After connecting to a VPN, do not only check whether a website opens. A useful VPN check has three parts: your visible public IP should change, DNS requests should use the resolver you expect, and browser features should not reveal local network details. This is especially important with public OpenVPN configs because each third-party profile can handle DNS differently.
Connect to the downloaded .ovpn profile in your OpenVPN client, then open a visible IP check. The country and IP do not have to match the source perfectly, but they should be different from your normal connection if the VPN tunnel is active.
If the IP did not change, disconnect and inspect the client log. Common causes are authentication prompts, blocked UDP traffic, stale remote hosts or a profile that connects without routing default traffic.
A DNS leak happens when domain lookups leave the VPN path. On Windows, check adapter DNS settings or use ipconfig /all. On Linux, check NetworkManager, resolvectl status or your resolver configuration. On Android, use a DNS leak testing app or browser test after the VPN is connected.
Some OpenVPN configs push DNS servers, while others do not. If DNS still points to your ISP, office network or router, use a trusted resolver in the VPN client or operating system before relying on the connection.
Browsers can expose network information through WebRTC or extensions. If your browser shows local addresses or inconsistent IP results after connecting, disable WebRTC exposure, test in a clean browser profile and repeat the IP and DNS checks.
Public VPN endpoints are best treated as temporary routes for low-risk tasks. Avoid banking, private work sessions and identity-heavy accounts on unknown public servers even when the DNS checks look clean.