General
How do I set up ChefVPN?
Please refer to the Tutorials page.
Can I use P2P applications with ChefVPN?
Yes, you can. For more information about the servers compatible with P2P, see our article.
Will I experience a DNS leak with ChefVPN?
Once connected, your device will use DNS servers operated by ChefVPN. Your DNS queries will travel over the VPN tunnel and will be resolved on the same secure server you are connected to. More information here.
What is a Kill Switch and how does it work?
The Kill Switch terminates your internet connection if the VPN connection accidently drops. You can enable it on ChefVPN apps for Windows, Android, macOS, iOS, and Linux. More information here. On ChefVPN Windows app, you can specify which applications the Kill Switch should block or disable the internet system-wide. On iOS and macOS apps, you can turn on only the system-wide network lock. For Android, enable Kill Switch by going to Settings -> Wireless and networks -> More -> VPN
What is Double VPN and how does it work?
Double VPN is a special feature that encrypts your internet traffic twice with AES-256-GCM encryption. First you secure your traffic by connecting to a ChefVPN server. Then your data travels to the second ChefVPN server and gets encrypted again. And then it finally reaches the internet.
Where are your servers located?
Currently we have servers in Albania, Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Costa Rica, Czech Republic, Denmark, Egypt, Estonia, Finland, France, Germany, Greece, Hong Kong, Hungary, Iceland, India, Ireland, Israel, Italy, Latvia, Luxembourg, Malaysia, Mexico, Moldova, the Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Singapore, South Africa, South Korea, Spain, Sweden, Switzerland, Taiwan, Thailand, Turkey, Ukraine, the United Kingdom, the United States, and Vietnam. You can find a dynamic list here.
Do you offer Socks5 proxies?
Yes, we do support Socks5 proxies as well as HTTP proxies. More information here.
What bandwidth can I expect from your service?
It depends on various criteria. If you connect to the closest server, you may expect around 30% loss in bandwidth speed.
Do you offer any open ports?
Only ports required for our connections are open. For the SMTP incoming port, you can alternatively use ports 465 or 587. Since we do not provide any port-forwarding, no incoming connections can go through.
Do you support IPv6?
No, but we are planning to add the support of IPv6 in 2021.
How many devices can be connected to ChefVPN simultaneously withone account?
A total of 6 devices can be connected with one ChefVPN account at the same time. However, there is one limitation. If you connect multiple devices to the same server, you must choose different protocols for the VPN connections (TCP and UDP are different protocols, so you can connect one device to TCP and the other to UDP). That means a total of 4 devices can be connected to the same server at once — through IKEv2, OpenVPN TCP, OpenVPN UDP, and NordLynx. If you set up ChefVPN on your router, you can connect all devices in your network to the same VPN server while using up only one slot.
What information do you store?
We do not store any logs. More about our no-log policy here.
How is my privacy maintained?
When you connect to ChefVPN, a VPN tunnel is created — meaning a secure connection between you and our server is established. All data in this tunnel is encrypted. Even if it’s intercepted, no one will be able to make sense of it. In other words, your internet traffic is for your eyes only.
Can I change my VPN username?
Yes, you can, but you will have to send us a request at [email protected]. Please note that you might need to prove you are the owner of the account.
How can I change my VPN password?
In the Lost Password page, enter your email address and press Send Reset Link. You will receive an email from ChefVPN. Press the Reset Password button and enter your new password in the next screen.
I have lost/forgotten my username/password?
Go to the Lost Password page, enter your email address and press Get New Password. You will receive an email to confirm that you want to retrieve your password. Click the link in the email, and you will shortly receive another email with a temporary password. Please log in to your profile using your temporary password and choose a new password. Please note that you will not be able to use the temporary password for VPN connections.
How can I get support?
You can do that from our Contact Us page. There, you can search our smart Help Center for an answer or email us directly at [email protected].
I can’t connect to a VPN – what should I do?
First of all, we highly suggest you to check out our Help Center. If you cannot find the answers you need, please Contact Usdirectly by email or live chat. What information should you provide us?
