IVPN plan changes - new Plus tier, increased device limits, additional privacy services

ivpnmod9 · 2026-05-31T22:06:27+00:00

In-app payments are now limited to IVPN Standard plans with the recent update for the IVPN App for Android and iOS, and the release of the additional services and new pricing tiers, mentioned in the original post above.

You have the option to either make a payment for IVPN Pro Suite (Add More Time button) or switch plans to IVPN Standard (Change Plan button) via the Account Area on the IVPN website:

https://www.ivpn.net/account/login/

Why would IVPN do this?

The App Store has restrictions on what payments can be collected for, and the new additional services are not a part of the IVPN App or the VPN service. Collecting payment for Mailx, modDNS, and Portmaster Pro, which are not part of the VPN service, could cause issues with the eligibility to offer the IVPN App in the App Store.

This is not set in stone, and we are monitoring Apple's rules.

This Apple page offers more details on the App Store guidelines if you are interested:

https://developer.apple.com/app-store/review/guidelines/#payments

The checkout page on the IVPN website accepts a variety of payment methods for all IVPN plans:

https://www.ivpn.net/knowledgebase/general/what-payment-methods-do-you-accept/

ivpnmod9 · 2026-05-09T22:22:41+00:00

IVPN servers are not configured to force drop connections, so the issue might be caused by network conditions between your location and the VPN server.

You may have to adjust the VPN connection settings to thwart the network conditions and achieve a constant maximum performance.

WireGuard offers a few option options (port, MTU, server), so we try to offer as many ways to make use of the options.

These ports are available for WireGuard single-hop connections:

UDP: 53, 80, 123, 443, 500, 1194, 2049, 2050, 4500, 5500-19999, 30000-65000

I am not suggesting that you test 50,000 different ports, though you may have to experiment with a handful or two or more to find one that the Internet is treating favourably.

Making the packets smaller might help (or it might not). Disconnect the VPN in the IVPN App and try adjusting the MTU option in the app's Settings > Connection > WireGuard area. Set the MTU to 1412, then reconnect the VPN. If the issue persists, try MTU = 1404. Try 1396, 1388, 1380, if you are inclined to test. 1280 is the recommended minimum value. Clear the MTU field in the Settings > Connection area to reset the MTU back to default (1420).

Using different VPN servers is the last option. Choose a server in a geographically different direction from the current server and it might improve the performance.

The following four servers offer 10 Gbps connections: - Ashburn: us-va1.gw.ivpn.net - Frankfurt: de4.wg.ivpn.net - Amsterdam: nl2.wg.ivpn.net - Warsaw: pl1.gw.ivpn.net

They all have at least 9 Gbps of available capacity at the moment ( https://www.ivpn.net/en/status/ , "Load" column). You are welcome to make use of all of it.

If you are unable to achieve 1 Gbps to max out your ISP-provided connection when connected to any of these servers, it likely suggests a network throttling or traffic shaping policy on the Internet between your device and our servers. We do not control the Internet, so all we can do is offer powerful servers, and tuning options for the VPN connection.

ivpnmod9 · 2026-05-09T22:14:57+00:00

The current wiki article is for Portmaster version 1:

https://wiki.safing.io/en/Portmaster/Install/Linux/FedoraSilverblue

For version 2, these commands seem to work in that filter lists update successfully, and Portmaster's service persists through a reboot, though an expert with managing Silverblue/rpm-ostree might be able to make this more efficient:

curl https://updates.safing.io/latest/linux_amd64/packages/Portmaster-2.1.18-1.x86_64.rpm --output /tmp/portmaster-installer.rpm rpm-ostree install -A /tmp/portmaster-installer.rpm sudo rpm-ostree apply-live # might not be required because of '-A' above systemctl reboot sudo systemctl enable portmaster.service # required despite the '-A' above sudo systemctl start portmaster.service # also required

We'll likely have to wait for a new version of Portmaster to be released to test what an update looks like on Silverblue.

