Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • What is a Prevent IP Leaks module
  • Enabling Prevent IP Leaks
  • Disabling Prevent IP Leaks module

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Windows
  3. Features
  4. Traffic protection

Prevent IP Leaks

This module is used to block IPv6 and DNS requests outside the VPN tunnel.

What is a Prevent IP Leaks module

When developing VPN applications, it's crucial to ensure that users' IP addresses remain hidden and secure. IP leaks can expose users' real IP addresses, compromising their privacy and security. In this article, we'll explore how to prevent IP leaks using an SDK that provides IP leak prevention functionality.

An IP leak occurs when a VPN user's actual IP address is revealed, despite the active VPN connection. To minimize these risks, VPN applications must incorporate robust IP leak prevention mechanisms specifically designed for DNS and IPv6 traffic.

Default Windows DNS client sends DNS requests through the all network interfaces in the same time and waits which one will answer first. Even when you use Google DNS servers on your primary network adapter, they are located in different countries and the closest one will answer first and often it will be DNS server that is closest to your primary network interface, not a tunnel.

The same thing with IPv6 when VPN servers don't support IPv6. By default Windows prefers to use IPv6 over IPv4 and when sites have both IPv4 and IPv6 addresses then client machine will send traffic outside the tunnel.

Enabling Prevent IP Leaks

In our VPN SDK, the Prevent IP Leaks feature can be enabled in two ways:

  1. By setting the EnablePreventIPLeak parameter:

  • When starting the VPN connection, set the EnablePreventIPLeak parameter to true in the StartVpnRequest object:

var startVpnRequest = new StartVpnRequest()
{
    AccessToken = loginResponse.AccessToken,
    Credentials = getCredentialsResponse.Credentials,
    EnableKillSwitch = false,
    VpnNode = node,
    EnablePreventIPLeak = true, // Optional, enabled by default
};
    
var startVpnResponse = sdk.StartVpn(startVpnRequest);
  1. By calling the EnablePreventIpLeak/EnablePreventIpLeakAsync methods:

  • Directly call the EnablePreventIpLeak or EnablePreventIpLeakAsync method on the SDK instance:

///Enables prevent IP leak module.
var enableResponse = await sdk.EnablePreventIpLeakAsync().ConfigureAwait(false);

Disabling Prevent IP Leaks module

To disable the Prevent IP Leaks feature, you can use one of the following methods:

  1. By setting the EnablePreventIPLeak parameter:

  • When starting the VPN connection, set the EnablePreventIPLeak parameter to false in the StartVpnRequest object:

var startVpnRequest = new StartVpnRequest()
{
    AccessToken = loginResponse.AccessToken,
    Credentials = getCredentialsResponse.Credentials,
    EnableKillSwitch = false,
    VpnNode = node,
    EnablePreventIPLeak = false, // Disabling Prevent IP Leaks module
};
  1. By calling the DisablePreventIpLeak/DisablePreventIpLeakAsync method:

  • Directly call the DisablePreventIpLeak or DisablePreventIpLeakAsync method on the SDK instance:

///Disables prevent IP leak module
var disableResponse = await sdk.DisablePreventIpLeakAsync().ConfigureAwait(false);

By following these steps, you can easily enable or disable the Prevent IP Leaks feature in our VPN SDK, ensuring the protection of users' IP addresses while connected to the VPN.

PreviousKillswitchNextBlock Local Networks

Last updated 22 days ago

Was this helpful?