How do I know my VPN is really working?

Run four quick tests: check your IP at whatismyip.com, test DNS at dnsleaktest.com, check WebRTC at browserleaks.com/webrtc, and verify the kill switch by forcibly closing the VPN app and confirming your internet is blocked.

A DNS leak happens when your DNS queries bypass the VPN tunnel and go through your ISP's DNS servers. Your ISP can then see which sites you visit even though the rest of your traffic is encrypted.

Can WebRTC really reveal my real IP through a VPN?

Yes. WebRTC, used by browsers for video calls and peer-to-peer connections, can establish direct connections that bypass the VPN. Disable WebRTC in your browser or use a VPN that blocks WebRTC leaks.

How often should I test my VPN for leaks?

Test after every VPN app update, when switching networks, after a device reboot, and any time you connect to a new server. Leaks can appear unexpectedly after updates or configuration changes.

← All posts

December 15, 2025

How to Verify Your VPN Is Actually Working

TL;DR: A green "connected" indicator isn't proof your VPN is doing its job. In five minutes you can verify everything: check your IP at whatismyip.com, test for DNS leaks at dnsleaktest.com, check WebRTC at browserleaks.com/webrtc, and confirm your kill switch actually blocks traffic when the VPN drops.

You installed a VPN, hit "connect," and saw the green icon. But are your data really protected? Not always. IP address leaks, DNS leaks, and WebRTC leaks can expose your true location even with the VPN on. In this article, we'll show you how to run a complete VPN check in just a few minutes.

Check 1: IP address

The most basic test — confirm that your public IP address has changed. This is the first thing to verify after connecting to a VPN.

Step 1. Disconnect the VPN and visit whatismyip.com (or any similar site). Note your IP address and country.
Step 2. Connect the VPN and refresh the page.
Step 3. Your IP and country should change. If they match your real ones, the VPN isn't working.

Important: the IP should match the country of the VPN server you connected to. If you picked a server in Germany but your IP shows the Netherlands, the provider may be using virtual locations.

Check 2: DNS leak

Even if your IP has changed, your DNS queries may still go through your ISP. That means your provider sees the sites you visit, despite the VPN.

Step 1. Connect to the VPN.
Step 2. Visit dnsleaktest.com and click "Extended test."
Step 3. The result shows which DNS servers handle your queries. If any belong to your ISP (Comcast, AT&T, Verizon, BT, etc.), you have a DNS leak.

Normally, the result should show DNS servers from your VPN provider or neutral servers (such as Cloudflare or Google DNS) — not your ISP's servers.

Check 3: WebRTC leak

WebRTC is a browser technology used for video calls and real-time data transfer. It can expose your real IP address even with a VPN active, because WebRTC establishes direct connections that bypass the VPN tunnel.

Step 1. Connect to the VPN.
Step 2. Visit browserleaks.com/webrtc.
Step 3. If the page shows your real IP address alongside the VPN address, you have a WebRTC leak.

To fix WebRTC leaks, install a browser extension that disables WebRTC, or use the WebRTC protection in your VPN app if available.

Check 4: kill switch

The kill switch blocks the internet when the VPN connection drops. You can test it like this:

Step 1. Connect to the VPN and open an IP-check site.
Step 2. Forcibly drop the VPN connection (for example, kill the VPN app process through your task manager).
Step 3. Try refreshing the page. If the kill switch is working, the internet will be unreachable. If the page loads and shows your real IP, the kill switch didn't fire.

Check 5: speed

A speed test isn't a security check, but it's an important quality indicator. Visit speedtest.net and measure speed with and without the VPN. A loss of more than 40% is a sign you should consider changing servers or providers.

What to do if you find leaks

IP leak: make sure the VPN is actually connected. Try reconnecting or switching servers. If the problem persists, contact your VPN provider's support.
DNS leak: in your VPN app settings, enable "Use VPN DNS" or "DNS leak protection." If no such option exists, manually set DNS servers (such as 1.1.1.1 or 8.8.8.8) in your network connection settings.
WebRTC leak: install a WebRTC-disabling extension or use a browser that doesn't support the technology. In Firefox, you can disable WebRTC via about:config (the media.peerconnection.enabled parameter).
Kill switch not working: enable it in your VPN app settings. On Android, you can use the system-level "Always-on VPN" with "Block connections without VPN."

Test regularly

Don't stop at a one-time check. Test the VPN after every app update, when you switch networks (Wi-Fi to mobile data), after a device reboot, and when you connect to a new server. Leaks can appear unexpectedly.

LiMP VPN and leak protection

LiMP VPN includes built-in protection against every type of leak: DNS queries flow through our own servers, the kill switch is active by default, and the WireGuard protocol provides a reliable tunnel without WebRTC leaks. You can be confident your data is genuinely protected.

Conclusion

Turning on a VPN isn't enough. You need to verify that it actually works: your IP has changed, your DNS queries are protected, WebRTC doesn't expose your real address, and the kill switch is ready to act. Spend five minutes testing — and use the internet with real confidence in your security.

← All posts