Jump to content
Not connected, Your IP: 3.237.51.235
Jack of Hearts

Just did DNS Leak Check: I am leaking badly

Recommended Posts

Hi! I've seen the posts on the forum about DNS leaks, but I'm wondering if someone can walk me through a dumbed-down version of how to prevent these.

 

I just went to this site: https://www.dnsleaktest.com

 

Closed my eyes, pressed the "Check For DNS Leaks Now!" button, and low and behold:

 

I not only saw my Air VPN server (Netherlands), but THREE of my ISP's servers. Three.

 

This is a little creepy.

 

This same site has a download it says will fix the leaks. https://www.dnsleaktest.com/how-to-fix-a-dns-leak.php ... its an exe file that says it runs three scripts when you launch OpenVPN.

 

I dowloaded the exe., ran it, then tried AirVPN again. Still three of my ISPs servers showed up on the test. I'm leaking like a sieve.

 

Can you walk me through fixing these leaks manually on Windows 7? I was really suprised to see this.

 

 

Share this post


Link to post

Hi Hash: I followed the staff's link to this forum post https://airvpn.org/t...e-cons/?p=11501

 

Is this the one you tried?

 

I saved that code as a bat file and ran it after I launched Air and connected to a server. When I did the leak test I saw even more of my ISP's servers (up to 5 of them on one test.)

 

I'm doing something wrong (probably everything). You said "you need to select the correct folder." What do you mean by that?

 

I have the 32-bit client. Right now I have the bat folder I made saved in My Documents. I know that's the wrong place but I don't know where to put it.

 

Sorry. I am clueless.

Share this post


Link to post

And to clarify (in case this might help):

 

The batch file recommended in the first link https://airvpn.org/t...e-cons/?p=11501

 

 ... assumes your computer is using Local Area Connection.

 

When I'm not using AirVPN, my laptop uses "Wireless Network Connection". But when I'm using air, I see that my laptop is using that same "Wireless Netowork Connection" plus "Local Area Connection 2"

 

So I changed the code in that link to "Local Area Connection 2", saved it as a batch file in My Documents, launched Air, connected to one of the servers, then ran the batch file as Admin.

 

When I went to DNS Leak Test, I found even more of my ISP's servers than before (5 of them now instead of 3).

 

Not sure what I'm doing wrong.

 

Any help would be appreciated. I'm sure I'm making this more difficult than it has to be,

Share this post


Link to post

Hello,

 

the basic concept is that you need to change the DNS servers IP addresses of your physical network card.

 

Kind regards

Share this post


Link to post

Hi Hash: I followed the staff's link to this forum post https://airvpn.org/t...e-cons/?p=11501

 

Is this the one you tried?

 

I am saying that the fix from the link you posted does work. On install you need to select the directory with your .ovpn files. Program Files or Program Files (x86) > OpenVPN > config. This is the easiest way to fix DNS leaks on Windows 7.

 

https://www.dnsleaktest.com/how-to-fix-a-dns-leak.php

Share this post


Link to post

I appreciate both of you trying to help, and your patience.

 

I downloaded and installed that "dnsfix" program from their website, launched it, and its wizard installed all the appropriate files into my OPENVPN > config folder.

 

There was a .bat file in that config folder that said "run me once," so I ran it. I have OpenVPN GUI running, I clicked in my Windows list an item that said "Generate a Static Open VPN Key." Then I launched Air, chose a server, went to the DNS Leak website, and It still detects 4 servers: the one I chose for Air and three that belong to my ISP.

 

I'm not trying to frustrate you, I promise. But it's simply not working. I am still connecting to 3 servers that belong to my ISP. I understand the concept of trying to stop the DNS leaks, or make those servers "static".

 

I also tried the links that Staff gave me to the code shared on these forums. I changed those codes into batch files and ran them at the appropriate times. With these, I get even more servers belonging to my ISP (4 or 5).

 

In task manager my Air connection uses Local Area Connection 2, but my Wireless Connection 1 is still registering activity. This computer also has dormant IPV6 servers on it. I don't know if this matters or not.

 

Can you purchase software for this issue? I'm willing to do that if I have to.

 

Thank you again. I really am doing everything I can.

Share this post


Link to post

Eureka? I think I have found my problem.

 

Before you give up on me, can I ask you (anyone) where the .ovpn files are located?

 

I just created a batch file of Omniferum's code from the forum, saved it in my Open VPN folder, ran it, and it said it could not run because it "could not find the .ovpn files required"

 

I've looked everywhere, even did a search, and I cannot find any .ovpn files on my computer.

 

I believe this is my problem.