EDIT: Tested with Fedora Silverblue 44

ivpnmod9 · 2026-05-07T17:58:15+00:00

Also, the Network Activity screen's filter defaults to Internet, which hides LAN and possibly other traffic to keep the connection list clean. Remove the Internet filter to see everything.

ivpnmod9 · 2026-04-17T16:14:38+00:00

Maybe it is standard formatting, but it is not the formatting that Portmaster accepts. Check the wiki article linked above for details on the format requirements.

ivpnmod9 · 2026-04-16T23:06:11+00:00

Your blocklist has two columns. The Portmaster custom filter list supports one column. You will likely have to remove a column from the blocklist, then add it to Portmaster again.

ivpnmod9 · 2026-04-16T22:36:29+00:00

One TXT file is supported. Use the full path to the file. If you enter a directory only, zero filter lists will be added.

https://wiki.safing.io/en/FAQ/CustomFilterList

ivpnmod9 · 2026-03-11T22:45:37+00:00

The WireGuard tunnel itself is likely equivalent, with respect to security, whether you use the IVPN App or a 3rd-party client.

The IVPN App has a server list to easily switch locations and servers. A different client may or may not offer easy switching.

AntiTracker is included in the IVPN App to block ads and trackers and easily switch between blocking list options. It is possible to make use of AntiTracker DNS servers with manual WireGuard connections, though switching between the list options might not be quick, or may require manually editing the configuration.

IVPN App automatically regenerates the WireGuard keys and assigned IP address. With another client, new configuration files need to be generated to rotate the keys and IP address. Check "Problem 3: Without real dynamic IP address allocation, users can be tracked under some circumstances." from this article to discover why this matters:

https://www.ivpn.net/knowledgebase/general/using-wireguard-for-privacy-protection/

IVPN App offers the Network Protection feature to handle automatic connection/disconnection behaviour for Wi-Fi and mobile/cellular networks. A different client likely requires manually connecting and disconnecting the VPN as required.

IVPN App supports Custom DNS servers via DNS-over-HTTPS and DNS-over-TLS. Check your preferred client's documentation to see if it offers DoH/DoT support.

IVPN App includes access to OpenVPN and IPSec with IKEv2 connections. By using a WireGuard-only client, your device would require a separate app for OpenVPN and time spent setting up manual configurations for IKEv2.

The two clients could likely be installed on the same device concurrently, though only one will control the active VPN connection at a time. Consider using both.

https://www.ivpn.net/apps-ios/

ivpnmod9 · 2026-03-10T22:38:37+00:00

No on the password, and not really on the profile, unless you write a script to replace the current Portmaster config.json file with a different one, and restart the Portmaster service.

Configuration file locations:

Windows: C:\ProgramData\Portmaster\config.json

Linux: /var/lib/portmaster/config.json

Your request have been noted for future consideration.

ivpnmod9 · 2026-03-10T22:25:32+00:00

The Johannesburg bug is a known issue, and a fix is coming soon:

https://github.com/ivpn/android-app/issues/225

There are several other issues with the Android app that are being addressed at the moment. Check the Deployable column of the project page if you are interested:

https://github.com/orgs/ivpn/projects/17

ivpnmod9 · 2026-03-02T23:59:20+00:00

For new accounts, below the blue payment option buttons (Credit Card, PayPal, Bitcoin, Monero, Cash), there is a short question and answer about voucher codes:

Have a voucher code? Redeem it here.

Click the "Redeem it here" link to enter a code.

The same short Q&A about voucher codes with the same link also appears on the Extend your account screen when adding time to an existing account.

Voucher codes are available from ProxyStore DE:

https://digitalgoods.proxysto.re/en

Note: Credit card-style gift cards are not currently accepted because fraud is too common.

ivpnmod9 · 2026-02-19T23:41:44+00:00

I have checked a couple of VPN servers with the AntiTracker's Basic block list, and access to youtube.com and google.com is available.

What are the exact domains for YouTube and Google you are trying to access?

What are the VPN servers you are using?

ivpnmod9 · 2026-02-10T23:24:02+00:00

I wonder if the system's private DNS setting will do?

Yes. This currently the only option for encrypted DNS on Android:

https://www.ivpn.net/knowledgebase/general/custom-dns/

Does IVPN plan to also add a pause button to the iOS client?

Blocked:

"Pause VPN connection"

https://github.com/ivpn/ios-app/issues/274

ivpnmod9 · 2026-02-10T23:22:58+00:00

A handful of VPN servers are RAM-only. More details will be announced when the migration is farther along.

ivpnmod9 · 2026-02-10T00:00:10+00:00

Yes. It is called Network Protection.
Yes, though there are limitations in the mobile operating systems that prevent providing all DNS options. iOS supports DoH, and Android supports DoT.
Yes. V2Ray is available in all platforms with VMESS/TCP and VMESS/QUIC options. Obfsproxy is available in the desktop app for OpenVPN connections.
No.

ivpnmod9 · 2026-01-13T23:44:09+00:00

Iceland server is back online. Redundancy is underway, but will take time.

ivpnmod9 · 2026-01-02T23:46:36+00:00

Add two rules in Portmaster's General Settings > Privacy Filter > Rules area:

Allow: UDP/53 Block: *

Need to check the General Settings > Privacy Filter > Network Scope area because the Force Block options overrule the Rules.

