Jump to content
Not connected, Your IP: 3.142.198.51
Sign in to follow this  
pcollacchi

AirVPN Client login "modes"

Recommended Posts

After I login to AIRVPN I am given the opportunity to select various "modes". The server accepts connections on port 53, 80 and 443 UDP and TCP. What exactly does this mean?

What I want is all my traffic to go first to the VPN (port 443) and then to the Internet from there.

I've been having trouble when disconnecting and then re-connecting, particular for US-based servers. I do re-connect without any problems and could send those logs. But after that, sometimes, I cannot browse (or access FIBS) though i can do bit torrent. After a bit more diagnostics it appears that I can browse to IP addresses but not domain names, suggesting that there is some issue with DNS translation.

I was under the naive view, that all my traffic goes first through the VPN tunnel on 443 and then to the internet, presumably including my DNS traffic. But when I used COMODO to examine my connections i saw that firefox.exe connections appear to be being directed to the TAP device and then to the destination. (see attached files).

Here's what I want:

1.) I want to be able to disconnect and then shortly afterward reconnect to any AirVPN servers without losing the ability to browse afterward.

2.) In general, I want all my traffic to go from my PC to the Air VPN server before it goes to the network.

3.) I want understand the path my traffic takes when I am connected to the Air VPN server through any particular mode.

Does anyone understand the traffic path from my keyboard, to my app(say Firefox), to the PC device drivers, out my ethernet adapter, to my router, and thereafter well enough to explain what is going on?

Can anyone explain what the various modes are and determine from the attached files whether or not my firefox traffic is taking a different route than all other traffic?

Thanks, for any helpful tutorials you can provide.

Thanks.

Share this post


Link to post

Just to follow up. When I say I want "all" my traffic to go first through the VPN tunnel, I mean, I want it all encrypted out of my computer. Does that require using only port 443, or do the other "modes" encrypt as well?

Share this post


Link to post

After I login to AIRVPN I am given the opportunity to select various "modes". The server accepts connections on port 53, 80 and 443 UDP and TCP. What exactly does this mean?

Hello!

Please see the Frequently Asked Questions on this specific question https://airvpn.org/faq

What I want is all my traffic to go first to the VPN (port 443) and then to the Internet from there.

Ok, that's what happens by default. Our servers will push the appropriate routing table.

I've been having trouble when disconnecting and then re-connecting, particular for US-based servers. I do re-connect without any problems and could send those logs. But after that, sometimes, I cannot browse (or access FIBS) though i can do bit torrent. After a bit more diagnostics it appears that I can browse to IP addresses but not domain names, suggesting that there is some issue with DNS translation.

It's strange that you lose DNS resolution ability after a while. When it happens, check whether your system can reach the DNS IP address. Please see here if you use our DNS: https://airvpn.org/specs

I was under the naive view, that all my traffic goes first through the VPN tunnel on 443 and then to the internet, presumably including my DNS traffic. But when I used COMODO to examine my connections i saw that firefox.exe connections appear to be being directed to the TAP device and then to the destination. (see attached files).

Here's what I want:

1.) I want to be able to disconnect and then shortly afterward reconnect to any AirVPN servers without losing the ability to browse afterward.

2.) In general, I want all my traffic to go from my PC to the Air VPN server before it goes to the network.

3.) I want understand the path my traffic takes when I am connected to the Air VPN server through any particular mode.

Does anyone understand the traffic path from my keyboard, to my app(say Firefox), to the PC device drivers, out my ethernet adapter, to my router, and thereafter well enough to explain what is going on?

That's correct. The TUN/TAP interface is used by OpenVPN. If you give a "route print" command while connected to an Air server you can see your routing table and the "path" of your packets, while "ipconfig /all" will show all the details about all your network cards (real and virtual). If you wish to monitor all the packets traffic in your system, the "active connections" in Comodo firewall will give you a general overview, while you can use tools like Wireshark for a full-details packets monitoring. http://www.wireshark.org/

Please do not hesitate to contact us for any further information or support.

Kind regards

Share this post


Link to post

Just to follow up. When I say I want "all" my traffic to go first through the VPN tunnel, I mean, I want it all encrypted out of my computer. Does that require using only port 443, or do the other "modes" encrypt as well?

Hello!

Yes, that's precisely what you get by default. Our servers push a routing table that accomplishes what you want. The routing table is the same regardless of the port you pick to enter the VPN.

Kind regards

Share this post


Link to post

Thanks for the responses. I understand now that all my traffic is being encrypted and then tunneled through the VPN, and that the various alternative ports (80, 53) are available in case the ISP is blocking 443 -- as I hoped.

Yesterday, I did determine that when I re-connect and then cannot browse to a domain name (but can browse to its IP address), that if I disconnect and re-connect back to the same server using port 80 that I domain names do appear to resolve and I can browse by domain name. It appears that I have a work-around, though not a root cause of the original symptom. I will use some of the tools you suggest and maybe take a snoop with wireshark to see what's happening to my DNS traffic when it fails to resolve.

Agains, thanks for your follow-up.

Paul

Share this post


Link to post

Thanks for the responses. I understand now that all my traffic is being encrypted and then tunneled through the VPN, and that the various alternative ports (80, 53) are available in case the ISP is blocking 443 -- as I hoped.

Yesterday, I did determine that when I re-connect and then cannot browse to a domain name (but can browse to its IP address), that if I disconnect and re-connect back to the same server using port 80 that I domain names do appear to resolve and I can browse by domain name. It appears that I have a work-around, though not a root cause of the original symptom. I will use some of the tools you suggest and maybe take a snoop with wireshark to see what's happening to my DNS traffic when it fails to resolve.

Agains, thanks for your follow-up.

Paul

Hello!

Thanks. Command "nslookup" may also help you. See the various responses of nslookup when DNS resolution works and when it does not. Just in case it's useful for your troubleshooting, keep in mind that Windows has the notion of a DNS setting per each adapter, it does not see a global DNS like Linux.

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...