Checking connection...

Mullvad app beta

Beta versions have been tested internally, but bugs may still exist. Of course, that's where your valuable feedback comes in! If you encounter a problem, please let us know.

Stay up to date on the latest beta and stable releases — follow us on Twitter or subscribe to our blog's RSS feed or Atom feed for updates.

Warning! Installing this beta version will automatically uninstall other versions of this app, including stable, non-beta versions. If you are connected to another version during this installation, you will be automatically disconnected, leaving your internet traffic exposed until you connect with this newly-installed version.


The latest beta version is 2019.10-beta2 (released 5 December 2019)


MullvadVPN-2019.10-beta2.apk (signature file)


MullvadVPN-2019.10-beta2_x86_64.rpm (signature file)


MullvadVPN-2019.10-beta2_amd64.deb (signature file)


MullvadVPN-2019.10-beta2.exe (signature file)


MullvadVPN-2019.10-beta2.pkg (signature file)

For those unable to access our website, our GitHub page also hosts the app installer.

Install and launch app

If you are still using our old VPN client (which is now deprecated), make sure you first disconnect from and quit it to avoid any conflicts between the two versions.

  1. Double-click the downloaded file and follow the prompts to install the Mullvad VPN app.
  2. After launching the new app, enter your Mullvad account number and hit Enter or click the green login button to connect.
  3. If the app doesn't connect, please try restarting your computer. This usually fixes the problem.

Changes in the latest version


  • Add mullvad relay set tunnel-protocol subcommand to the CLI to specify what tunnel protocol to use.
  • Add mullvad reconnect subcommand to the CLI to make the app pick a new server and reconnect.


  • Full WireGuard support, GUI and CLI.
  • Install Wintun driver that provides the WireGuard TUN adapter.
  • Remove Mullvad TAP adapter on uninstall. Also remove the TAP driver if there are no other TAP adapters in the system.


  • Add connectivity status check. Stopping the app from sitting in a reconnect loop while the device is offline.


  • Notifications shown when connecting to a server include its location.
  • Upgrade OpenVPN from 2.4.7 to 2.4.8.
  • Upgrade OpenSSL from 1.1.1c to 1.1.1d.
  • When using WireGuard without specifying a specific relay port, port 53 will be used after 2 failed connection attempts for 2 out of 4 each successive connection attempts


  • Use a larger icon in notifications on Windows 10.
  • Only update DNS settings if updating would change the effective settings. This is a work-around to avoid invoking netsh unnecessarily and getting stuck in associated hangs.
  • Don't restart the service immediately if it aborts several times in a row. Leave a window of ten minutes to allow for addressing the issue.
  • Upgrade libsodium from 1.0.17 to 1.0.18.
  • Upgrade NDIS 6 TAP driver from 9.21.2 to 9.24.2.



  • Improve stability on Linux by using the routing netlink socket in its own thread.
  • When trying to use resolvconf for managing DNS, the daemon will check if dnsmasq is running and misconfigured.
  • Improve stability on Linux by simplifying route management code.


  • Detect removal of the OpenVPN TAP adapter on reconnection attempts.
  • Improve robustness in path environment variable logic in Windows installer. Handle the case where the registry value type is incorrectly set to be a regular string rather than an expandable string.
  • Fix suspend and resume issues with OpenVPN by upgrading the TAP driver.
  • Minor adjustment in online/offline detection logic. This change addresses misbehaving drivers that report the adapter flags incorrectly.


  • Don't try to fetch location when the app knows that it has no connectivity. This should reduce wake-ups (improving battery life) and also fix very large log files consuming storage space.
  • Fix crash when a new version event is received while the app is in the main screen.


  • Force OpenVPN to use TLS 1.2 or newer, and limit the TLS 1.3 ciphers to only the strongest ones. The Mullvad servers have never allowed any insecure ciphers, so this was not really a problem. Just one extra safety precaution.

A full list of updates and technical details about this beta release can also be found in our changelog on GitHub.

We'd love your feedback

If you encounter any issues, please let us know! We welcome your feedback: