WebRTC Leak Test

Your browser can expose your real IP address through WebRTC, even when you are connected to a VPN. This free test checks whether that is happening right now. No data is sent anywhere. Everything runs inside your browser.

Get protected with vpn.now Download the app

Free, with unlimited data. No card needed.

Browser WebRTC leak test showing IP address exposure

Running WebRTC test in your browser...

How to read these results

Public IP
The IP address the server sees. Should be your VPN server's IP if you are connected to a VPN.
WebRTC IPs (srflx)
Public IPs found via WebRTC. A leak exists if any of these differ from your VPN IP and are not a local address.
Local IPs (host)
Your private LAN address (e.g. 192.168.1.x). These are normal and cannot identify you from the internet.

What is WebRTC and why does it expose your IP?

WebRTC (Web Real-Time Communication) is a built-in browser feature that lets web apps make direct audio, video, and data connections without a plugin. It powers the browser versions of Google Meet, Zoom, Discord, and many other real-time tools.

To set up a direct connection between two browsers, WebRTC needs to discover the best path between them. It uses a process called ICE (Interactive Connectivity Establishment) to find all available network interfaces on your device and share them with the other party through STUN (Session Traversal Utilities for NAT) servers.

The problem for VPN users is that this discovery process runs at the browser API level, not at the OS network level where your VPN tunnel operates. Your VPN routes all your HTTP and DNS traffic through the tunnel, but WebRTC can bypass that by directly querying STUN servers. The response reveals your real public IP, even when the VPN is connected.

Any website that includes WebRTC code, not only video conferencing tools but also some advertising networks and analytics scripts, can read these IP addresses using a few lines of JavaScript.

Read the full explanation in our article on WebRTC leaks explained.

What information a WebRTC leak exposes

Your real public IP address

The most significant leak. If WebRTC finds a public IP that differs from your VPN server's IP, websites can identify your real internet connection. This IP can be used to determine your ISP, your city, and your ASN. It can also be tied to your browsing history if the website or an advertising network is already tracking you by IP.

Your local network IP

WebRTC also reveals your internal LAN IP (typically 192.168.x.x or 10.x.x.x). These addresses are not routable on the public internet and cannot be used by an external site to find your location. However, your local IP can sometimes be used to help identify you across multiple sessions if the site combines it with other fingerprinting signals. Read more about browser fingerprinting.

IPv6 addresses

If your device has an IPv6 address, WebRTC can expose that too. Public IPv6 addresses are often more precisely tied to your ISP and location than IPv4 addresses, because IPv6 ranges are assigned in smaller blocks. If you see an IPv6 address in these results that you do not expect, run our IPv6 leak test for a dedicated check.

VPN bypass confirmation

A WebRTC leak tells a website that you are using a VPN, because the site can compare the IP your browser is connecting from with the IP WebRTC reveals. If they are different, the site knows you are on a VPN and can see both your VPN IP and your real IP. For users who want to keep their VPN use private, this is a significant issue.

Which browsers are affected by WebRTC leaks?

Chrome and Chromium-based browsers

Chrome, Edge, Opera, Brave, and Vivaldi all use the Chromium engine, which enables WebRTC by default. Chrome does not offer a built-in toggle to disable WebRTC. You need a browser extension (such as WebRTC Control or WebRTC Network Limiter) or a VPN client that handles it at the network level. Brave has built-in fingerprint protection that includes WebRTC controls.

Firefox

Firefox supports WebRTC and is vulnerable to leaks by default. However, it exposes a built-in toggle: go to about:config, search for media.peerconnection.enabled, and set it to false. This disables WebRTC entirely in Firefox. Note that this will break any site that requires WebRTC for audio or video calls.

Safari

Safari implements WebRTC with additional restrictions that prevent the most common IP leaks by design. Apple chose to limit which ICE candidates Safari exposes, so it typically does not leak your real IP through WebRTC. This is one area where Safari has a privacy advantage over Chrome-based browsers.

Mobile browsers

Mobile versions of Chrome and Firefox on Android are affected the same way as their desktop counterparts. Safari on iOS benefits from the same WebRTC restrictions as desktop Safari. For Android users, the fix is at the app level or by using a VPN client that handles WebRTC routing.

Secure your connection with vpn.now

vpn.now encrypts your traffic and hides your IP. Free for everyone, with unlimited data and no card required. Available on Windows, macOS, Linux, and Android.

Create a free account Download the app

How to fix a WebRTC leak

Chrome / Edge / Opera

Chrome has no native toggle. Options:

  • Install the WebRTC Control extension to enable or disable WebRTC per site.
  • Install WebRTC Network Limiter (official Google extension) to restrict which network interface WebRTC uses.
  • Switch to Brave, which blocks WebRTC leaks by default in its fingerprint protection mode.

Firefox

Native fix available:

  1. Type about:config in the address bar and press Enter.
  2. Accept the warning.
  3. Search for media.peerconnection.enabled.
  4. Double-click it to set the value to false.

This disables WebRTC entirely. Re-enable it if you need browser-based video calls.

VPN client settings

Some VPN clients have a built-in setting to block WebRTC at the network level. Check your VPN app for any option labeled "WebRTC leak prevention", "block WebRTC", or "privacy controls". If your VPN client handles this, it will work across all browsers without needing per-browser changes.

After enabling any fix, return here and run this test again to confirm.

Does using a VPN prevent WebRTC leaks?

Not automatically. This is one of the most common misunderstandings about VPNs and WebRTC.

A VPN works at the operating system's network level. It creates a tunnel that routes your IP traffic through a VPN server. Your browser's regular HTTP and DNS requests go through that tunnel, so websites see the VPN server's IP when you browse normally.

WebRTC, however, operates at the browser API level. When a website or browser app calls the WebRTC API, the browser reaches out directly to STUN servers to discover all available network paths. This request can go outside the VPN tunnel because the browser is operating below the tunnel's intercept layer. The result is that STUN responses reveal your real IP, and the website can read that through JavaScript.

A VPN can prevent this if the VPN client specifically blocks or routes WebRTC traffic, but not all do. Browser-level fixes are more reliable because they prevent the discovery process from starting at all.

For a complete picture of what your VPN covers and what it does not, read our guide to how VPNs work and our article on whether you can be tracked while using a VPN.

Test your VPN connection properly

WebRTC is one of several things to check when verifying a VPN is working. For a complete test, use our full VPN leak test, which checks your public IP, WebRTC, and IPv6 exposure at the same time. Our guide on testing your VPN connection explains what each check tells you.

Also run the test with your VPN connected and disconnected side by side so you can see exactly what changes.

Related tools and guides

Full VPN Leak Test

IP address, WebRTC, and IPv6 exposure in one combined test.

IPv6 Leak Test

Check whether IPv6 is bypassing your VPN tunnel.

IP Address Lookup

Full details on your current public IP, location, and ISP.

WebRTC Leaks Explained

The full technical background on how WebRTC leaks happen.

Browser Fingerprinting

How sites track you beyond IP addresses.

Testing Your VPN

A complete guide to checking whether your VPN is working.

Frequently asked questions

Does this test send my IP address to vpn.now?
No. The WebRTC test runs entirely inside your browser using the browser's own API. No IP addresses are transmitted to our servers. The only network request this page makes is to load itself. Your results are calculated locally and displayed only to you. See our transparency page for everything we do and do not collect.
Is it normal to see local IPs like 192.168.1.x?
Yes, completely normal. Private LAN addresses (192.168.x.x, 10.x.x.x, 172.16-31.x.x) are the IP your router assigns to your device on your home or office network. They are not routable on the public internet and cannot be used by external sites to identify your location or ISP. Seeing them in these results is expected on any connected device.
My VPN is connected but I see an unexpected IP. What does that mean?
It means WebRTC bypassed your VPN tunnel and exposed a real IP. Whether that IP is your home IP or the VPN IP depends on your setup. If the IP shown belongs to your home ISP rather than your VPN provider, that is a confirmed WebRTC leak. Apply one of the browser-level fixes above, then run this test again to confirm the leak is closed.
Can WebRTC leaks be used to identify me even if I use a VPN?
Yes. If a website collects the IP that WebRTC exposes and that IP is your real home IP, they have a way to identify your actual internet connection. Combined with other tracking signals, this can be used to associate your VPN-browsing identity with your real identity. This is why fixing WebRTC leaks matters even if you are confident in your VPN. Read our article on being tracked while using a VPN.
Does disabling WebRTC break anything?
It breaks sites that depend on WebRTC for audio and video calls, including the browser versions of Google Meet, Zoom, Discord, and Jitsi. If you regularly use these in your browser, a smarter option is a browser extension that lets you disable WebRTC per site rather than globally. Alternatively, use the desktop apps for those services instead of the browser versions.
How often should I run this test?
Run it once after applying any fix to confirm it worked. After that, run it again whenever you install a browser update, change your VPN app, or switch to a new device. Browser updates sometimes change WebRTC behavior. VPN app updates can change how traffic is routed. One quick test takes less than ten seconds and removes any uncertainty. Also see our full guide to testing your VPN connection.
I passed the test. Does that mean my VPN is working perfectly?
It means WebRTC is not leaking your real IP in this browser. That is one important piece of the picture. A complete check also includes confirming your public IP matches your VPN server, and that your IPv6 address is not leaking. Use our full VPN leak test to cover all three at once.

Protect your connection with vpn.now

vpn.now encrypts your traffic, hides your IP, and is completely free. No credit card. No data cap. Available on Windows, macOS, Linux, and Android.

Create a free account Download the app

Also see: full VPN leak test, IPv6 leak test, IP address lookup, what the free plan includes.