PureVPN Dedicated IP + Port Forwarding works over OpenVPN

Router
1

I notice GL.iNet’s page VPN Client setup page for PureVPN states:

”GL.iNet routers don't support the dedicated IP feature of PureVPN, because it needs PPTP”

That’s not true. PureVPN just don’t advertise it. It works over PPTP, L2TP, IKEV2/IPSEC and, relevant for GL.iNet routers:

IT WORKS over OpenVPN TCP / UDP as well. AND Port Forwarding works when you do this.

With the Dedicated IP + Port Forwarding package, you are given both the static IP AND a DNS address viewable by clicking “Subscriptions” in the left hand navigation pane on their site.

See attached image for what the Subscriptions page looks like. (I’ve redacted my details here in red).

Step 1) Click “Subscriptions” on the left. Make a note of the DNS address shown.
Step 2) Click “Manual Configuration” on the left.
Step 3) Choose a server, any server, it’s irrelevant and click the “Download” button.
Step 4) Choose “TCP” for OpenVPN TCP or “UDP” for OpenVPN UDP and click “Download” again.
Step 5) Edit the last line of the file

TCP files will have a last line that looks like this:
remote 149.11.59.77 80

UPD files will have a last line that looks like this:
remote 212.77.33.77 15021

All you do is swap out the IP (just the middle bit) with your personal DNS server address from step one. Ensure you leave the the word “remote” at the beginning and the port number at the end as they are.

TCP should look like this:
remote nl-xxxx-1.pointtoserver.com 80

UDP should look like this:
remote nl-xxxx-1.pointtoserver.com 15021

That’s it. Connect. You’ll now be using your dedicated IP. And yes, inbound port forwarding works on dedicated IPs as well. Just disconnect before opening any new ports on the the PureVPN site (Subscriptions page > Configure). Then reconnect the OpenVPN client.

For what it’s worth, PureVPN seem to have configure most of their OpenVPN server connection policies to “Client defined”. What I mean is that if you change your .ovpn file from the default configuration, say if you wanted to “disable compression”, the server allows it. Encryption can be changed too as can many other settings.

Finally, on performance… UDP is faster than TCP.

if you want a drop in block to increase the tunnel bandwidth by 3-5x, here it is:

PureVPN UDP .ovpn files typically begin:

client
verb 1
dev tun
auth-user-pass
persist-key
persist-tun
nobind
compress

-----BEGIN CERTIFICATE-----

swap it out with:

client
verb 3
dev tun
auth-user-pass
persist-key
persist-tun
nobind
pull-filter ignore "compress"
pull-filter ignore "comp-lzo"
allow-compression no
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
data-ciphers-fallback AES-256-GCM

-----BEGIN CERTIFICATE-----

I have a 5Gbps WAN. I was getting 40 Mbps with OpenVPN UDP .ovpn standard configuration.
Swapping that header block above now results in a consistent, stable 170 Mbps.

I use this setup for VPN cascading on my GL-AXT1800 which is configured as a WireGuard Server.
It doesn’t even break a sweat with the cascading VPNs.

Screenshot 2026-05-08 032753
Screenshot 2026-05-08 0327531148×957 55.2 KB

2

Hi

Thank you for the clarification and for sharing the detailed tutorial.

It’s possible that the availability of PureVPN dedicated IPs has changed.
We will ask our documentation team to review and update the documentation accordingly.

4

Happy to help. PureVPN still does not explicitly advertise Dedicated IP support over OpenVPN in a clear or dedicated setup guide. However, there is enough ambiguity / contradiction from PureVPN to suspect Dedicated IP users CAN use protocols other than PPTP/L2TP.

The contradictions :

  • PureVPN’s generic Linux/OpenVPN setup documentation

  • Their “Discontinuation of PPTP, L2TP and SSTP” announcement

  • Statements specifically mentioning Dedicated IP users being unaffected by discontinuation of ANY protocol.

