Jump to content
Not connected, Your IP: 54.167.47.248
JJNF_83585

Blocking all non-VPN traffic (Windows)

Recommended Posts

oh my bad , thanks

update: theres a little problem ive noticed while airvpn was trying to reconnect it couldnt as soon as i removed the block rule it could, ive set my rules as follows

Hello!

If you use the Air client, you will need to authorize packets to and from 46.105.19.36 (airvpn.org). This is because while OpenVPN retrieves certificates, configuration and key files from your local storage, the Air client downloads them through an SSL connection with airvpn.org.

Kind regards

Share this post


Link to post

Hi,

Try moving that rule to the top (Line 11 in your screenshot). While I don't know much about the Comodo software itself, many firewalls read rules from top to bottom; therefore placement of any given rule can and will play a huge part in how the firewall operates. Just having a look at your screenshot, the rules look like they should work otherwise.

Best Regards,

jz

Share this post


Link to post

thanks finally someone replies ...and its a customer!!!!

i can see the admin from airvpn keeps quiet as soon as he dont know what to do in this situation and his explanations are anything but elaborate ,btw ive even contacted support about this almost over a week ago as suggested by non other than the admin , guess what? still no reply !!!!

and to think we actually pay this company for theyre vpn yes that includes SUPPORT !!!! support really dont seem to be airvpns strong point unlike its great vpn service hardly matched on the current market except for mulvad but theyre even slower , a suggestion you should work on that support airvpn do us and yourselves the favor and youll have alot less pissed off customers ,me being one of them atm

p.s: that suggestion jessez still doesnt work still cant login while having the block rule in my list

Share this post


Link to post

Hi sunnymorning,

I participate in the forums relating to networking because I have extensive network experience (many years of IT for a living), believe in the fundemental ideals of privacy that AirVPN stands for, and enjoy participating in a community of people also interested in that ideal. That is why I replied to your post. Sorry you feel that the admins aren't providing a generous amount of support, but that hasn't been my experience at all. I believe they work hard to stay on top of all of the issues, and make things understandable for the average user. Sometimes it is difficult for IT people to know how much experience a user has, and we have to make a judgement call on how basic to make the instructions we are giving. I tend to make the instructions as simple and well documented as possible, so they are easy for a person of any experience to understand (and therefore useful to a greater number of users), but that comes with the risk of annoying more experienced users that feel the IT guy is talking down to them. That being said I have some suggestions and questions for you...

I've just taken another look at your screenshot and noticed there is no rule showing for the 10.x.x.x IP address range (Sorry I didn't catch that previously). The AirVPN servers will give your connection an address in this range for the tun (or tap) connection, which is the tunnel inside your connection to your router/ISP. If there is no rule to allow that, there is no connection between the tunnel and your software. Try adding a rule similar to this:

Allow IP In/Out From MAC Any to IP 10.0.0.0/8 Where Protocol is Any

(If you are only using the GigaByte servers you can replace 10.0.0.0/8 with 10.5.0.0/8 - GB servers are: Vega, Sirius, Draconis, Castor and Tauri).

Also you have no rule for 127.0.0.1; that should look like:

Allow IP In/Out From MAC Any to IP 127.0.0.1 Where Protocol is Any

Also maybe this rule (Line 12) is causing a problem:

Block and Log IP In/Out From In [Home] to IP Not 108.59.8.147 Where Protocol is Any

My question is what is the address 108.59.8.147? Is this your computers staic IP address?

Try that out and if you are still having problems, could you attach your OpenVPN log? That would help narrow down where the issues are.

Thanks and Best Regards,

jz

Share this post


Link to post

thanks finally someone replies ...and its a customer!!!!

i can see the admin from airvpn keeps quiet as soon as he dont know what to do in this situation and his explanations are anything but elaborate ,btw ive even contacted support about this almost over a week ago as suggested by non other than the admin , guess what? still no reply !!!!

Hello!

You clearly have problems in receiving e-mails. Please check the issue, otherwise we will keep sending you e-mails and you will never be able to read any of them. That said, we tend to avoid duplicates in the forum, so already answered questions will be replied only via mail, not again and again on the forum.

