Jump to content
Not connected, Your IP: 3.86.235.207
Staff

Three simultaneous connections per account allowed

Recommended Posts

Hello!

 

We're glad to inform you that from now on:

 

every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers

 

EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/
 

 

No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it.

 

No price increase has been planned for this new feature.

 

As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.

 

We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers.

 

Please do not hesitate to contact us for any further information.

 

Kind regards & datalove

AirVPN Staff

Share this post


Link to post

Thanks alot for this new feature.

I have checked it, and there are 2 questions :

 

 

1) There seems to be an issue with the Windows client, it is still showing the first connected IP when in fact the real connection is initiated to another server.

 

17710bcadc94db9b5e214e4dbacf7cd1.png

 

 

 

 

As you can see, I am connected to Zaurak but the client still shows Canopus. This is a really minor issue but it can probably cause some confusion especially among less technical customers.

 

 

 

 

 

2) I was opposing to the multiple connections in each topic that had been opened before, my point was that multiple connections will require additional logging on AIr's side.

After all, think if your privacy really worth those extra 54 Euros per year.

Right now, I see no other possible implementation of this, other than running some RADIUS server (FreeRADIUS/FreeSWAN etc) in order to monitor the max 3 connections policy.

 

Dear Staff, can you please clarify if the "No Logs" policy will still be enforced, and if yes, how? After all, there is much more operations that you have to correlate on your backend after this...

 

 

Thanks alot,

Zhang888


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Hello!

 

Thank you for your feedback.

 

1) Client, DDNS handling and port checks need an update. We are already working on it and a solution will come out very soon (a matter probably of days).

 

2) We don't use any RADIUS or other kind of software for authentication purposes.
There is no change about privacy and no additional monitoring.

Internal details:
- Each AirVPN server runs simply OpenVPN daemons
- When a new connection is received, after the cryptographic validations, the VPN server contacts indirectly a backend server to notify the connection. This updates a centralized 'active sessions' table in our db, data queried by our website pages for real time stats.
Previously, if our backend server already had a session from a user, it replied to OpenVPN server to reject the connection
Now, if our backend server already sees 3 sessions from the same user, it tells OpenVPN server to reject the connection.

Technically, there isn't any architectural change. It is a 'political' change.

 

Kind regards

Share this post


Link to post

Good Work ..  Thanx for the update...

 

Little  Question... How can i establish 3 connections ?

 

I am Win 8 & Air Client  User....

 

Greets

Dr.Dralle

Share this post


Link to post

Hello!

 

Thanks for the explaination, but what you described above describes exactly the use of RADIUS. I didn't mean RFC2865/6 in my question about RADIUS,

what I meant was an abstract common term for systems that monitor internet user subscriptions.

When you say that each server is connected to an "active sessions" DB in order to check the active sessions, for me it means logging. Such DB cannot exist without logging.

I understand that it's possible to build OpenVPN client<>server connections with no logs at all, but that means that the OpenVPN daemon will not query any "central DB".

There is some data that is inevitable for a VPN service to know, such as source IP and source port of the connecting client. But sessions about the active sessions,

and from each server etc, that's a thin border already between logging and non-logging.

After all, logging is a marketing terms and what it means in 99% that the policy is about not logging the actual traffic, assuming that everyone logs the connected client state (connected/not connected).

 

Can you please clarify this point?

 

Thanks,

Zhang888


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

I don't understand what they should clarify. They have a central database where they are storing the active sesstions. Thats it. In the past they already said that they have exactly this information.

 

Without this it would be harder for AirVPN to show the incomming IP in the Control Panel. Maybe some people don't like it but it transparently shows what they have: Your IP while you are connected.

 

I really appreciate it when someone question things and I don't want to anger you but I think everthing is already said about it.

Share this post


Link to post

@zhang888

 

You entered a logical flaw. In order to maintain a high privacy environment and a strong anonymity layer it is mandatory that we agree that logging is not a marketing term, but it means to keep a file to record past events so that they can be rebuilt in ANY arbitrary moment in the future.

 

If you extend the meaning of logging as you are doing, then the RAM image itself would mean "logging", or more generally any state at any given moment of any kind of a limited Turing machine would be a log. According to your definition every type of limited Turing machine logs and every state is a log (even if that state is destroyed in time) and the concepts of "anonymity layer" and "privacy" do not exist anymore as soon as any limited Turing machine or a computer is used, while on real world it is clear the difference (given the flow of time as we perceive it) between keeping information that can be used in any arbitrary moment in the future and NOT keeping them. Amongst other things, what here is relevant is that keeping a temporary information (for example, 1 byte) about whether a "connection" is established or not (which is mandatory to make Internet working) is not only totally irrelevant for privacy, but also and above all completely equivalent regardless of the value of that byte, from which the absurdity of your conclusion derives: there is no difference according to your definition in allowing n connections from one account, for each possible value of n, including n=1 and n=3.

