NordVPN’s Double VPN is an advanced security feature that routes your traffic through two VPN servers instead of one, encrypting your data and changing your IP address twice.
Using NordVPN Double VPN, you win in privacy and security, but you lose in speed and performance.
The feature is made for specific purposes, like when you connect to an untrusted network.
It’s of vital importance for people needing high privacy standards, like journalists.
But it’s not a feature you should use all the time.
I researched for hours, parsed community forums, tested on my devices, and shared my experiences to list everything you need to know in this article.
Few VPN providers offer this feature.
NordVPN is one of them, and it offers a double VPN even in its standard package.
Jump directly to NordVPN Double VPN Set-Up or Troubleshooting to start using it now!
NordVPN Regular Servers vs. Double VPN
NordVPN’s regular servers encrypt your traffic sent to and received from the internet.
No one but you can decipher it; the information is protected.
The data goes through an intermediary server in a location of your choice.
The target receiving your request sees the IP address of the VPN server you choose.
However, with NordVPN’s double VPN, you’re using two VPN servers, and the data receives a second layer of encryption.
Step by step:
- NordVPN app encrypts your traffic and sends it to VPN Server 1.
- Server 1 encrypts your traffic again.
- VPN Server 1 sends the traffic encrypted twice to VPN Server 2 with the source IP of Server 1.
- VPN Server 2 decrypts your traffic and sends it to the destination with the source IP of Server 2.
For incoming traffic, VPN Server 2 encrypts while VPN Server 1 and your VPN app decrypt.
Let’s analyze the PROS and CONS of using NordVPN’s double VPN feature compared to a regular server.
PROS
Using NordVPN double VPN enhances your security and privacy.
Let’s see why.
- Data is encrypted twice.
Isn’t one round of encryption enough?
Yes, it is.
The time for brute-forcing data encrypted with AES-256 makes an attack on it unfeasible.
The AES encryption algorithm has also shown through the years to be resistant to cryptanalysis.
But what would happen if the encryption key is compromised?
All your data would be retrieved if using a regular server.
With NordVPN’s double VPN, if one layer is uncovered, the data is still protected by the other encryption layer.
- No server has your source and destination IP at the same time.
That means you would still conserve your anonymity compared to using a single server, even if…
- One server is compromised
- Your adversary is big enough to perform a traffic correlation attack
What is a traffic correlation attack?
Let’s say you’re sending data encrypted to your VPN server’s IP.
An attacker trying to sniff your traffic could analyze which IP you’re connecting to and at what time.
The attacker could also analyze times and packets going out from your server’s IP.
If the attacker has access to all this information, it could correlate times and packet’s IPs to infer where your traffic is going.
Who could be an attacker with access to this amount of data?
For example, a nation-state.
Using NordVPN’s double VPN, your data goes through another server.
Thereby this attack becomes a lot harder to perform.
- You can mix protocols.
In each encryption layer, you can use a different protocol, like TCP and UDP.
That would make your traffic even more difficult to track.
CONS
- Hit on performance. Your device will be computing more encryption and decryption, which will make it run slower. In the case of a smartphone, you will experience sharper battery drainage
- Slower internet. More operations are performed on the way to your website. The data will be covering extra distance
- Less choice of servers/countries.
- This setup doesn’t work with Onion/TOR.
Testing Speed Performance of NordVPN Double VPN vs. Regular Servers
I performed a test on a low internet speed connection.
First, I measured download and upload speeds without using a VPN.
Then, using NordVPN without the double VPN feature enabled..
Finally, using the NordVPN Double VPN feature.
The download speed went down by over half.
When You May Use NordVPN Double VPN?
This brief video explains some key concepts about the double VPN technology and when it’s recommended.
You should use NordVPN double VPN if you are:
- Connecting to a public or non trusted network
- A journalist needing to protect your source
- An activist
- Working with sensitive information
- In need of circumventing censorship
- Concerned about correlation attacks
- Concerned about a VPN server being compromised
But even if you’re worried about the security or privacy of your information, using NordVPN double VPN shouldn’t be your first thought.
There are higher priorities you should take care of first.