Kind regards

Share this post


Link to post

thanks jessez ill try that out asap and i dont have no home i think youve checked out the wrong screenshot this is mine

https://airvpn.org/media/kunena/attachments/47686/airvpncomodo.JPG

and with the updated settings

p.s: to admin no my email is working properly ,i receive thread updates as usual , so support isnt replying , no offense, ive sent the support request to webmaster under contact us , anyhow maybe they still had my old temp email , hope we can start a fresh from now on

update : did not work heres the log

7/14/2012 - 5:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 5:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 5:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 5:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 5:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 5:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 5:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 6:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 6:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 6:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 6:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 6:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 7:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 7:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 7:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 7:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 7:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 7:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 7:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 7:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 7:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 8:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 8:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 8:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 8:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 8:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 8:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 8:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 8:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 8:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 9:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 9:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 9:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 9:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 9:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 9:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 9:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 9:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 9:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 10:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 10:59 AM TLS: soft reset sec=0 bytes=6996660/0 pkts=17532/0

7/14/2012 - 10:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 10:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 10:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 10:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 10:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 10:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 10:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 10:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 11:59 AM TLS: tls_process: killed expiring key

7/14/2012 - 11:59 AM TLS: soft reset sec=0 bytes=9556763/0 pkts=21717/0

7/14/2012 - 11:59 AM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 11:59 AM VERIFY OK: nsCertType=SERVER

7/14/2012 - 11:59 AM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 11:59 AM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 11:59 AM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 11:59 AM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 11:59 AM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 11:59 AM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 12:59 PM TLS: tls_process: killed expiring key

7/14/2012 - 12:59 PM TLS: soft reset sec=0 bytes=7974873/0 pkts=19683/0

7/14/2012 - 12:59 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 12:59 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 12:59 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 12:59 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 12:59 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 12:59 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 12:59 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 12:59 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 1:59 PM TLS: tls_process: killed expiring key

7/14/2012 - 1:59 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 1:59 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 1:59 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 1:59 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 1:59 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 1:59 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 1:59 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 1:59 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 2:59 PM TLS: tls_process: killed expiring key

7/14/2012 - 2:59 PM TLS: soft reset sec=0 bytes=7037597/0 pkts=18108/0

7/14/2012 - 2:59 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 2:59 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 2:59 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 3:00 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 3:00 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 3:00 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 3:00 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 3:00 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 3:59 PM TLS: tls_process: killed expiring key

7/14/2012 - 4:00 PM TLS: soft reset sec=0 bytes=9225485/0 pkts=21751/0

7/14/2012 - 4:00 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 4:00 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 4:00 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 4:00 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 4:00 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 4:00 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 4:00 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 4:00 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 5:00 PM TLS: tls_process: killed expiring key

7/14/2012 - 5:00 PM TLS: soft reset sec=0 bytes=31777509/0 pkts=59717/0

7/14/2012 - 5:00 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 5:00 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 5:00 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 5:00 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 5:00 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 5:00 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 5:00 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 5:00 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 6:00 PM TLS: tls_process: killed expiring key

7/14/2012 - 6:00 PM TLS: soft reset sec=0 bytes=317272114/0 pkts=355307/0

7/14/2012 - 6:00 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 6:00 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 6:00 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 6:00 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:00 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:00 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:00 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:00 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 6:40 PM Disconnecting...

7/14/2012 - 6:40 PM SIGTERM received, sending exit notification to peer

7/14/2012 - 6:40 PM TCP/UDP: Closing socket

7/14/2012 - 6:40 PM Disconnected.

