Is My VPN Working? 5 Quick Tests to Check

You turned on your VPN, saw the "Connected" badge, and assumed you were safe. But are you actually protected? VPN apps can show a green checkmark while your real IP address, DNS queries, or WebRTC data leak out in the background. This happens more often than you might think.

The good news is that verifying your VPN takes less than two minutes. Here are five quick tests you should run every time you connect.

Why Your VPN Might Not Be Working

Before we get to the tests, here are the most common reasons a VPN fails silently:

• Kill switch disabled — if the VPN connection drops, your traffic reverts to your real IP without warning.
• DNS leak — your browser sends DNS requests outside the VPN tunnel, revealing the sites you visit to your ISP.
• WebRTC leak — browsers like Chrome and Firefox can expose your real IP through WebRTC even when a VPN is active.
• Split tunneling misconfigured — some apps or domains are excluded from the tunnel by design.
• IPv6 leak — your VPN handles IPv4 but your device sends IPv6 traffic unprotected.

Test 1: Check Your Visible IP Address

This is the most basic and most important test. Before connecting your VPN, visit our My IP Address tool and write down the IP address and location shown. Then connect your VPN and reload the page.

What to look for:

• The IP address should be completely different from your original one
• The location should match the VPN server you selected (e.g., if you picked a Netherlands server, the location should show Netherlands)
• Your ISP name should change to the VPN provider's hosting company

If your original IP still appears, your VPN is not working. Disconnect, restart the VPN app, and try again. If the problem persists, switch to a different VPN server or protocol (WireGuard and OpenVPN are the most reliable).

Test 2: Run a DNS Leak Test

Even if your IP changes, your DNS queries might still route through your ISP's servers. This means your ISP can see every domain you visit despite the VPN.

Head to our DNS Leak Test and click "Run Test." The tool sends multiple DNS queries and identifies which DNS servers handle them.

What to look for:

• DNS servers should belong to your VPN provider, not your ISP
• You should not see your ISP's name anywhere in the results
• All listed servers should be in the same country as your VPN server (or the VPN provider's DNS infrastructure)

If you detect a DNS leak:

1. Enable the "Use VPN DNS" or "Block DNS outside tunnel" option in your VPN settings
2. Manually set your device DNS to a privacy-respecting resolver (e.g., 1.1.1.1 or 9.9.9.9)
3. On Windows, disable Smart Multi-Homed Name Resolution in Group Policy
4. Re-run the test to confirm the fix

Test 3: Check for WebRTC Leaks

WebRTC is a browser technology used for video calls and peer-to-peer connections. The problem is that WebRTC can reveal your real local and public IP addresses even when you are behind a VPN.

Use our VPN Leak Test which includes a comprehensive WebRTC leak check.

What to look for:

• No WebRTC leak detected (your real IP should not appear)
• Only the VPN's IP should be visible, if any

If WebRTC is leaking your IP:

• Firefox: Type about:config in the address bar, search for media.peerconnection.enabled, and set it to false
• Chrome: Install a WebRTC leak prevention extension, or use a VPN with built-in WebRTC protection
• Brave: Go to Settings > Privacy > WebRTC IP Handling Policy and set it to "Disable non-proxied UDP"

Test 4: Verify IPv6 Is Not Leaking

Many VPNs only tunnel IPv4 traffic. If your ISP supports IPv6 and your VPN does not handle it, your device may send IPv6 traffic outside the tunnel — exposing your real IPv6 address.

Visit our IPv6 Tools page to check if an IPv6 address is detected while your VPN is connected.

What to look for:

• Ideally, no IPv6 address should be detected at all (the VPN should block IPv6)
• If an IPv6 address does appear, it should belong to the VPN provider, not your ISP

If IPv6 is leaking:

1. Enable "IPv6 leak protection" in your VPN app (most major providers have this)
2. Alternatively, disable IPv6 on your operating system:

- Windows: Network adapter properties > uncheck "Internet Protocol Version 6"

- macOS: System Preferences > Network > Advanced > TCP/IP > Configure IPv6: "Link-local only"

- Linux: Add net.ipv6.conf.all.disable_ipv6 = 1 to /etc/sysctl.conf

Test 5: Test the Kill Switch

A kill switch cuts your internet connection if the VPN drops, preventing your real IP from being exposed during reconnection. Many users enable it but never test it.

How to test:

1. Connect to your VPN and confirm it is working (tests 1-4)
2. Open our My IP Address tool in your browser
3. In your VPN app, manually disconnect or switch servers
4. Quickly check if the page loaded with your real IP, or if the connection was blocked

What should happen:

• The page should fail to load or show a "no internet" error while the VPN is reconnecting
• Your real IP should never appear, even for a moment

If you see your real IP flash during the switch, your kill switch is not functioning properly. Check that it is enabled in VPN settings (it is often off by default). A reliable VPN like NordVPN includes an always-on kill switch that blocks all traffic when the tunnel is down.

Quick Checklist

Run through this after every VPN connection:

• [ ] IP address changed — verified at My IP Address
• [ ] No DNS leaks — verified at DNS Leak Test
• [ ] No WebRTC leaks — verified at VPN Leak Test
• [ ] No IPv6 leaks — checked at IPv6 Tools
• [ ] Kill switch tested and working

What to Do If Your VPN Keeps Failing

If you consistently find leaks after testing, consider these steps:

1. Update the VPN app — bugs in older versions can cause leaks
2. Switch protocols — try WireGuard or IKEv2 instead of OpenVPN, or vice versa
3. Change servers — some servers may be overloaded or misconfigured
4. Contact support — reputable providers have 24/7 chat support
5. Switch providers — if leaks persist, your VPN may not be trustworthy

A VPN is only as good as its implementation. Free VPNs are particularly prone to leaks because they cut costs on infrastructure and development. If privacy matters to you, invest in a provider with a proven track record and independent security audits.

Conclusion

Trusting a "Connected" indicator is not enough. Real VPN verification requires checking your IP, DNS servers, WebRTC behavior, and IPv6 handling. Bookmark this page and run through these tests periodically — especially after VPN app updates or when connecting from new networks.

Your privacy depends on what actually leaves your device, not what your VPN app claims.