Share this post


Link to post

Here's the quick way to fix it.

 

Create a text file and save it in your AirVPN/OpenVPN directory (or anywhere really, it's just for reference).

 

Paste this:

 

 

ipconfig /flushdns
netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 both
netsh interface IPv4 set dnsserver "Wireless Network Connection" dhcp

netsh interface IPv4 set dnsserver "Local Area Connection" static 0.0.0.0 both
netsh interface IPv4 set dnsserver "Local Area Connection" dhcp

 

 

After connecting to AirVPN, open command prompt in admin mode, and from your text file first paste:

ipconfig /flushdns

and then

netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 both

 

If you're on a wired line, replace "Wireless Network Connection" with "Local Area Connection".

 

Done.

 

Check for leaks (there shouldn't be) and that's it.

 

You have to do this each and every time you connect to the VPN so it is a bit tedious.

You may also need to go back to DHCP mode after you disconnect and want to re-connect to the VPN later.  You can do that by pasting netsh interface IPv4 set dnsserver "Wireless Network Connection" dhcp 

 

 

Above is what I do on Win7 each and every time I use Air.  It works perfect for me and both dnsleaktest and IPcheck.net show no leaks.

Share this post


Link to post

There is no need to touch that "run me once" file. The .ovpn files are what you download from AirVPN and should be placed in your OpenVPN/config folder.

Try this. Open your Network and Sharing Center. Click Change adapter settings. Right click your Wireless Network Connection and open Properties. Go to Internet Protocol Version 4 and click Properties. In the General tab click the "Use the following DNS server addresses" and enter the values at the top of this page for Preferred and Alternate DNS server.

http://www.privacyfoundation.ch/de/service/server.html

Now if your DNS leaks it will show the Swiss Privacy Foundation.

There is also German Privacy Foundation if you prefer, but only one of their servers is currently active.

http://www.privacyfoundation.de/service/serveruebersicht/

Share this post


Link to post

Thank you Aaron! I will try that.

 

Hashtag: Thanks for the advice as well. I'll use that as a last resort.

 

Can I ask you this, please, if you don't mind?

 

In your OpenVPN config folder, what is there besides a READ ME file? You said the .ovpn files are in there, but I have nothing. Only READ ME.

 

I really think that's what's wrong and why I can't get these batch files to work. I've downloaded the 32-bit version three times now, and my config folder remains empty (READ ME). There are no .ovpn files on my computer at all. Was I supposed to download them separately?

Share this post


Link to post

In your OpenVPN config folder, what is there besides a READ ME file? You said the .ovpn files are in there, but I have nothing. Only READ ME.

 

I really think that's what's wrong and why I can't get these batch files to work. I've downloaded the 32-bit version three times now, and my config folder remains empty (READ ME). There are no .ovpn files on my computer at all. Was I supposed to download them separately?

Once you have the OpenVPN GUI installed, you need to generate your .ovpn (config.) files using the Config Generator located in- Client Area > Config Generator

 

"Access without client"

 

NOTE: OpenVPN GUI will hiccup if there are more than 50 .ovpn files in the \config directory.

This happened to me when I selected Single Servers in step 2 of the Config. Generator.

i.e. 17 Single Servers and 3 ports = 51 .ovpn files.

I prefer using the Single Servers because they use IP addresses (not FQDN) for reasons beyond the scope of this thread.

Share this post


Link to post

 

 

Be careful with this one. If you use this in conjunction with the Run Connect/Disconnect/Pre-connect Scripts to circumvent the Windows OS DNS leaks; it’s possible that a disconnect script could add the route back to your adapter if it resets your adapter back to DHCP.

 

EDIT: If using DNS Batch Fix from dnsleaktest.com Better off using the netsh cmd mentioned by Staff (above):

 

https://airvpn.org/topic/9787-the-pros-and-the-cons/?p=11501

Share this post


Link to post

 

In your OpenVPN config folder, what is there besides a READ ME file? You said the .ovpn files are in there, but I have nothing. Only READ ME.

 

I really think that's what's wrong and why I can't get these batch files to work. I've downloaded the 32-bit version three times now, and my config folder remains empty (READ ME). There are no .ovpn files on my computer at all. Was I supposed to download them separately?

Once you have the OpenVPN GUI installed, you need to generate your .ovpn (config.) files using the Config Generator located in- Client Area > Config Generator

 

"Access without client"

 

NOTE: OpenVPN GUI will hiccup if there are more than 50 .ovpn files in the \config directory.

This happened to me when I selected Single Servers in step 2 of the Config. Generator.

i.e. 17 Single Servers and 3 ports = 51 .ovpn files.