7/14/2012 - 6:40 PM C:\WINDOWS\system32\route.exe DELETE 10.4.0.1 MASK 255.255.255.255 10.4.18.21

7/14/2012 - 6:40 PM Route deletion via IPAPI succeeded [adaptive]

7/14/2012 - 6:40 PM C:\WINDOWS\system32\route.exe DELETE 178.248.29.132 MASK 255.255.255.255 192.168.2.1

7/14/2012 - 6:40 PM Route deletion via IPAPI succeeded [adaptive]

7/14/2012 - 6:40 PM C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.18.21

7/14/2012 - 6:40 PM Route deletion via IPAPI succeeded [adaptive]

7/14/2012 - 6:40 PM C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.18.21

7/14/2012 - 6:40 PM Route deletion via IPAPI succeeded [adaptive]

7/14/2012 - 6:40 PM Closing TUN/TAP interface

7/14/2012 - 6:40 PM SIGTERM[hard,] received, process exiting

7/14/2012 - 6:40 PM Login...

7/14/2012 - 6:41 PM The remote name could not be resolved: 'airvpn.org'

7/14/2012 - 6:41 PM Login...

7/14/2012 - 6:41 PM The remote name could not be resolved: 'airvpn.org'

7/14/2012 - 6:41 PM Login...

7/14/2012 - 6:42 PM The remote name could not be resolved: 'airvpn.org'

7/14/2012 - 6:42 PM Login...

7/14/2012 - 6:42 PM The remote name could not be resolved: 'airvpn.org'

7/14/2012 - 6:42 PM Login...

7/14/2012 - 6:42 PM Login success.

7/14/2012 - 6:42 PM Contacting service...

7/14/2012 - 6:42 PM Connecting...

7/14/2012 - 6:42 PM OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

7/14/2012 - 6:42 PM NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

7/14/2012 - 6:42 PM LZO compression initialized

7/14/2012 - 6:42 PM Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]

7/14/2012 - 6:42 PM Socket Buffers: R=[8192->8192] S=[8192->8192]

7/14/2012 - 6:42 PM Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]

7/14/2012 - 6:42 PM Local Options hash (VER=V4): '22188c5b'

7/14/2012 - 6:42 PM Expected Remote Options hash (VER=V4): 'a8f55717'

7/14/2012 - 6:42 PM UDPv4 link local: [undef]

7/14/2012 - 6:42 PM UDPv4 link remote: 178.248.29.132:443

7/14/2012 - 6:42 PM TLS: Initial packet from 178.248.29.132:443, sid=c40cf815 84c3f4f1

7/14/2012 - 6:42 PM VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

7/14/2012 - 6:42 PM VERIFY OK: nsCertType=SERVER

7/14/2012 - 6:42 PM VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

7/14/2012 - 6:42 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:42 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:42 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

7/14/2012 - 6:42 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

7/14/2012 - 6:42 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

7/14/2012 - 6:42 PM [server] Peer Connection Initiated with 178.248.29.132:443

7/14/2012 - 6:42 PM SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

7/14/2012 - 6:42 PM PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.4.18.22 10.4.18.21'

7/14/2012 - 6:42 PM OPTIONS IMPORT: timers and/or timeouts modified

7/14/2012 - 6:42 PM OPTIONS IMPORT: LZO parms modified

7/14/2012 - 6:42 PM OPTIONS IMPORT: --ifconfig/up options modified

7/14/2012 - 6:42 PM OPTIONS IMPORT: route options modified

7/14/2012 - 6:42 PM OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

7/14/2012 - 6:42 PM ROUTE default_gateway=192.168.2.1

7/14/2012 - 6:42 PM TAP-WIN32 device [Airvpn Vpn] opened: \\.\Global\{74584123-A4F8-48C8-B3DE-A9D38571E725}.tap

7/14/2012 - 6:42 PM TAP-Win32 Driver Version 9.9

7/14/2012 - 6:42 PM TAP-Win32 MTU=1500

7/14/2012 - 6:42 PM Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.4.18.22/255.255.255.252 on interface {74584123-A4F8-48C8-B3DE-A9D38571E725} [DHCP-serv: 10.4.18.21, lease-time: 31536000]

7/14/2012 - 6:42 PM Successful ARP Flush on interface [18] {74584123-A4F8-48C8-B3DE-A9D38571E725}

7/14/2012 - 6:42 PM TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

7/14/2012 - 6:42 PM C:\WINDOWS\system32\route.exe ADD 178.248.29.132 MASK 255.255.255.255 192.168.3.1