This will help us understand your problem and solve your connection issue.
- 1. Your operating system;
- 2. The server to which you are trying to connect, for example: vpn.nordvpn.com;
- 3. Error name /code (a screenshot of the error is preferable).
This will help us understand your problem and solve your connection issue.
Billing & sales questions
What is your money-back policy?
We have a 30-day money-back guarantee policy for accounts in good standing. To receive a refund, please contact our customer support team. Please note that we cannot issue refunds for purchases made on Apple's App Store. However, you can contact the App Store support about a refund.
Do you offer a free trial?
We offer a risk-free way to try ChefVPN for 30 days. Sign up for ChefVPN and enjoy the full-featured service with no restrictions. Within 30 days, choose whether to stay secure or contact our support for a full refund. For guidelines, visit our Help Center.
How can I get 5 or more VPN accounts for my business?
If you need a ChefVPN plan with 5 or more accounts, please check out ChefVPN Teams or contact sales.
Do you accept Perfect Money?
No, but you are able to pay via Sofort, credit card, Stripe, Amazon Pay, PayPal,Alipay, UnionPay.
I’m interested in becoming your affiliate. What should I do?
Register your VPN affiliate account. If you have any questions, contact us at [email protected].
How can I get a dedicated IP address?
Send us an email to [email protected], and we will provide it. We currently offer dedicated IP addresses in the United States (Buffalo, NY; Los Angeles, CA; Dallas, TX; Matawan, NJ), Germany (Frankfurt), France (Paris), the United Kingdom (London), and the Netherlands (Amsterdam). Please note that you need to pay extra for a dedicated IP address. Please be aware that if you purchase a dedicated IP, your email will be linked to that IP address. If you need dedicated IP addresses for a group of people, check out ChefVPN Teams or contact sales.
Set up questions
Can I set up ChefVPN on my smart TV or Apple TV?
Apple TV and most other smart TVs do not support built-in VPN. The only way to set it up is by configuring VPN on your router. The exception is Android TV. Download a ChefVPN app for Android TV here.
What router do you recommend to use with ChefVPN?
We would recommend you to purchase DD-WRT or Tomato-compatible router and set it up with ChefVPN.
How does an IP address relate to online security & privacy?
Since every computer on a network is assigned with an IP address to retrieve information, all activity performed online has an IP signature. Just like your Internet Service Provider (ISP), every webpage tracks the IP addresses of their visitors to collect user-oriented data, and this is done without the agreement of the visitors. All kinds of user identification can be collected by tracking IP addresses. For example, a website can gather information such as user’s ISP, actual location and other data that can be stored and used at the discretion of the website owners. At present, search engine giants such as Google use IP addresses as well to associate a search pattern and online activity with every single user. This is done to deliver more targeted ads, but with the kind of information that is being collected, it is worrying to note that Google is in a position to profile Internet users quite accurately.
Do you have a DD-WRT configuration guide?
Here are the instructions on how to set up your DD-WRT router with NordVPN’s configuration.
Connection issues
Why is my connection slow?
Internet traffic congestion can slow a fast connection to a halt. When you initiate a connection to a VPN server, you first go through your ISP. If your ISP directs you to a route that is either very busy or very long, your connection will be slow. This can happen anywhere along the route, although we monitor our network 24/7 to ensure we are not the cause.
Technical information
What is a proxy server?
A proxy server, or a “proxy,” is a device that acts as a gateway between a local network (e.g., all the computers at one company or in one building) and a larger-scale network such as the internet. When you try to access a website or any other resource available from various servers over the internet, your computer sends a request to the proxy server, which then processes the request and returns the result you were looking for. Proxies are used for a number of reasons, such as to filter web content, go around restrictions (for example, parental blocks, geo-restrictions), screen downloads and uploads, and provide privacy when surfing the internet. If you visit a website via a proxy server, the website will see a request from the proxy IP rather than your own, which hides your IP address and makes it difficult (but not impossible) to track you.