I prefer using the Single Servers because they use IP addresses (not FQDN) for reasons beyond the scope of this thread.

Amnesty: Thank you! Your reply is the first one that's gotten me closer to stopping these leaks. Nothing else recommended here has worked.

 

PLEASE, can you answer these questions for me about the link you provided? I'm not a computer programmer, and when I'm done with all this I'm going to write instructions for HUMAN BEINGS who use this service.

 

1) The Config Generator link you sent says it's for people who "can't or don't want to use our client."  Does "client" mean the Air software (blue icon)? If so, does that mean if I follow these instructions, I will no longer connect by launching the Air VPN software? Instead, I will connect to these servers through the OpenVPN software (orange icon)? OR ... will I connect using the OpenVPN GUI software now sitting on my desktop? It must be one of the three, right?

 

2) Choosing servers is easy. But at the bottom of the page you linked, in Step 3, it wants PROXY information, like Type, Host, Port, Authentication, etc. Any idea what to put there?

 

3) I have not done any of this yet. But when I do, where do I save the information? Or do I save it at all? Will I be prompted to put it in the proper folder so these leak-stopping batch files provided on this forum can finally find my .opvn files?

 

Thank you so much! This has been frustrating for me. I WILL make a "Tutorial For Humans" when I get this resolved.

Share this post


Link to post

...

Thank you so much! This has been frustrating for me. I WILL make a "Tutorial For Humans" when I get this resolved.

 

Promise? This is not as easy at it might seem. If you do promise, then perhaps this thread can become your rough draft. I am being serious.

 

You can use the AirVPN client program and still achieve your goals.

 

You also do not have to worry about configuring a firewall.

 

You will just set up a couple of Windows command scripts, which are files ending with "bat". One you need to run after you start the VPN and before you start your torrent clients. The other you run after you have stopped your torrent clients and the VPN. That way you do not have to worry about generating and installing OpenVPN configuration files.

 

But if you do want to try using the client program that comes with OpenVPN rather than the one that AirVPN provides, there is documentation on doing this elsewhere on this site (amnesty pointed you at it). Or you may find the first section of this guide helpful:

 

https://airvpn.org/topic/9549-traffic-splitting-guide-to-setting-up-vpn-only-for-torrenting-on-windows-thanks-to-nadre/

 

But just look at the first part! About installing and setting up the client. And in fact, you will not need to install the client, since (I believe) that is done for you when you set up the AirVPN client. But again, you do not need to do this.

 

I have added a bit more information to the post that staff pointed you too above, based on the issues you appear to be having with this. But I want to keep it fairly short since others have complained about the guide above being so long.

 

What version of Windows are you using?

 

Maybe we need to establish what level of Windows knowledge you are starting from.

 

Do you know how to open a "Command Prompt" window? Do you know how to open an "Administrator Command Prompt" window? Do you know how to create and edit a ".bat" script file? Would an explanation of this be the place to start?

Share this post


Link to post

Hi NaDre:

 

I'm just looking for the simplest solution because my tech skills are minimal. I don't mind running some command prompts before and after I use Air. It's worth it.

 

I started out creating a few different .bat files from the posts here, and have them saved. I believe I was running them as Admin. I right-click on the .bat file icon and run it as Admin. (Windows 7). They ran, but did not work. One told me I had no .ovpn files, so it would not work. Maybe I should give up on that approach. The .bat files are convenient, but maybe I should just do it manually.

 

So here's what I tried, according to a post above, because it seemed nice and simple:

 

Launch Air, connect to a server. Then in the command line type:

 

ipconfig /flushdns

 

then ...

 

netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 both

 

I get a rejection, saying that "Wireless Network Connection" does not exist. But it does. That's what my laptop uses to connect to my router. The connection that Air uses is "Local Area Connection 2" -- if that matters.

 

Thank you for responding.

Share this post


Link to post

...

I started out creating a few different .bat files from the posts here, and have them saved. I believe I was running them as Admin. I right-click on the .bat file icon and run it as Admin. (Windows 7). They ran, but did not work. One told me I had no .ovpn files, so it would not work. Maybe I should give up on that approach. The .bat files are convenient, but maybe I should just do it manually.

...

 

Yes. I would not take that approach in your position. That is concerned with setting up firewall rules. I think this is not appropriate for many people.

 

...

So here's what I tried, according to a post above, because it seemed nice and simple:

 

Launch Air, connect to a server. Then in the command line type:

 

ipconfig /flushdns

 

then ...

 

netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 both

 

I get a rejection, saying that "Wireless Network Connection" does not exist. But it does. That's what my laptop uses to connect to my router. The connection that Air uses is "Local Area Connection 2" -- if that matters.