7/14/2012 - 6:42 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4

7/14/2012 - 6:42 PM Route addition via IPAPI succeeded [adaptive]

7/14/2012 - 6:42 PM C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.18.21

7/14/2012 - 6:42 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

7/14/2012 - 6:42 PM Route addition via IPAPI succeeded [adaptive]

7/14/2012 - 6:42 PM C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.18.21

7/14/2012 - 6:42 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

7/14/2012 - 6:42 PM Route addition via IPAPI succeeded [adaptive]

7/14/2012 - 6:42 PM C:\WINDOWS\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.18.21

7/14/2012 - 6:42 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

7/14/2012 - 6:42 PM Route addition via IPAPI succeeded [adaptive]

7/14/2012 - 6:42 PM Initialization Sequence Completed

7/14/2012 - 6:42 PM Starting Management Interface...

7/14/2012 - 6:42 PM Checking...

7/14/2012 - 6:43 PM Retrieve statistics...

7/14/2012 - 6:43 PM Connected.

Share this post


Link to post

p.s: to admin no my email is working properly ,i receive thread updates as usual , so support isnt replying , no offense, ive sent the support request to webmaster under contact us , anyhow maybe they still had my old temp email , hope we can start a fresh from now on

update : did not work heres the log

Hello!

We re-send you a synthesis of our replies here in the forum for your comfort.

The logs show that you have been connected without interruptions for several hours (since 5:59 AM till 6:40 PM). The connection was working because, as you can see, OpenVPN renegotiated successfully the TLS key every hour, as it is expected to do with our configuration. The TLS key renegotiation is an additional OpenVPN security feature which causes no delays in the connection, since the key renegotiation is performed with "overlapping windows" (another nice OpenVPN feature).

After the disconnection, caused by an intervention on your system, your system could not resolve "airvpn.org" in order to reconnect, a problem you can immediately solve (instead of changing Comodo rules each time) by editing your hosts file, just add the line:

46.105.19.36 airvpn.org

Kind regards

Share this post


Link to post

the disconnection was caused manually in order to test the rules suggested by jessez , thou as you can see didnt work as soon as ive had added the block rule in my list again it wouldnt let airvpn connect and the hosts entry has been added long ago or so i thought xD , thanks for all the help and it worked the hosts entry worked!

i did a little mistake on my side i forgot to save the hosts entry xD , so do i keep the extra rules introduced by jessez then?

btw wouldnt it be better to do something like this so the blocking isnt ip specific but rather specified to the vpn adapter itself? then no matter what server you connect to ,it would always block all traffic as soon as a disconnect would happen

Share this post


Link to post

the disconnection was caused manually in order to test the rules suggested by jessez , thou as you can see didnt work as soon as ive had added the block rule in my list again it wouldnt let airvpn connect and the hosts entry has been added long ago or so i thought xD , thanks for all the help and it worked the hosts entry worked!

Hello!

We're very glad to know that you could manage to solve your problem.

i did a little mistake on my side i forgot to save the hosts entry xD , so do i keep the extra rules introduced by jessez then?

Yes, if this setup works on your system, it's not worth to modify anything.

btw wouldnt it be better to do something like this so the blocking isnt ip specific but rather specified to the vpn adapter itself? then no matter what server you connect to ,it would always block all traffic as soon as a disconnect would happen

It already works in this way. However, your tun interface must be able to send and receive packets from/to any IP through your physical adapter, and the physical adapter only sees packets that have "real" header and payload already encrypted. When there's a VPN disconnection, the original routing table is restored.

Therefore the "key factor" to prevent leaks is that your physical adapter must be authorized to communicate only with our VPN servers, so Comodo needs to know the entry-IP addresses of the servers.

A different solution with Comodo is allowing outgoing packets only if coming from the tun adapter (i.e. only if coming from the IP range 10.4.0.0->10.9.255.255), as it has been described in the main thread. In this case, you don't need to set rules for your physical adapter, but you'll have to configure every and each application that you use (or any relevant application) and system applications (especially svchost.exe, to prevent DNS leaks) with the above rule. This is a solution particularly suitable for clients who just want to block certain traffic (for example p2p) while allowing other traffic when disconnected from the VPN, so probably your current setup is the one which really meets your requirements.