 

Such philosophical discussion is completely irrelevant for our mission and for the purposes of our customers, for whom the concept of "anonymity" and "privacy" are preserved when no information can be rebuilt in an arbitrary future moment even if it is known that they were using a VPN service, but it can imply a real nice philosophical discussion that you are free to open in "Off Topic", but please not in this topic, thanks in advance.

 

Kind regards

Share this post


Link to post

Good Work ..  Thanx for the update...

 

Little  Question... How can i establish 3 connections ?

 

I am Win 8 & Air Client  User....

 

Greets

Dr.Dralle

 

Hello!

 

The most common usage is establishing up to 3 connections to up to 3 different servers from up to three different (either real or virtual) machines.

 

Kind regards

Share this post


Link to post

Thanks for the professional response.

 

By no means my comment was to discredit the quality of the service or to get into a phylosiphic discussion about privacy.

Please understand that, and I really appreciate your responses, unlike other servers that will usually tell you "if you don't like it, get another provider".

 

Yes, I can assume that the RAM of the Air servers, is a potential logging facility, not because I don't trust Air, only because of

the latest revelations of Mr. Snowden made me, and probably many other users, more natuarally aware.

My assumption is that there will always be a circle of what we "Don't know", just like the latest heartbleed bug.

That means we cannot trust our software (OpenSSL) providers - See heartbleed, Nor hardware - See Intel's RdRand saga.

My only point is that, the less data we all keep, the more safe we are. Without going much into Turing machinery, because this is really off-topic.

 

Thanks again for the great service,

I just opened this discussion because I think I can speak on behalf of many other users that share the same thoughts like me, i.e.

"How they allow us using 3 connections but still keep no logs".

 

 

Regards,

Zhang888.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Good Work ..  Thanx for the update...

 

Little  Question... How can i establish 3 connections ?

 

I am Win 8 & Air Client  User....

 

Greets

Dr.Dralle

 

You can establish 3 connections for example by using any other devices you have such as phone, laptop and desktop.

 

*facepalm* see that it was already answered.

Share this post


Link to post

About the active connections table, what information exactly is stored there?  For example this seems privacy-friendly:

 

 

user_id INT 

while this does not:

user_id INT
client_ip_address VARCHAR
server_id INT
time_connected DATETIME

For me the client IP address is something that should avoid being kept anywhere other than RAM.  Seeing my IP address in the control panel has always been disturbing.  Not because AirVPN has access to that information (of course it has to at some level), but that you have access to that information in a way that allows you to easy query for it and display it on the website (i.e. it's in a database).

 

Even if it's only temporarily in the database until the connection closes, that can be days.  If a third-party gained access to your database without your knowledge (bug in the app code for example), then that is pretty much the same as them having access to a log file.  So, do you keep the client IP address anywhere other than the RAM of the OpenVPN server we connect to?

Share this post


Link to post

Question: Do the 3 simultaneous connections need to be connected from the same domain/ip address? 

Share this post


Link to post

A quick note to say how pleased I am that Airvpn has now allowed 3 simultaneous sessions and has increased the strength of its RSA key encryption.

 

Thankyou Airvpn team. Your so far ahead of the VPN pack. Wonderful.

 

Bill...

Share this post


Link to post

Question: Do the 3 simultaneous connections need to be connected from the same domain/ip address? 

 

Hello!

 

No, that's not required. You are totally free to connect from three different addresses. For example, if you travel you can leave your home computer connected and stay connected during the travel with two more devices (smart phone and tablet, laptop and smart phone...).

 

Kind regards

Share this post


Link to post

 

Question: Do the 3 simultaneous connections need to be connected from the same domain/ip address? 

 

Hello!

 

No, that's not required. You are totally free to connect from three different addresses. For example, if you travel you can leave your home computer connected and stay connected during the travel with two more devices (smart phone and tablet, laptop and smart phone...).

 

Kind regards

 

Thats exactly my scenario - I am more than happy that you changed the policy there, up to now this was the only real downside to your service in my eyes.

Thank you very much, AirVPN team - this is really great!

I do believe that your service is the best there is for technically proficient users wanting a certain degree of privacy and anonymity on the net.

 

Thanks again!

Share this post


Link to post

okay got a question regarding multiple connections

 

how will the DDNS and port forwarding feature work when you establish multiple connections?

 

which connection will the port forwarding and the dns record apply to?

Or will the the port forwarding be applied to every connection and the external ip of every vpn server connected to be added to the dns record?