...

 

Is this what you get when you run that command?

C:\Windows\system32>netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 bot

The configured DNS server is incorrect or does not exist.

If so, it is complaining that "0.0.0.0" is not the address of a DNS server (so far as Windows can tell). It is not saying that "Wireless Network Connection" does not exist.

 

Try displaying the DNS values after you do the that command as follows:

C:\Windows\system32>netsh interface IPv4 show dnsserver

...
Configuration for interface "Local Area Connection 2"
    DNS servers configured through DHCP:  10.4.0.1
    Register with which suffix:           Primary only
...
Configuration for interface "Wireless Network Connection"
    Statically Configured DNS Servers:    0.0.0.0
    Register with which suffix:           Both primary and connection-specific
...
Configuration for interface "Local Area Connection"
    DNS servers configured through DHCP:  192.168.1.254
                                          ??.???.???.?
    Register with which suffix:           Primary only
... 

Do you see "Wireless Network Connection" with a DNS server of 0.0.0.0 as above? If so, then the command did what you asked.

 

If so, try AirVPN's DNS leak test:

 

http://ipleak.net/

 

Note that in the post I wrote, to which staff linked in their first response, I do not recommend using 0.0.0.0. I have never tested that. Even if it seems to work, I wonder if it might not send the occasional DNS query off into the void, since 0.0.0.0 is indeed not a DNS server.

 

I suggest (as do AirVPN staff in numerous posts) using 10.4.0.1, or whatever it is that your VPN interface has its DNS server set to. So if using 0.0.0.0 does not get you the desired result, try 10.4.0.1 instead.

 

By the way, the reason that the commands in my post are slightly different than those above ("IP" instead of "IPv4" and "dns" instead of "dnsserver") is because the commands in my post will work with Windows XP, and on up (Vista, 7 and probably 8). I think a lot of people here are still using XP.

Share this post


Link to post

1) The Config Generator link you sent says it's for people who "can't or don't want to use our client."  Does "client" mean the Air software (blue icon)?

 

Yes “client” means the AirVPN client (software) Some users cannot use the client because their governments block it’s basic functionality. Others are using Linux, OS X, configuring routers or are using additional features of OpenVPN.

 

If so, does that mean if I follow these instructions, I will no longer connect by launching the Air VPN software? Instead, I will connect to these servers through the OpenVPN software (orange icon)?

 

Correct, you only need to run AirVPN client (software) or the OpenVPN GUI client (software). My Windows icon is not orange. I downloaded from:

http://openvpn.net/index.php/open-source/downloads.html

 

As NaDre mentioned, “You can use the AirVPN client program and still achieve your goals”.

 

OR ... will I connect using the OpenVPN GUI software now sitting on my desktop? It must be one of the three, right?

 

For Windows operating systems, you can use, AirVPN client or OpenVPN GUI.

 

2) Choosing servers is easy. But at the bottom of the page you linked, in Step 3, it wants PROXY information, like Type, Host, Port, Authentication, etc. Any idea what to put there?

 

Step 3 Connection Modes (ports, Proxy and Advanced) are to accommodate various connection issues and operating systems. You shouldn't need to select anything but a port(s) and should be fine with:

Direct, protocol UDP, port 443

Direct, protocol TCP, port 80

Direct, protocol UDP, port 53

If you experience problems with speed or cannot even connect, then we can try different ports.

 

Just a reminder, the Config Generator is for the OpenVPN GUI. It might not be a bad idea to select either AirVPN (client software) or OpenVPN GUI (client software).

 

NaDre has some wonderful documentation for Windows operating systems that can be applied to either the AirVPN client or OpenVPN GUI. If they are difficult to understand you can post your questions or contact me. I sent you a PM.

 

If you want the solution to be automated then you’ll need to use the OpenVPN GUI because it has the Preconnect/Connect/Disconnect Scripts feature built in.

 

You can use the AirVPN client by creating your own batch files (that need to be run with administrative privileges) and run them manually.

 

3) I have not done any of this yet. But when I do, where do I save the information?

 

If you generate configs (for OpenVPN GUI), you would download them. Select a compressed format from the, “download an archive by choosing a format:” section. Save the file anywhere you prefer. Extract the files and place them in the config directory (folder). In Windows, the default location would be %Program Files%\OpenVPN\config.

 

Or do I save it at all?

 

Yes, see answer to #3 above.

 

Will I be prompted to put it in the proper folder so these leak-stopping batch files provided on this forum can finally find my .opvn files?

