the easiest way to install a VPN on your phone. Other methods, however, are hardly difficult.

Image credit: By novak.elcic/Shutterstock.

Written by: Douglas Crawford

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

12 Comments

  1. Mike
    on August 12, 2018
    Reply

    I'm using Windscribe VPN on my phone, running Android 7.0. When I attempted to enable the kill switch via the above method, the only option available to me was to enable 'always on VPN'. I have ProtonVPN as well, and the 'always on' option was the only one available for this VPN also. There is no 'block connections without VPN' option. Any idea why the blocking option could be missing, or maybe there's a workaround?

    1. Douglas Crawford replied to Mike
      on August 22, 2018
      Reply

      Hi Mike, Hmm. Strange. The only reason I can think of, off hand, is that your phone manufacturer may have disabled to option for some reason.

  2. John Souvestre
    on June 1, 2018
    Reply

    > Android now include a built-in kill switch that works with any VPN app. This includes Android’s built-in PPTP/L2TP app, OpenVPN for Android ... Unfortunately this no longer works for the OpenVPN app for Android. When you try you are prevented and this message is displayed: Not supported by this app. I'm running 8.1.0. OpenVPN confirms that there is no way to get a Kill Switch working.

    1. Manish G replied to John Souvestre
      on July 18, 2018
      Reply

      It works fine on my OnePlus 5 with Android 8.1.0. Can you please share a screenshot of that weird error you are talking about?

      1. Douglas Crawford replied to Manish G
        on July 18, 2018
        Reply

        Hu Guys, Hmm. Yes. It also works just fine on my Samsung Galaxy S9+ (Android 8.0.0).

  3. pompi
    on May 13, 2018
    Reply

    I set up a pihole at home and connect via vpn to it. It works fine if I connect manually, but when I enable always on vpn it doesn't work anymore. Any ideas? Help appreciated

    1. Douglas Crawford replied to pompi
      on May 14, 2018
      Reply

      Hi pompi, Hmm. Curious. I must admit that I have no idea why this might happen, bit may one of our readers can help?

  4. Manish Gehlot
    on April 20, 2018
    Reply

    Good guide. But I didn't like the killswitch method that is proposed here. It isn't reliable and robust enough. Rather, we can setup it built-in tools of Android Nougat 7+ and newer. At PrivateVPN.com, we recommend it as it works flawlessly. Do, everything you can and no internet access unless you have a valid VPN connection. Guide: https://github.com/privatevpnsupportguy/a/blob/master/Setup-manual-Killswitch-on-Android.md

    1. Douglas Crawford replied to Manish Gehlot
      on April 20, 2018
      Reply

      Hi Manish, I'm glad you like the article, but can you please explain why enabling persistent TUN in OpenVPN for Android is in any way not reliable and robust? That said, your technique is pretty neat. Thanks for sharing. It also looks like it will work with any VPN app. If you can confirm this is correct then I'll test it out on my own phone for a while, and if everything works well will add it to this article (although it only works for fairly new Android devices, and therefore does not entirely replace the persistent TUN method).

    2. Manish Gehlot replied to Manish Gehlot
      on April 20, 2018
      Reply

      Yes, it will work with any App based VPN. Regarding OpenVPN's --persist-tun based method, it might not work just in case the App crashes or if you change a lot of networks and if the server itself stalls your re-connection requests. There is a five second time frame between retry attempts. In no-way we can conclude that it won't leak anything because there is no actual firewall that blocks Internet access in place.

      1. Douglas Crawford replied to Manish Gehlot
        on April 20, 2018
        Reply

        Hi Manish, Thanks for the info. I'll test your method over the weekend and then probably add it to this article on Monday. Thanks!

    3. Manish Gehlot replied to Manish Gehlot
      on April 20, 2018
      Reply

      Most welcome! :D

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.