What is SOCKS and HTTP proxy?
Socket secure (or “SOCKS”) is a protocol for handling TCP traffic through a proxy server. SOCKS Version 5 adds additional support for security and UDP. SOCKS proxies do not interpret network traffic, which means they are not able to understand what is being passed from the client to the server and vice versa, and that makes the connection secure.
SOCKS uses a handshake protocol to inform the proxy software about the connection that the client is trying to make. It’s capable of transferring all information from a client to a server even through firewalls because the web server views the SOCKS proxy as the client.
The HTTP protocol is the standard proxy protocol for the internet, specifically designed to transfer website data. HTTP proxies are mainly used to fetch and receive within that protocol, rather than other types of network connections (unlike SOCKS, which can accommodate virtually any protocol, program, or type of traffic). That includes specific network ports, through which all HTTP traffic is usually routed.
Due to these factors, HTTP proxies are the more common of the two types, and usually, people refer to them when they talk about proxy use.
Also, SOCKS proxies operate at the so-called “lower level” than the HTTP proxy. However, that actually makes them more secure. Unlike a SOCKS server, an HTTP proxy server does understand and interpret the network traffic that passes between the client and downstream server, which means that the company that owns it could be logging users’ data.
To prevent abuse and maintain high service quality for all of our customers, the speed of HTTP proxies is limited to ~100 Mbps. SOCKS5 proxies and our proxy extension connections are not limited in any way, and the speed will solely depend on the server’s capacity.
SOCKS uses a handshake protocol to inform the proxy software about the connection that the client is trying to make. It’s capable of transferring all information from a client to a server even through firewalls because the web server views the SOCKS proxy as the client.
Comparison to HTTP proxies
The HTTP protocol is the standard proxy protocol for the internet, specifically designed to transfer website data. HTTP proxies are mainly used to fetch and receive within that protocol, rather than other types of network connections (unlike SOCKS, which can accommodate virtually any protocol, program, or type of traffic). That includes specific network ports, through which all HTTP traffic is usually routed.
Due to these factors, HTTP proxies are the more common of the two types, and usually, people refer to them when they talk about proxy use.
Also, SOCKS proxies operate at the so-called “lower level” than the HTTP proxy. However, that actually makes them more secure. Unlike a SOCKS server, an HTTP proxy server does understand and interpret the network traffic that passes between the client and downstream server, which means that the company that owns it could be logging users’ data.
Bandwidth limitations
To prevent abuse and maintain high service quality for all of our customers, the speed of HTTP proxies is limited to ~100 Mbps. SOCKS5 proxies and our proxy extension connections are not limited in any way, and the speed will solely depend on the server’s capacity.
What is an IP address?
An IP address stands for an Internet Protocol address and serves as a personal identifier for your computing device. Your Internet Service Provider (ISP) assigns a unique IP address to identify your device or network among all the others connected to the internet.
Thanks to IP addresses, data can successfully reach its destination on the web — similarly to your home address, which allows a letter carrier to deliver your mail. To put it simply, IP addresses are necessary for sending and receiving data on the internet: when connected devices talk to each other, they address themselves by IP address.
An IP address is a numeric label. The way it is composed depends on the Internet Protocol version. Currently, most ISPs use IPv4 to assign IP addresses to their clients. IPv4 addresses are based on 32 binary bits and consist of four numbers, varying from 0 to 255 and separated by dots, for example, 13.155.0.232.
With the growing demand for IP addresses, there’s a risk that we’ll run out of possible unique identifiers. For this reason, the IPv6 was introduced to expand numeric labeling options.
IPv6 addressing is based on 128 binary bits. An IPv6 address consists of 8 segments separated by colons instead of dots, for example, fr28:3ffe:0000:0000:0000:0000:4587:9312. Number groups containing only 0 are often omitted to save space. Instead, a double colon is used to indicate the gap so that it is fr28:3ffe::4587:9312.