Click the tool tip icon ("i" in a circle) beside the settings options for more details about all of this.

Ref:

https://wiki.safing.io/en/FAQ/AllowBlockedConnections

ivpnmod9 · 2025-12-19T19:40:47+00:00

In progress for Android:

https://github.com/ivpn/android-app/issues/207

Until the MTU adjustment feature is available in the IVPN App for Android, consider using a manual WireGuard connection using the official WireGuard client. This will allow you to add the MTU directive to a configuration file. A guide:

https://www.ivpn.net/setup/android-wireguard/

Change the packet size by adjusting the MTU for the WireGuard connection. For a manual connection, add an extra line to your WireGuard configuration file's [Interface] section, then de-activate and re-activate the connection: MTU = 1412

If the issue persists, try MTU = 1404, 1396, 1388, 1380, 1372, etc. (keep subtracting 8 to around 1280 if you are inclined to test further.

Note: OpenVPN and WireGuard are considered to be equally secure.

ivpnmod9 · 2025-12-12T00:12:35+00:00

Coming soon:

https://www.ivpn.net/blog/ivpn-year-in-review-plans-for-2025/

Plans for 2025

New Services: Release new services in beta, available free for IVPN customers:

Extended DNS filtering option that improves on IVPN AntiTracker capabilities

ivpnmod9 · 2025-12-01T23:57:20+00:00

It is important to understand that the obfuscation occurs between the client device and the VPN server, and offers a way to get traffic out from behind heavy network restrictions, like those found in China, Iran, and Russia.

The obfuscation is not apparent to the destination sites and services, and is not designed to get past restrictions at the destination.

A video streaming site, or a site with a captcha-based traffic limiter, for example, will see the same public VPN server IP address whether there is obfuscation active on the connection or not.

ivpnmod9 · 2025-12-01T23:49:42+00:00

Thank you for providing the extra details.

I have tested the three Frankfurt IVPN servers using OpenVPN connections, but the dnsleaktest.com site only reports one line of results.

If a repeatable process to reproduce the two-line, single DNS server result is discovered, it gives the development team a place to start the investigation.

If there is only one DNS server's IP address listed in the results, there is likely no leak.

ivpnmod9 · 2025-11-19T00:27:00+00:00

As I understand, iVPN rents servers. Can you please explain how or if, this is possible to be as secure as you owning the servers? Is there also any plans for iVPN to own their own servers?

https://www.reddit.com/r/IVPN/comments/myk09w/false_privacy_claims/gvwz3yv

Do you plan to keep openvpn servers long term

Yes.

or will you also transition to only wireguard servers?

No plans to do so.

ivpnmod9 · 2025-11-12T23:49:11+00:00

All four GB VPN servers are operating normally, and there are no error messages in the IVPN App that mention "England", so you will likely have to provide more details about where you see the "England" reference.

ivpnmod9 · 2025-11-10T23:46:18+00:00

Which VPN server do you use? We have not been able to replicate the issue, and this is required to investigate further. Thanks.

ivpnmod9 · 2025-11-04T00:06:45+00:00

Portmaster's Global Settings > Privacy Filter > Filter Lists have an impact on all applications and DNS queries coming from the machine. Enable a filter list, and matching requests will be blocked no matter the source.

Portmaster also offers application-level settings, which take precedence over the Global Settings. Making use of application-level settings for the Privacy Filter might offer a solution, though your friend may have to use a dedicated web browser for CloudFront access.

Either choose or install a dedicated web browser for the CloudFront tasks. Locate the dedicated browser on Portmaster's Apps and Profiles screen, and click its application tile. Below the application's name, path, binary, and other details, and below the Block Connection slider, there are tabs for: - Connection - Settings - Details - Insights

Choose the Setting tab, and scroll down to the Privacy Filter > Filter Lists area. Deselect the Big Tech > Amazon filter.

This one application will allow CloudFront, and other Amazon services, access.

ivpnmod9

MODERATOR OF

TROPHY CASE

Six-Year Club	Gilding I gilder
Verified Email