Relevant PureVPN Statements

From PureVPN’s protocol discontinuation notice:

“Starting June 15th, 2021, PureVPN has discontinued offering support for PPTP, L2TP and SSTP protocols on the majority of VPN locations.”

They also state:

“PureVPN will support IKEv2, IPSec and OpenVPN (TCP & UDP) as primary protocols on all VPN locations.”

Then the Dedicated IP-specific statement:

“The discontinuation of PPTP, L2TP and SSTP protocols will have no impact on our Dedicated IP add-on users.”

And finally:

“Re-configure PureVPN on your device using IKEv2, IPSec or OpenVPN (UDP & TCP) protocols through the setup guides at the end of this article.”

This suggests that Dedicated IP users can continue using ALL protocols providing they use their Dedicated IP hostname as the remote server address, even though PureVPN never document how to do so.

It seems to me that the situation boils down to this:

PureVPN want Dedicated IP connections to use the official app (Windows/macOS/iOS/Android). For Linux, they tell users to use PPTP in lieu of an available package. And that's it. The usage of your Dedicated IP is permitted and enable on all protocols (except WireGuard).

They just don't want people using anything other than the app or PPTP. So they don't document it. Anywhere.

But looking back now, that Dedicated IP hostname on the PureVPN Subscriptions page has been staring me in the face for a year. I never questioned what it was..

Or perhaps I’m being too cynical and Dedicated IP users are just expected to know to modify normal PureVPN connection profiles to replace the remote server / endpoint with your Dedicated IP hostname. If so, here it is again:

Instead of:
remote 74.235.84.33

use:
remote YOUR-DEDICATEDIP-HOSTNAME

CONFIRMED TEST RESULTS

(Tested using Dedicated IP hostname as remote server)

Protocol Result Notes
PPTP :white_check_mark: Working
L2TP :white_check_mark: Working
OpenVPN TCP :white_check_mark: Working
OpenVPN UDP :white_check_mark: Working Best performance observed
IKEv2 :white_check_mark: Working
WireGuard :cross_mark: Not working PureVPN explicitly states WireGuard is unsupported for Dedicated IP users
SSTP :white_question_mark: Untested Likely works

Port Forwarding

Feature Result
Port Forwarding with Dedicated IP :white_check_mark: Working

Standard (Non-Dedicated IP) Profiles

Tested

Protocol Result Notes
OpenVPN TCP :white_check_mark: Working
OpenVPN UDP :white_check_mark: Working
PPTP :white_check_mark: Working Reduced server availability
L2TP :white_check_mark: Working Reduced server availability
WireGuard :white_check_mark: Working
Port Forwarding :white_check_mark: Working

Not Yet Tested

Protocol Expected
SSTP Should work (reduced server availability)
IKEv2 Should work on all locations

Reduced Legacy Protocol Server List

PureVPN still appears to support PPTP/L2TP/SSTP on a limited set of 6 legacy servers:

Country Server
Germany de1.pointtoserver.com
Netherlands nl1.pointtoserver.com
United Kingdom ukl1.pointtoserver.com
United States (Texas) ustx1.pointtoserver.com
United States (Washington DC) uswdc1.pointtoserver.com
Australia au-sd1.pointtoserver.com

Key Real-World Finding

Despite PureVPN documentation heavily implying Dedicated IP users should use PPTP, Dedicated IP connections should still function successfully over all protocols.

…all you have to do is use your Dedicated IP hostname for the server address.

But for GL.iNet users, SSTP, L2TP, IKEV, PPTP, IPSec etc are kind of irrelevant.

It’s OpenVPN we are interested in. And I can verify it DOES work - for both TCP and UDP.

As does Port Forwarding (the other half of the PureVPN Dedicated IP package)

WireGuard remains the only protocol explicitly confirmed by PureVPN as unsupported for Dedicated IP users, and my brief testing confirms this appears to be true.

I have a GL-AX1800, 2x GL-AXT1800, GL-MT1300, and multiple GL-300M units. I love ‘em.

1 Like