 

/Steal spear

Share this post


Link to post

Hi,

    I'm not an advanced user and may have misunderstood the 3 simultaneous connections aspect of the upgrade. I downloaded v 1.92 a few days ago after the Heartbleed issue so am up to date with the client, but when I connected today I was only allowed to connect to 1 server as usual. I then tried to launch the client again but got the message that I was already connected to the VPN. Can someone explain in simple terms how to go about running 3 simultaneous connections - is it possible to do this from the same windows 7 PC?

 

Regards

Share this post


Link to post

For me the client IP address is something that should avoid being kept anywhere other than RAM.  Seeing my IP address in the control panel has always been disturbing.  Not because AirVPN has access to that information (of course it has to at some level), but that you have access to that information in a way that allows you to easy query for it and display it on the website (i.e. it's in a database).

 

Even if it's only temporarily in the database until the connection closes, that can be days.  If a third-party gained access to your database without your knowledge (bug in the app code for example), then that is pretty much the same as them having access to a log file.  So, do you keep the client IP address anywhere other than the RAM of the OpenVPN server we connect to?

 

In order to display your IP on this web site, we can assume at the very least it is stored in RAM here. We also can assume that some parts of this site are backed up on non-volatile storage so they can restart their services after a reboot or power outage.

 

The existence of a session database doesn't mean that the IPs are stored on non-volatile storage. Selecting HEAP storage engine in MySQL, putting Sqlite/PostgreSQL database on a ramdisk, Memcached or Redis w/ persistency turned off, are all methods available to them. Page cache & PHP objects can also be stored in RAM as well, assuming caching is used so they aren't DOSed so easily.

 

Switching to a decentralized method would mean all VPN servers would have to be polled at each connection, which would increase connection time. They would also have to change the policy of "disallow new connections" to "disconnect older sessions" since the VPN servers might not be synced or reachable to each other 100% of the time.

 

In light of these two issues, and the airvpn.org site being a highly visible target for an adversary, they should at least store the session database in RAM on non-public facing server(if they aren't already).

 

They should also probably remove the session info from the Client Area unless it serves some other purpose. The only reason I can think of is it's there to allow users to detect if someone else is using their credentials... But it's not very useful for that. The rows are only temporary and if the other person disconnects you'd never know. There are other ways to detect it without showing IPs, such as disconnecting all connections, and reconnecting only one (or none). Then if there are more live connections then you expect, or to a server you aren't connecting to, you would know someone else has your credentials. After the user.key regeneration feature is added you won't even have to message the staff to kick them off.

Share this post


Link to post

Hi,

    I'm not an advanced user and may have misunderstood the 3 simultaneous connections aspect of the upgrade. I downloaded v 1.92 a few days ago after the Heartbleed issue so am up to date with the client, but when I connected today I was only allowed to connect to 1 server as usual. I then tried to launch the client again but got the message that I was already connected to the VPN. Can someone explain in simple terms how to go about running 3 simultaneous connections - is it possible to do this from the same windows 7 PC?

 

Regards

 

See this discussion:

 

/topic/11277-its-possible-connect-two-vpn-at-the-same-time/

Share this post


Link to post

Hey,

 

Great news on the 3 simultaneous connections.

 

Just one question - how will port forwarding work in the future? How will I specify which of my three devices to forward incoming connections to?

 

Thanks

R

Share this post


Link to post

As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.

 

I found this to be wrong. See entry 16901.

 

Yesterday I connected with my OpenVPN client to Seginus, DE.

Then I connected with my Android device to Germany (connection to the best server). It connected me to Seginus, DE. So basically I had two connections to the same server.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Gigan3rd, I did the same thing by ACCIDENT today. Connected my phone to the same server my iPad had been connected to for a while. But what seemed to happen to me is that only one device would stay connected for some time and the second one would lose vpn connection after a short time when connected to the same server. At least with iOS there seemed to be a short lag time to disconnect when I had two connections to the same server, it wasn't instant.

 

Anyway I configure a different server and it's all working great. The three connections is a fantastic upgrade of service, not to mention the other major upgrades done. Thanks!

Share this post


Link to post

I downloaded the new config files and loaded my android. My android will not connect to any US Server, but it will connect to a Canadian server while my PC is connected to a US Server. My issue appears to be an inability to make simultaenous connections unless the two different platforms - android / desktop - are on different servers in different countries.

Share this post


Link to post

Hi Guys great work again i just tested in with my droid and ya works great i am connected to netherlands on windows

and to spain on my  droid so ya thats what i want to be able to do. Thanks again

Share this post


Link to post

This is a feature that was really having me look around to other VPN providers when my 3 months is up here. I have 3 devices that I have almost always connected from various locations and part of what I want was for these 3 devices (Desktop, laptop, smartphone) to all be VPN connected instead of having to close the connection on one and then open it on another

Thank you!!!!!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...