 

You’ll manually place them in the OpenVPN GUI config directory (folder). Jeremy’s dnsfixsetup.exe app is using the Preconnect/Connect/Disconnect Scripts feature and is looking for the .ovpn files to fully automate it.

 

If you just want to prevent DNS leaks and have it automated, then OpenVPN GUI is a good solution.

It takes a bit more to configure the application at first but once you are familiar with the process it’s pretty straightforward and the process to prevent DNS leaks can be automated.

 

On occassion airvpn (provider) will make changes to servers. i.e. move and change IP or add new servers. These changes are pushed out when you login using the AirVPN client. You'll need to generate the configs. if you use OpenVPN. They will post any changes in News and Announcements

 

If you choose to use the solution provided by (Jeremy) dnsleaktest dot com (dnsfixsetup.exe), you will need to use OpenVPN GUI

 

Or you can (use AirVPN client or OpenVPN GUI) create your own batch files as discussed by NaDre in the first section of this post:

https://airvpn.org/topic/9787-the-pros-and-the-cons/?p=11501

 

I'd work with NaDre before trying the Jeremy's DNS Batch Fix. I recieved your PM. I can help offline.

 

Thank you so much! This has been frustrating for me. I WILL make a "Tutorial For Humans" when I get this resolved.

 

I feel for you and understand your frustration.

Share this post


Link to post

 

...

I started out creating a few different .bat files from the posts here, and have them saved. I believe I was running them as Admin. I right-click on the .bat file icon and run it as Admin. (Windows 7). They ran, but did not work. One told me I had no .ovpn files, so it would not work. Maybe I should give up on that approach. The .bat files are convenient, but maybe I should just do it manually.

...

 

Yes. I would not take that approach in your position. That is concerned with setting up firewall rules. I think this is not appropriate for many people.

 

>...

So here's what I tried, according to a post above, because it seemed nice and simple:

 

Launch Air, connect to a server. Then in the command line type:

 

ipconfig /flushdns

 

then ...

 

netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 both

 

I get a rejection, saying that "Wireless Network Connection" does not exist. But it does. That's what my laptop uses to connect to my router. The connection that Air uses is "Local Area Connection 2" -- if that matters.

...

 

Is this what you get when you run that command?

C:\Windows\system32>netsh interface IPv4 set dnsserver "Wireless Network Connection" static 0.0.0.0 bot

The configured DNS server is incorrect or does not exist.

If so, it is complaining that "0.0.0.0" is not the address of a DNS server (so far as Windows can tell). It is not saying that "Wireless Network Connection" does not exist.

 

Try displaying the DNS values after you do the that command as follows:

C:\Windows\system32>netsh interface IPv4 show dnsserver

...
Configuration for interface "Local Area Connection 2"
    DNS servers configured through DHCP:  10.4.0.1
    Register with which suffix:           Primary only
...
Configuration for interface "Wireless Network Connection"
    Statically Configured DNS Servers:    0.0.0.0
    Register with which suffix:           Both primary and connection-specific
...
Configuration for interface "Local Area Connection"
    DNS servers configured through DHCP:  192.168.1.254
                                          ??.???.???.?
    Register with which suffix:           Primary only
... 

Do you see "Wireless Network Connection" with a DNS server of 0.0.0.0 as above? If so, then the command did what you asked.

 

If so, try AirVPN's DNS leak test:

 

http://ipleak.net/

 

Note that in the post I wrote, to which staff linked in their first response, I do not recommend using 0.0.0.0. I have never tested that. Even if it seems to work, I wonder if it might not send the occasional DNS query off into the void, since 0.0.0.0 is indeed not a DNS server.

 

I suggest (as do AirVPN staff in numerous posts) using 10.4.0.1, or whatever it is that your VPN interface has its DNS server set to. So if using 0.0.0.0 does not get you the desired result, try 10.4.0.1 instead.

 

By the way, the reason that the commands in my post are slightly different than those above ("IP" instead of "IPv4" and "dns" instead of "dnsserver") is because the commands in my post will work with Windows XP, and on up (Vista, 7 and probably 8). I think a lot of people here are still using XP.

 

NaDre: This worked. It probably worked the first time I used it last week, but when I saw that "The configured DNS server is incorrect or does not exist" I gave up on it and never checked to see if it fixed the leak.

 

So I have commands to stop the leaks, then commands to restore my wireless connection to DHCP when I'm done. I'm satisfied with that.

 

Apologies to the forum that it took so long for me to wrap my head around this. I have abandoned my dream of writing a "For Dummies" post, realizing such a thing does not exist and I probably couldn't write it anyway.

 

Thanks to everyone for your patience, and willingness to explain this stuff to me. I have a much better understanding of how the software works now.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...