Jump to content
Not connected, Your IP: 100.26.176.182
mrbert

Connect only to some of the servers

Recommended Posts

Hi I have the problem that some of the servers are blacklisted and sometimes I cannot even reach my email via AirVPN.

I want to use the VPN client in my router but I have no clue how I could block some servers or only allow serverst that I tested
I did a test with Eddie and had quite a few that are OK but when I want to generate the config file there a separate file for eacht selected server
Not very practical I think?
Is there a way I could use only certain servers (maybe 10)  in a 'pool' to connect to the VPN instead of all those single servers?


 

Share this post


Link to post

There is a very cool webapp which generates remote directives for you to copy into the ovpn config. You select which countries you want in there and which entry IP and out comes the remote list.

Make sure to give the user who did this a thanks on the post mentioning this.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Hi giganerd,
It looks cool, but that is a random list and not a list where I can add the servers I need . And I do not see how I could get a config file from this that I can use with the open VPN client in my ASUS router (merlin firmware) 

Share this post


Link to post

This does not generate a config file. You do this here. You just replace the remote directive in the generated file with what the app generated for you. But yes, you cannot select individual servers. This must be done manually.

Fortunately, you can simply do something like this, even if you need to query a DNS server beforehand, but it's the easiest solution:

remote antares.airvpn.org 443
remote menkab.airvpn.org 443
remote yourserver.airvpn.org 443
remote-random


Another one is to simply replace yourserver.airvpn.org with the IP you get when you do a nslookup, host or dig on it, like:

$ nslookup ogma.airvpn.org
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   ogma.airvpn.org
Address: 185.189.112.18

 

Then you simply add a remote 185.189.112.18 instead of ogma.airvpn.org. And this with every server which "likes" you. :D


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Hi Giganerd,
Sorry to bother you again.
In the config file I see: this

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Wednesday 24th of April 2019 05:22:01 PM
# OpenVPN Client Configuration
# AirVPN_Netherlands_UDP-443
# --------------------------------------------------------

client
dev tun
remote nl.vpn.airdns.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
rcvbuf 262144
sndbuf 262144
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1
I know how to loopup the IP's and I assume I need to replace the line
remote nl.vpn.airdns.org 443
and replace that with
remote 213.152.161.19 443
remote 213.152.161.24 443
remote 213.152.161.14 443
for the severs
Salm,
Nash,
situla

and then save the file as MyAirvpn.ovpn
Is that all I need to do?

What does this resolve-retry do here? Ist that a time out to try a next one?

Share this post


Link to post
3 hours ago, mrbert said:

Is that all I need to do?


Yes. :)
 
3 hours ago, mrbert said:

What does this resolve-retry do here? Ist that a time out to try a next one?

 
Quote
--resolv-retry n
If hostname resolve fails for --remote, retry resolve for n seconds before failing.

Set n to "infinite" to retry indefinitely.

By default, --resolv-retry infinite is enabled. You can disable by setting n=0.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

@giganerd, Thats great!
Could I also set resover-retry such that if the fist server fails for 10 seconds that it atomatically takes the next server?
Could I also randomize the order of connecting within the list that I create?

Share this post


Link to post
On 4/26/2019 at 10:44 AM, mrbert said:

Could I also set resover-retry such that if the fist server fails for 10 seconds that it atomatically takes the next server?


I am not entirely sure whether such a timeout is interpreted as a failed attempt to connect to the remote host used. Try it out and, at your convenience, report back so we all might learn something. :)
 
On 4/26/2019 at 10:44 AM, mrbert said:

Could I also randomize the order of connecting within the list that I create?


That's what remote-random is there for. :)

Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

remote-random will only be useful if you manually specify all the servers in the config file.
In case you use something like nl.vpn.airdns.org, it will still be random in terms of randomness,
because it will automatically choose the best server at the moment of connection.

Are you sure you want your client determine a completely random server? Usually this is not
quite recommended, since you will lose all the load-balancing capabilities of the infrastructure.

When you put many random countries in the config file, that's a different thing. But for the same
country, a better option would be the load balancer decide it for you. 


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

@zhang888 I do not want a completely random connection. 
I want to create a list (10-15)  of working AIRVPN  servers (That are not blacklisted)  and let the system just pick one of this list.
They will all me in the Netherlands for me.
 

Share this post


Link to post
Quote

(10-15)  of working AIRVPN  servers (That are not blacklisted)


Good luck.

