Jump to content
Not connected, Your IP: 3.144.29.213

Recommended Posts

Hi, I tried to test for DNS leaks at IPleak.net. Here is the result on my Comodo browser

 

image.jpg

 

...and here is the result on Aviator White Hat.....

 

image.jpg

 

On the white hat it only detected one DNS address while on the Comodo dragon it detected several DNS addresses. Does this show that there are DNS leaks? 

Share this post


Link to post

With comodo software and also their browser there is an option to use comodo secure dns or not to use it.

Share this post


Link to post

 

Hi, As far as I'm aware Comodo hardwire there own DNS into there browsers, This been the case this is what your seeing, Comodos DNS servers.

 

 

With comodo software and also their browser there is an option to use comodo secure dns or not to use it.

 

 

I have disabled the DNS option of the Comodo dragon browser and now there is only one DNS address :-)

Share this post


Link to post

I checked in a hotel today and used their  wifi connection. I did a DNS leak test and this is what I got....

 

with_vpn.jpg

 

 

with_out_vpn.jpg

 

I use a comodo firewall using airvpns configurations. Does anybody know how to fix this problem....

Share this post


Link to post

I just got home and I have just checked the configuration of the Global rules and I have noticed that there are 4 new entries...

 

Capture2.jpg

 

Those 4 ticked entries on the global rules. Do you suppose that was the cause of the leaks? I do not know how it get there, since I did not made that entry,, but I removed it from the configurations... I hope it fixed the problem.

Share this post


Link to post

Its tough to answer from here because we can't see your rules.  Regarding DNS and our windows-commodo rules they work perfectly.

 

Make sure to view your global rules.  You may have used different names for your zonies but make sure that the [airvpn] dns range in commodo is set for 10.4.0.0 - 10.9.255.255

 

The way this works is that commodo rule will pass/allow a dns in that range.  Any dns NOT in that range will continue on down the rules list and finding none that allow it through, it will hit the block all rule at the bottom.  When it gets there its game over, no getting through.

 

If you want to do a print screen on your rules we would be happy to look them over.  You said you pretty much copied those in this forum.  Make sure you also print screen your zone parameters too so we can see everything if you want thorough help.  Just offering to use extra eyes if you want the help.

Share this post


Link to post

I just got home and I have just checked the configuration of the Global rules and I have noticed that there are 4 new entries...

 

Capture2.jpg

 

Those 4 ticked entries on the global rules. Do you suppose that was the cause of the leaks? I do not know how it get there, since I did not made that entry,, but I removed it from the configurations... I hope it fixed the problem.

 

 

There is a setting that causes automatic detection of private networks. You need to disable it.

 

It's located on the Firewall Settings tab of Advanced Settings.

 

There is a tick box for "Enable automatic detection of private networks"

 

Make sure it is not selected.

 

EDIT: If you only intend to use AirVPN DNS, you should also have a DNS blocking rule located at the top of your rules that only allows DNS requests to Air:

 

Action = Block (log if you so coose to, I do)

Protocol = TCP/UDP

Direction = In/Out

Source address = Any

Destination address = 10.4.0.1 (You also NEED to tick the "Exclude" box)

Source Port = Any

Destrination port = 53


Have my guides helped you? Help me keep helping you, use my referral: userbar.png

How to set up pfSense 2.3 for AirVPN

Friends don't let friends use consumer networking equipment!

Share this post


Link to post

Its tough to answer from here because we can't see your rules.  Regarding DNS and our windows-commodo rules they work perfectly.

 

rules3.jpg

rules2.jpg

 

rules.jpg

Share this post


Link to post

I just installed AirVPN client v2.8.8.

I selected Network Lock Active and I can see the new Firewall rules in my Win 7 PC, but when I am running http://ipleak.net I see my provider DNSs and also a DNS from the VPN server.

 

I done also Firefox setting change - yes.pngNo leak, RTCPeerConnection not available.

 

How can I fix this?

Share this post


Link to post

Hello!

 

When DNS queries are tunneled, they are not intercepted by Network Lock firewall rules and that's totally correct, because any traffic in the tunnel is allowed. Besides, tunneled DNS queries are not DNS leak by definition and are not harmful to your privacy.

 

Another option, though, is that your system queries your router DNS (and obviously Network Lock rules allow communication with the router) and your router queries your ISP DNS. In this case privacy can be harmed. So it's important to understand the causes.

 

What is your Operating System?

 

Kind regards

Share this post


Link to post

I haven't restarted the PC after the client install. Done that and looks fine now. Thanks for your fast reply.

Share this post


Link to post

I haven't restarted the PC after the client install. Done that and looks fine now. Thanks for your fast reply.

 

Hello, very well! Glad to know it.

 

Kind regards

Share this post


Link to post

I thought I got it, but working on setting up the client on a different PC in my network and I am seeing the IP address of the VPN server but for the DNS Address detection I am seeing the ISP DNSs and sometimes a mix between the ISP DNSs and the VPN DNS.