For example:
- Use AntiVirus and Malware protection.
- Check if your DNS requests are leaking. You can do it here.
- Use an Ad Blocker. CyberSec is NordVPN’s feature for that.
- Check your VPN provider has a kill switch. NordVPN has it on by default.
- Learn the best security practices.
- Implement Multi-factor Authentication in your accounts.
- Use a password manager.
When Is a NordVPN Regular Server Enough?
A regular NordVPN server is enough for everyday use.
In particular, don’t use NordVPN double VPN if:
- Your internet is slow
- You’re gaming
- You’re streaming 4k or more
- You’re torrenting
- You’re performing other high load applications
Why NordVPN Provides a Great Double VPN Feature
NordVPN is a reliable VPN provider with a long history in the market.
In particular, its Double VPN feature is very convenient for the following reasons:
NordVPN Includes the Double VPN Feature in Its Standard Package
With NordVPN, you can have the double VPN feature just by signing up.
Not all VPN services provide the double VPN feature.
Other providers don’t offer it in their standard service but in package upgrades, with a higher cost.
NordVPN’s Double VPN Encrypts Your Data Twice
Some VPN providers don’t do it.
Instead, they apply a single layer of encryption.
That layer is removed once it reaches the first VPN server.
Then, another encryption is applied before sending it to the second server.
This method only offers a single layer of encryption for the data in transit.
As a result, your traffic still wins in privacy, but it’s even less secure than using NordVPN’s regular servers.
Why?
With a double VPN that doesn’t perform double encryption:
(+) You still have two IP addresses, which makes tracking more difficult
(-) Both servers can see decrypted traffic
(-) If any server is compromised, your data is uncovered
(-) If any encryption key gets compromised, your data is uncovered
NordVPN Double VPN Offers Servers in 8 Countries
It’s crucial to use servers located in different countries.
A resourceful actor threatening your privacy may have control over the communication infrastructure of a country or a geographical region.
If the servers you’re using for the double VPN feature fall in this area, the attackers could:
- Perform a traffic correlation attack
- Ask the country law enforcement agency to break into your private data
Using servers in distant geographical regions would make these attacks more difficult.
All Regular NordVPN Servers Are RAM-Based Since 2020
These types of servers store the information in the volatile memory (RAM).
Thereby, it’s erased every time the server is rebooted.
The servers are rebooted periodically; no logs are saved.
NordVPN Has a Strict and Proven Zero-Logs Policy That Includes Its Leased Servers
NordVPN has been audited several times by third parties.
You can read here an interesting discussion about the topic.
The claim of no-logging is a major selling point for VPN providers.
But that shouldn’t only be a claim.
It should be verified by an external auditor that hasn’t any incentive.
A no-log policy confirmed by an independent auditor is a great indicator for users that the audited VPN provider is trustworthy.
Two of the most reliable auditors are Cure53 and PricewaterhouseCoopers.
NordVPN recently passed a security audit confirming its no-logs policy.
As an example of the importance of contracting a VPN service that doesn’t store your logs, we have the recent case of DoubleVPN Company.
One month ago, an international law enforcement operation took down their service and seized all the stored customers’ private information.
NordVPN Company Is Registered in Panama, a Country Out of the 14-Eyes Alliance
If you don’t know what the 14-eyes alliance is, read our guide here.
If a VPN provider is in one of these countries, there is a high probability it’s contributing to this personal data sharing.
Even if the VPN company isn’t collaborating, it could be forced by law to disclose information when needed or just surveilled.
That could be less likely to happen with NordVPN, as it is based out of the 14-eyes zone.
As a result, using NordVPN’s double VPN provides a reliable improvement in your security and privacy.
NordVPN Double VPN Works With TCP and UDP protocols
Don’t try using it with Nordlynx!
NordVPN Double VPN Is Available for Windows, Linux, Android, macOS, and iOS
Several user forums and even NordVPN’s website were not clear about the possibility of using Double VPN on iOS.
However, NordVPN’s customer support confirmed to me it’s currently available.
NordVPN Double VPN Set-Up
Here’s how you can use the NordVPN Double VPN feature:
- Open the NordVPN app.