Thanks to IP addresses, data can successfully reach its destination on the web — similarly to your home address, which allows a letter carrier to deliver your mail. To put it simply, IP addresses are necessary for sending and receiving data on the internet: when connected devices talk to each other, they address themselves by IP address.
What does an IP address look like?
An IP address is a numeric label. The way it is composed depends on the Internet Protocol version. Currently, most ISPs use IPv4 to assign IP addresses to their clients. IPv4 addresses are based on 32 binary bits and consist of four numbers, varying from 0 to 255 and separated by dots, for example, 13.155.0.232.
With the growing demand for IP addresses, there’s a risk that we’ll run out of possible unique identifiers. For this reason, the IPv6 was introduced to expand numeric labeling options.
IPv6 addressing is based on 128 binary bits. An IPv6 address consists of 8 segments separated by colons instead of dots, for example, fr28:3ffe:0000:0000:0000:0000:4587:9312. Number groups containing only 0 are often omitted to save space. Instead, a double colon is used to indicate the gap so that it is fr28:3ffe::4587:9312.
What is a virtual private network?
A virtual private network (VPN) refers to a network solution that is used to encrypt internet traffic and hide your IP address and virtual location. It helps you stay secure and private when browsing.
Typically, when you enter an address of a website into the browser, your internet service provider (ISP) receives the request and redirects you to that website. As a result, the ISP can see everything you do online. What’s more, they can track your behavior and sometimes even sell your personal details to advertisers and other third parties.
Here’s when a VPN comes into play. It redirects your internet traffic through a remote VPN server, hiding your IP address and encrypting all of the information that is sent or received. With the VPN on, all the data you send and receive travels via an encrypted tunnel — no one can spy on your online activities.
How does it work?
Typically, when you enter an address of a website into the browser, your internet service provider (ISP) receives the request and redirects you to that website. As a result, the ISP can see everything you do online. What’s more, they can track your behavior and sometimes even sell your personal details to advertisers and other third parties.
Here’s when a VPN comes into play. It redirects your internet traffic through a remote VPN server, hiding your IP address and encrypting all of the information that is sent or received. With the VPN on, all the data you send and receive travels via an encrypted tunnel — no one can spy on your online activities.
What is a virtual private network?
A proxy server, or a “proxy,” is a device that acts as a gateway between a local network (e.g., all the computers at one company or in one building) and a larger-scale network such as the internet. When you try to access a website or any other resource available from various servers over the internet, your computer sends a request to the proxy server, which then processes the request and returns the result you were looking for. Proxies are used for a number of reasons, such as to filter web content, go around restrictions (for example, parental blocks, geo-restrictions), screen downloads and uploads, and provide privacy when surfing the internet. If you visit a website via a proxy server, the website will see a request from the proxy IP rather than your own, which hides your IP address and makes it difficult (but not impossible) to track you.
What is a VPN tunnel?
In a VPN tunnel, packets built in a specific VPN protocol format are encapsulated inside some other base or carrier protocol, then transmitted between a server and a user and de-encapsulated on the receiving side. For internet-based virtual private networks, packets in one of several VPN protocols are encapsulated within IP packets. VPN protocols also support encryption and authentication to keep the tunnels secure.
Types of protocols
ChefVPN uses OpenVPN, IKEv2/IPSec, and NordLynx protocols for its desktop and mobile applications and TLS v1.2 for its encrypted browser extensions.
OpenVPN is an open source software application that executes virtual private network (VPN) techniques for producing safe site-to-site or point-to-point connections in remote access facilities and bridged or routed configurations. OpenVPN uses a custom security protocol which utilizes TLS/SSL for key exchange. It is able to traverse firewalls and network address translators (NATs).
OpenVPN allows peers to authenticate each other using username and password, certificates, or a pre-shared secret key. When used in a multi-client server configuration, it allows the server to launch an authentication certificate for every user using certificate authority and signature. It uses the OpenSSL encryption library broadly as well as TLSv1.2/SSLv3 protocols and consists of many control and security features.