 

The first PC is still working ok. I used the same install client file, same credentials. The one working is a Win 7 Professional 64bit, the one where it doesn't is a Win 7 Home Premium 64bit.

 

I have restarted the PC where it doesn't work several times, just in case, still nothing. Please help.

Share this post


Link to post

I have finished setting up the VPN on a third PC with Win 7 Professional, and is working fine. Is it possible that the issue is related to the Win OS version?

Share this post


Link to post

When I go to http://ipleak.net/#dnsleak, I am getting on all the PCs right now a combination of AirVPN DNSs and ISP DNSs, about half half. Do you know how can I fix it?

 

Could you take a look at your logs  (tab). Within the first 15 or so lines, look for something like these:

 

yyyy.mm.dd hh:mm:ss - Session starting.

yyyy.mm.dd hh:mm:ss - Installing tunnel driver

 

Do you have any entries between those above and the following:

 

yyyy.mm.dd hh:mm:ss - Checking authorization ...

yyyy.mm.dd hh:mm:ss - Connecting to ServerName

Share this post


Link to post

Here is a  LINK to instructions to set your own DNS server for Windows 7. I've just changed settings to Comodo server and it fixed the problem of my ISP showing up while checking for DNS leaks. Details HERE if you're running OS X.

Comodo DNS server details below.

Preferred DNS server address for Comodo Secure DNS is:
8.26.56.26
Alternate DNS server address for Comodo Secure DNS is:
8.20.247.20

Share this post


Link to post
Posted ... (edited)

Hello palmedo, welcome.

If you are using the AirVPN client, please make sure you have these set:

Select the AirVPN dropdown (upper left) > Preferences > Advanced (tab) > General (tab):

check, 'Force DNS' on the right
check, 'Check if the tunnel use AirVPN DNS

This changes the Name Servers Windows uses.

 

-----

 

If you use DHCP for IP addresses, you will also want to:

check, 'Switch DHCP to Static'

This is to keep Windows from requesting to renew its DHCP lease midway through the lease.
If it does, it will reset your DNS back and you will have leaks well into your VPN session.

EDIT: I was mistaken. This is not the case.

Note: If you 'Force DNS' and AirVPN does not close gracefully, you will need to go into your adapter settings and remove the AirVPN DNS server (10.4.0.1) in order to get name resolution back.


Let us know how you make out.

Edited ... by amnesty

Share this post


Link to post

Hello,

 

I tried many time to change the DNS but every time i fail

Please somebody help me

 

If you're using Windows, in an administrator command prompt, execute:

netsh interface IPv4 set dnsservers "[primary_network_interface_controller_name]" static 10.4.0.1 both no
//
netsh interface IPv4 set dnsserver "[primary_network_interface_controller_name]" dhcp

This DNS setting will be kept even if you reboot Windows. The downside is that you can't use AirDNS to connect to your servers since 10.4.0.1 is only available with an OpenVPN connection. You will need to generate your config files with the option Resolved hosts in ovpn file.

Second command reverses the antileak fix.

 

In addition, WebRTC is enabled. Navigate to ipleak.net and scroll down to see if a solution for your browser is present.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

 

Hello,

 

I tried many time to change the DNS but every time i fail

Please somebody help me

If you're using Windows, in an administrator command prompt, execute:

netsh interface IPv4 set dnsservers "[primary_network_interface_controller_name]" static 10.4.0.1 both no
//
netsh interface IPv4 set dnsserver "[primary_network_interface_controller_name]" dhcp

This DNS setting will be kept even if you reboot Windows. The downside is that you can't use AirDNS to connect to your servers since 10.4.0.1 is only available with an OpenVPN connection. You will need to generate your config files with the option Resolved hosts in ovpn file.

Second command reverses the antileak fix.

 

In addition, WebRTC is enabled. Navigate to ipleak.net and scroll down to see if a solution for your browser is present.

 

This is just a clarification that could be useful for some casual computer user reading this thread. This workaround is not required with AirVPN’s client ‘Eddie’. It can be used with other OpenVPN GUI applications running on Windows.

 

By using the static switch you will lose all name resolution on the internet unless connected to AirVPN’s network.

 

Prior to using the netsh command, it might not be a bad idea to take a look at a few posts by @Nadre. They are very well documented:

 

https://airvpn.org/topic/9787-the-pros-and-the-cons/?p=11501

 

https://airvpn.org/topic/9699-using-browser-with-and-without-vpn/?p=11511

 

These posts also provides links to additional supporting documentation- a Microsoft Technet article and OpenVPN Community Wiki.

 

For anyone reading this thread who does generate your config files with the option Resolved hosts in ovpn file, you can place these commands in the the Preconnect/Connect/Disconnect Scripts feature of OpenVPN to automate the process.

 

Place the static 10.4.0.1 in the Connect script and the dhcp switch in the disconnect script.

 

You might also want to look into preventing (application) leaks if you lose your VPN tunnel in the How-To section.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...