Kind regards

Share this post


Link to post

Dear admin,

You wrote: "and system applications (especially svchost.exe, to prevent DNS leaks) with the above rule."

When I apply "Block TCP or UDP Out From IP Not In [10.4.0.0-10.9.255.255] To MAC Any Ports Any" for Comodo SNCHOST.EXE Application Rules,

after restarting Win7 I'm getting Unidentified Network for my primary LAN and No Internet for your service to Connect & Check at all.

Any solution?

Thank you

Share this post


Link to post

Dear admin,

You wrote: "and system applications (especially svchost.exe, to prevent DNS leaks) with the above rule."

When I apply "Block TCP or UDP Out From IP Not In [10.4.0.0-10.9.255.255] To MAC Any Ports Any" for Comodo SNCHOST.EXE Application Rules,

after restarting Win7 I'm getting Unidentified Network for my primary LAN and No Internet for your service to Connect & Check at all.

Any solution?

Thank you

Hello!

EDIT First of all please make sure that you refer to svchost.exe because snchost.exe is a trojan/backdoor

That's correct, because your system must not be able to send out DNS queries when you're not connected to the VPN. You have three options:

1) If you use the Air client, add to your hosts file the line:

46.105.19.36 airvpn.org

then connect to the VPN to restore your connectivity

2) If you use OpenVPN GUI (or OpenVPN directly), just connect to a VPN server to restore your connectivity

3) (not practical, unless you use the VPN rarely) put back svchost.exe to trusted application (or delete the rule) then reinstate the rule once connected to the VPN

Kind regards

Share this post


Link to post

Hello, could you please verify my setting?

("EDIT First of all please make sure that you refer to svchost.exe because snchost.exe is a trojan/backdoor". Yes, of course, it is SVCHOST.EXE. Typo.)

1. I have modified host file (attached), then restarted.

2. Put Comodo application rule (attached)

3. I've also attaching a screenshot of my Comodo global rule

4. Message after one minute waiting for Login (attached)

5. Message after removing initial application rule. Try to connect without restarting. Attached.

Thanks a lot

P.S. I have prepared JPEG; ZIP, Doc files, non of them can be attached and uploaded.

So, here is the host:

--------------------------------------------------------------------------------

# Copyright © 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.

# 127.0.0.1 localhost

# ::1 localhost

46.105.19.36 airvpn.org

--------------------------------------------------------------------------------------

Here is what I have for c:\Windows\System32\svchost.exe (application rule)

"Allow UDP In From IP In [192.168.1.1 / 255.255.255.0] To MAC Any, Ports Any"

"Block TCP or UDP Out From IP Not In [10.4.0.0-10.9.255.255] To MAC Any Ports Any"

--------------------------------------------------------------------------------------

Global Rules:

Allow IP In/Out from any MAC to IP 127.0.0.1, Any Protocol

Next line - same thing for 46.105.19.36

Next line - some thing for [10.5.0.0 - 10.5.0.8]

Next 5 lines: Blocking ICMP from Any to Any for Messages: PROTOCOL UNREACHABLE; 17;15;13; ECHO REQUEST.

--------------------------------------------------------------------------------------

Message after one minute waiting for Login: "THE OPERATION HAS TIMED OUT"

--------------------------------------------------------------------------------------

Message after removing blocking svchost.exe application rule. Try to connect without restarting: "THE REMOTE NAME COULD NOT BE RESOLVED: "airvpn.org".

--------------------------------------------------------------------------------------

Thanks for helping

Share this post


Link to post

you should check out my global rule settings from greg in combination with mr.conductors server list , together they work without having to set any app rules , blocks out everything if not connected to air

Share this post


Link to post

sunnynorning, I'm tried your combination, it blocks all if not connected, but I'm not sure about svchost.exe leak and why 46.105.19.36 airvpn.org in host file not working. Thanks.

