Why VPN Connections Cause TCP Timeout Errors in Chrome
When NordVPN or similar VPN clients are active on Windows 11, ERR_CONNECTION_TIMED_OUT errors in Chrome often occur because the VPN’s DNS servers (typically 103.86.96.x or 103.86.99.x) conflict with the ISP’s DNS, and Chrome’s DNS over HTTPS (DoH) setting overrides the VPN’s DNS, causing DNS resolution to occur through the ISP’s resolver while the VPN tunnels the connection to a different IP. This mismatch causes Chrome to connect to an IP address that the VPN is not routing, resulting in a TCP handshake timeout.
Additionally, NordVPN’s NordLynx protocol (WireGuard-based) uses a different MTU setting than the default Ethernet MTU of 1500. If the VPN sets an MTU of 1420 (to account for tunnel overhead), but the destination server’s path MTU is 1500, oversized packets may be silently dropped by intermediate routers, causing the TCP handshake SYN to never reach the server.
Resolving VPN-Induced TCP Timeouts
Switching NordVPN to OpenVPN Protocol
Open NordVPN → Settings → Connection → Auto-connect → Custom DNS. Disable Override DNS settings for this network. Then switch the protocol from NordLynx to OpenVPN UDP in Settings → Connection → Protocol. OpenVPN handles MTU discovery more gracefully than WireGuard and does not suffer from the same silent packet drop issues.
Configuring NordVPN to Use System DNS
In NordVPN settings, navigate to Custom DNS and disable the custom DNS feature entirely. This forces NordVPN to use Windows 11’s system DNS resolver, which is consistent with Chrome’s DoH settings, eliminating the DNS-IP mismatch that causes timeout errors.
Excluding Chrome from VPN Tunnel
Configure NordVPN’s split tunneling to exclude Chrome from the VPN tunnel. In NordVPN settings → Split tunneling, add C:Program FilesGoogleChromeApplicationchrome.exe to the excluded apps list. This routes Chrome traffic directly through the ISP without VPN encryption, eliminating VPN-induced MTU and DNS conflicts.
Call to Action
Use the webs.ninja gateway to test TCP handshake latency both with and without the VPN active. If the handshake succeeds without NordVPN but fails with it, the issue is VPN-induced — apply the protocol switch or split tunnel fixes above.