So in that case proceed with whatever option you prefer, the point was that a pseudo-random way of
choosing servers in the same area is already implemented on Air (in 2013 actually) and is still the best
way that can be technically used to choose the best server. Many competitors implemented this as well
since then, it's not patented, but quite innovative way to share b/w across users in a fair way :)


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post
@zhang888 Thanks for your info,. I am going to try this out wit about the 10 servers that I prefer, but I am  pretty busy at this moment :S 
Working takes too much free time:S

Share this post


Link to post

Today I finally had time to test the suggestions but I get no connection.
Looked for the IP adresses of working servers and 
I created a config file:

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Wednesday 8th of May 2019 06:13:39 PM
# OpenVPN Client Configuration
# AirVPN_NL-Alblasserdam_Alrai_UDP-443
# --------------------------------------------------------

client
dev tun
remote 213.152.162.78 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
rcvbuf 262144
sndbuf 262144
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1
<ca>
The I editted this file by trepacing the IP address with the other working address fot a quick test.
# --------------------------------------------------------
# Air VPN | https://airvpn.org | Wednesday 8th of May 2019 06:13:39 PM
# OpenVPN Client Configuration
# AirVPN_NL-Alblasserdam_Alrai_UDP-443
# --------------------------------------------------------

client
dev tun
remote 109.202.107.15 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
rcvbuf 262144
sndbuf 262144
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1
<ca>
  
Ater this I get no connection when I use the new file
I am affraid that there is some more info in the certificate /keys that are at the end of that file.
Where did I go wrong?
 

Share this post


Link to post

What you did wrong?  Many things.
Starting of that your server is not in a supported ASCII format, maybe you copy pasted the
values from a different system and this is how it is parsed.
Your values, are parsed as UTF-8 BOM chars:

remote 213.152.162.78 443
https://ipleak.net/?q=213%EF%BB%BF.152.162.%EF%BB%BF78

Compare it to a normal string that has to be ASCII,
 
remote 213.152.162.78 443
Visually it looks the same, but are very different:

https://ipleak.net/?q=213.152.162.78
https://ipleak.net/?q=213.152.162.78

But only the second one is correct.
Why are there UTF-8 byte order marks in your config?
Did you edit it in non standard language encoding and pasted it back?
Make a simple text file with your desired servers and save it as your final config.
This text file has to be parsed by OpenVPN in order to make the connection.
If you are not sure, use Eddie, it will not create such esoteric issues.

Another thing, you didn't specify a number of hosts for remote-random.
So  you will always end up with the same server.

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post
@zhang888 thanks for your answer.
I am a bit surpiced. I used notepad to open the generated config file
The as far as I know I just typed the IP address in at the place of the original. IP in the generated file 
And the saved the file. 
I must check later what happened here:S

I did not know I had to add a number to remote-random
With 10 servers in the list is the syntax?
remote-random 10
 

Share this post


Link to post

Generated configs are called this way for a simple reason - that they are generated in a pre-configured way
that will always work and hopefully provide you with the best experience, and that you should better leave as is.

According to your use case, there is no way to generate a config with "random as in random" pattern, since
actually it is almost already the case when you specify XX.airvpn.org as your server, where XX is the ISO of the country.

As far as I can understand, only a few servers and their corresponding exit IPs are working in your case?
So in that scenario, you should have a config file as follows:

remote 1.2.3.4 443
remote 2.3.4.5 443
remote 3.4.5.6 443
remote 4.5.6.7 443
remote-random

Where "remote" are the desired entry IPs, and the "remote-random" will ensure to choose a real random pattern
based on your own client, so no way for AirVPN to force you any specific server.
You don't actually gain anything from it, quite the opposite, but it is your own choice to use anything you prefer.
The load balancing ensures you won't be connected to a 99% used server just because it came random.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

@zhang888

The problem is more that a few of the NL serrvers get blacklisted and then I cannot even reachh my own email anymore. If there would be a way that I could only block those unique serveres that would be my preferred solution. This haopened a few times in a year and now I recognize the syntoms I could deal with it.
When I am at hope and find out that this happens this is not the biggest problem I can discnnect and connect again for the VPN client in the router but this is not anything that I want my wife to do. 

Greets,
Bert

Share this post


Link to post
48 minutes ago, mrbert said:

When I am at hope and find out that this happens this is not the biggest problem I can discnnect and connect again for the VPN client in the router but this is not anything that I want my wife to do. 

@mrbert
Try it this way:
------------------
resolv-retry infinite
remote-cert-tls server
comp-lzo
verb 4
ping-restart 21600
-----------------
Ping restart every 6 hours. Change the value to restart the session for/in 12/36/etc. hours.
For NL servers I prefer Chara.(pick the one that best works for you). As in one that is not blacklisted and you can check your email on.
If you still want to use:
nl.vpn.airdns.org
Pick a server from OpenNIC for DNS.
Regards,
Flx



 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...