Share this post


Link to post

Dear admin, could you please verify my setting? Target is to block the svchost.exe potential leak in COMODO Application rules. Basically, I cant reach airvpn.org site with "Block TCP or UDP Out From IP Not In [10.4.0.0-10.9.255.255] To MAC Any Ports Any" option enabled. In your last reply you have recommended me to modify the Windows host file but it doesn't solve the problem.

1. I have modified host file (attached), then restarted.

2. Put Comodo application rule (attached)

3. I've also attaching a screenshot of my Comodo global rule

4. Message after one minute waiting for Login (attached)

5. Message after removing initial application rule. Try to connect without restarting. Attached.

Thanks a lot

P.S. I have prepared JPEG; ZIP, Doc files BUT non of them can be attached and uploaded.

So, here is my host:

--------------------------------------------------------------------------------

# Copyright © 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.

# 127.0.0.1 localhost

# ::1 localhost

46.105.19.36 airvpn.org

--------------------------------------------------------------------------------------

Here is what I have for c:\Windows\System32\svchost.exe (application rule)

"Allow UDP In From IP In [192.168.1.1 / 255.255.255.0] To MAC Any, Ports Any"

"Block TCP or UDP Out From IP Not In [10.4.0.0-10.9.255.255] To MAC Any Ports Any"

--------------------------------------------------------------------------------------

Global Rules:

Allow IP In/Out from any MAC to IP 127.0.0.1, Any Protocol

Next line - same thing for 46.105.19.36

Next line - some thing for [10.5.0.0 - 10.5.0.8]

Next 5 lines: Blocking ICMP from Any to Any for Messages: PROTOCOL UNREACHABLE; 17;15;13; ECHO REQUEST.

--------------------------------------------------------------------------------------

Message after one minute waiting for Login: "THE OPERATION HAS TIMED OUT"

--------------------------------------------------------------------------------------

Message after removing blocking svchost.exe application rule. Try to connect without restarting: "THE REMOTE NAME COULD NOT BE RESOLVED: "airvpn.org".

--------------------------------------------------------------------------------------

Thanks for helping

Share this post


Link to post

Dear admin, could you please verify my setting?

Next line - some thing for [10.5.0.0 - 10.5.0.8]

 

Hello!

The above line is incorrect. You should replace it with authorization for the range [10.4.0.0 - 10.9.255.255], see also here:

https://airvpn.org/specs

The range 10.4.0.0->10.9.255.255 covers the whole IP range of the virtual private network. 10.5.0.0->10.5.0.8 covers a very minimal, insufficient range of the private network on port 443 TCP.

--------------------------------------------------------------------------------------

Message after removing blocking svchost.exe application rule. Try to connect without restarting: "THE REMOTE NAME COULD NOT BE RESOLVED: "airvpn.org".

This apparently shows that your system is unable to resolve airvpn.org. Please make sure that the lined you added to your hosts file (hosts, not host) is really there. The hosts file is used by Windows to resolve domain names before any DNS query.

Furthermore, either apply the rule for svchost.exe only after you're connected to the VPN, or use the rules for securing the VPN connection (which will also prevent DNS leaks). Alternatively, use the OpenVPN GUI to connect.

Kind regards

Share this post


Link to post

Thank you, will try the global rule autorization IP range [10.4.0.0 - 10.9.255.255].

Regarding the hosts file:

that's exactly what I have there:

---------------------------------------------------------------------------------------------------

# Copyright © 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.

# 127.0.0.1 localhost

# ::1 localhost

46.105.19.36 airvpn.org

----------------------------------------------------------------------------------------------------

This line is really there, system is restarted, line is verified. Whats can be wrong?

Share this post


Link to post

This line is really there, system is restarted, line is verified. Whats can be wrong?

Hello!

Can you please try a connection with the OpenVPN GUI, with the very same Comodo rules (you don't need to modify anything), and see whether the problem is solved or not?

Kind regards

Share this post


Link to post

well thats odd are you 100% sure you saved your airvpn hosts entry ? cause thats what my mistake was and am worry free now

hope you get it sorted out maggieairvpn

p.s: once you get it working as described , nothing not even svchost will leak anything without any application specific rules required

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...