- Go to Specialty servers.
- Tap Double VPN and connect. You can also choose the servers/countries you prefer manually.
This video resumes very didactically how double VPN works and how to set it up.
Troubleshooting
NordVPN Double VPN can experience problems if, for example, you have a slow internet connection.
Here you have a list of common issues and possible workarounds to achieve proper functioning.
Double VPN Option Not Showing
Not all protocols support this feature.
Double VPN relies on OpenVPN, which can be configured using TCP or UDP protocols.
On macOS, the NordVPN app connects with IKEv2 by default.
On Windows, it connects automatically with the NordLynx protocol.
If you can’t see Double VPN on your device, try switching to OpenVPN TCP or UDP protocols.
How can you do that?
- Access the settings area of NordVPN.
- Go to the Auto-connect section.
- Set VPN protocol to OpenVPN (UDP or TCP).
- Return to the main window. Now you should see the Double VPN option.
Double VPN Not Connecting
There can be many reasons for this, from your internet speed to a misconfiguration.
Try the following workarounds in the given order:
- Connect to the nearest/fastest VPN server.
- Go to Double VPN options as shown in the image.
- Set Country and Server to Fastest. Click Connect.
Now you are connecting to the fastest server.
Thereby, if the internet speed was the problem, this may solve it.
- Change the VPN protocol.
Follow the instructions in the previous section.
- Update NordVPN to the latest version.
After that, restart your VPN app and try to connect to the double VPN again.
- Use a custom DNS server.
NordVPN routes the traffic through its DNS servers to ensure no data is leaked.
But this can slow your connection.
Try setting up a custom DNS resolver with the following steps.
We will be using the Google Public DNS resolver, but you can use any other you prefer.
- Go to Settings on your NordVPN app.
- Select the Advanced section.
- Click Set a DNS server address.
- Replace 0.0.0.0 with 8.8.8.8.
- Do it again to add another DNS server address. Now input 8.8.4.4.
- Set Custom DNS to On and return to the main window.
- Try to connect the Double VPN again.
- Reinstall NordVPN app.
Sometimes a new clean install can help solve misconfiguration issues.
- Is your internet connection too slow? Try to improve it!
Double VPN won’t work if your internet connection hasn’t a minimum speed.
Your bandwidth needs to be enough for the extra distance and operations.
Here are some ideas for making your internet connection faster:
- Run an internet speed test here. Compare the results with your ISP internet plan. That will tell you if the problem is the internet connection or your device.
- Reboot your router.
- Move your device closer to the router.
- Switch to a wired Ethernet connection.
DNS Leak
Some users reported experiencing DNS leaks when using the NordVPN Double VPN feature on Linux.
According to NordVPN customer support, this can be solved by disabling IPv6 and modifying the DNS nameserver.
You can follow the detailed instructions given here.
Other Issues
Is NordVPN Double VPN the Same as Multi-Hopping?
NordVPN double VPN is a type of multi-hopping, also named Double Hop or Double Tunnel.
Multi-hop VPNs can be classified into 2 types:
- Cascade
- Nested chain
A cascade configuration uses one VPN service and two or more VPN servers.
At every hop, your IP is changed, and your data is encrypted/decrypted.
In a nested chain setup, two or more VPN services are used; each running on top of the other.
That is also named VPN over VPN.
Compared to NordVPN’s double VPN, a VPN over VPN offers stronger protection against a compromised server or VPN service.
However, a VPN over VPN needs to be set up manually.
That isn’t always easy.
Another drawback is that contracting two or more VPN service providers will have a higher cost.
NordVPN double VPN is simpler to set up and has less cost.
Is NordVPN Double VPN Better For Privacy than Onion Over VPN?
No, onion over VPN has better privacy properties because your traffic goes through 3 hops/servers at least.
NordVPN also provides this feature.
Check this article for more information.
As a counterpart, when using NordVPN double VPN, you will experience a faster internet connection.
What’s Next?
NordVPN provides one of the best double VPNs in the market, considering price and reliability.
Check here before creating your NordVPN account for convenient Coupons and Discounts.