IKEv2 is a state-of-the-art protocol option, which combines speed with stability and security. A unique aspect of IKEv2 lies in its ability to hop between connections. For example, it can automatically jump from WiFi to a cell network without losing or dropping the secure VPN connection. When combined with Internet Protocol Security (IPsec), it significantly increases security and privacy of the user by employing very strong cryptographic algorithms and keys.
ChefVPN uses NGE (Next Generation Encryption) in IKEv2/IPsec. The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys. IPsec then secures the tunnel between the client and server using the strong AES256.
Wireguard® (a registered trademark of Jason A. Donenfeld) is an incredibly fast VPN protocol, which uses state-of-the-art cryptology. It’s lightweight, made of just 4000 lines of code, so it’s easy to debug and deploy.
However, Wireguard has a weakness — it can’t guarantee user privacy. That’s why we developed NordLynx on it’s backbone. NordLynx uses a double Network Address Translation system, which creates a secure VPN connection and does not store any identifiable data on the server. Available on Linux.
What is OpenVPN?
OpenVPN is an open source software application that executes virtual private network (VPN) techniques for producing safe site-to-site or point-to-point connections in remote access facilities and bridged or routed configurations. OpenVPN uses a custom security protocol which utilizes TLS/SSL for key exchange. It is able to traverse firewalls and network address translators (NATs).
OpenVPN allows peers to authenticate each other using username and password, certificates, or a pre-shared secret key. When used in a multi-client server configuration, it allows the server to launch an authentication certificate for every user using certificate authority and signature. It uses the OpenSSL encryption library broadly as well as TLSv1.2/SSLv3 protocols and consists of many control and security features.
What is IKEv2/IPSec?
IKEv2 is a state-of-the-art protocol option, which combines speed with stability and security. A unique aspect of IKEv2 lies in its ability to hop between connections. For example, it can automatically jump from WiFi to a cell network without losing or dropping the secure VPN connection. When combined with Internet Protocol Security (IPsec), it significantly increases security and privacy of the user by employing very strong cryptographic algorithms and keys.
ChefVPN uses NGE (Next Generation Encryption) in IKEv2/IPsec. The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys. IPsec then secures the tunnel between the client and server using the strong AES256.
What is NordLynx?
Wireguard® (a registered trademark of Jason A. Donenfeld) is an incredibly fast VPN protocol, which uses state-of-the-art cryptology. It’s lightweight, made of just 4000 lines of code, so it’s easy to debug and deploy.
However, Wireguard has a weakness — it can’t guarantee user privacy. That’s why we developed NordLynx on it’s backbone. NordLynx uses a double Network Address Translation system, which creates a secure VPN connection and does not store any identifiable data on the server. Available on Linux.
What encryption do you use to secure the connection?
For OpenVPN connection, we use the AES-256-GCM encryption algorithm with a 2048-bit DH key. IKEv2/IPSec ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys.
Should I choose the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP) when using OpenVPN?
UDP is mainly used for online streaming and downloading. TCP is more reliable but a little slower than UDP and usually used for web browsing.
How do I uninstall ChefVPN?
If you want to uninstall any of our applications, please refer to this tutorial here.
What ports should be open on firewall/router for it to work?
443 TCP and 1194 UDP ports should be open; also your firewall/router/ISP must allow pass-through for PPTP/VPN. Typically working: embedded Microsoft firewall in Windows, Linksys/D-Link/TP-Link/ASUS router manufactured after year 2007, ADSL broadband. Typically not-working: not-Microsoft firewall, Netgear/Trend router, all router-integrated ADSL modems. If you get error 619 with ADSL connection, please remove the home router and disable not-Microsoft firewall software.
How does a VPN work?
As soon as you connect to our VPN server, your device is assigned a new IP address and new DNS resolvers. All of your internet traffic is encrypted and tunneled to our VPN server. Once there, it is decrypted and allowed to travel to its intended destination. Your local ISP will only see a single encrypted data stream between you and our VPN server. Your ISP will not be able to monitor, log, restrict, or control your internet usage.