diff --git a/internal/provider/custom/openvpnconf.go b/internal/provider/custom/openvpnconf.go
index 934996ac..5e97b9f4 100644
--- a/internal/provider/custom/openvpnconf.go
+++ b/internal/provider/custom/openvpnconf.go
@@ -76,6 +76,7 @@ func modifyConfig(lines []string, connection models.Connection,
 	modified = append(modified, "pull-filter ignore \"auth-token\"") // prevent auth failed loop
 	modified = append(modified, "auth-retry nointeract")
 	modified = append(modified, "suppress-timestamps")
+	modified = append(modified, "handshake-window 10") // default is 60 seconds which is too long
 	if *settings.User != "" {
 		modified = append(modified, "auth-user-pass "+openvpn.AuthConf)
 	}
diff --git a/internal/provider/custom/openvpnconf_test.go b/internal/provider/custom/openvpnconf_test.go
index ab8ef6bb..e8368624 100644
--- a/internal/provider/custom/openvpnconf_test.go
+++ b/internal/provider/custom/openvpnconf_test.go
@@ -62,6 +62,7 @@ func Test_modifyConfig(t *testing.T) {
 				"pull-filter ignore \"auth-token\"",
 				"auth-retry nointeract",
 				"suppress-timestamps",
+				"handshake-window 10",
 				"auth-user-pass /etc/openvpn/auth.conf",
 				"verb 0",
 				"data-ciphers-fallback cipher",
diff --git a/internal/provider/utils/openvpn.go b/internal/provider/utils/openvpn.go
index 35e16d24..66691df4 100644
--- a/internal/provider/utils/openvpn.go
+++ b/internal/provider/utils/openvpn.go
@@ -62,6 +62,7 @@ func OpenVPNConfig(provider OpenVPNProviderSettings,
 	lines.add("mute-replay-warnings")     // these are often ignored by some VPN providers
 	lines.add("auth-retry", "nointeract") // retry authenticating without interaction
 	lines.add("suppress-timestamps")      // do not log timestamps, the Gluetun logger takes care of it
+	lines.add("handshake-window", "10")   // default is 60 seconds which is too long
 	lines.add("dev", settings.Interface)
 	lines.add("verb", fmt.Sprint(*settings.Verbosity))
 	lines.add("proto", connection.Protocol)