Jump to content
Not connected, Your IP: 18.117.168.71
Staff

Using AirVPN over TOR

Recommended Posts

ok, i got it...when connecting to the server, you must choose TCP in mode section in airvpn window. That was the reason.

but question #2

i use me->tor->vpn.

I've chosen server in european country, then i search in TOR for my IP on the internet, and it shows me next information: USA, PC name: tor-exit.xxxx.com

is it normal?

Share this post


Link to post

That is what I get when I run Tor over VPN (me > VPN > Tor).

 

Perhaps you were using the Tor browser (Firefox 17.x)? If so, you would not be using the VPN tunnel (me > Tor)

 

When I run VPN over Tor (me > Tor > VPN) and use another browser (i.e. Firefox 25.x), I got my VPN provider IP address.

 

If you were using another browser, then I wouldn't know what's going on. If that is the case, where did you go to check you IP address / hostname?

Share this post


Link to post

I want to connect to Air over Tor but experiencing problems.

 

I downloaded Tor Browser and followed the instructions from here https://airvpn.org/tor/

I entered at the Vidalia Control Panel/settings the socks proxy and port.

 

This is the error I am getting:

 

Vidalia was unable to apply your Network settings to Tor.

Unable to set option: Failed to bind one of the listener ports.

 

Thank you

Share this post


Link to post

Not that familiar with Tor. Any chance another instance of Tor was running? Are you using the default Vidalia > Settings > Advanced: 127.0.0.1:9151?

 

Did you change any settings in Vidalia (Network, Sharing, Advanced)?

Share this post


Link to post

 

Hello,

 

I'm using OpenSUSE 13.1 (kernel 3.12.3). I used the instructions from https://airvpn.org/tor/
 

Tor Browser Bundle connects to the TOR:

 

Dec 09 22:23:20.068 [Notice] Tor v0.2.3.25 (git-17c24b3118224d65) running on Linux.

[...]

Dec 09 22:23:20.071 [Notice] Opening Socks listener on 127.0.0.1:9150

Dec 09 22:23:20.071 [Notice] Opening Control listener on 127.0.0.1:9151

[…]

Dec 09 22:23:20.071 [Notice] Opening Socks listener on 127.0.0.1:9150

Dec 09 22:23:20.071 [Notice] Opening Control listener on 127.0.0.1:9151

[...]

Dec 09 22:23:27.641 [Notice] Bootstrapped 100%: Done.


 

The computer connects to the server of AirVPN (TCP, port 443, SOCKS,127.0.0.1 9150):

client

dev tun

proto tcp

remote [...] 443

resolv-retry infinite

nobind

ns-cert-type server

cipher AES-256-CBC

comp-lzo

verb 3

socks-proxy 127.0.0.1 9150

[...]

 

My computer connects to the AirVPN (Connection Manager status: connected), but Tor Browser Bundle does not load any web page (same as Firefox 25). When I turn off the AirVPN, the TOR switch to the new identity.
 

Thanks for the help!

Share this post


Link to post

Hi Amadeus, welcome.

 

See if you are getting name resolution through the tunnel from a terminal session. Try:


ping 10.5.0.1
traceroute google.com
ping 8.8.8.8

Share this post


Link to post

Hi. Thank you for your quick reply. Here is the result:

When I connected only through TOR:

 

ping 10.5.0.1

PING 10.5.0.1 (10.5.0.1) 56(84) bytes of data.

^C

--- 10.5.0.1 ping statistics ---

34 packets transmitted, 0 received, 100% packet loss, time 32999ms

 

traceroute google.com

traceroute to google.com (173.194.112.5), 30 hops max, 60 byte packets

1 [...] 0.704 ms 11.472 ms 11.540 ms

2 [...] 11.643 ms 11.839 ms 13.121 ms

3 [...] 12.927 ms 12.945 ms 12.948 ms

4 [...] 11.928 ms 11.939 ms [...] 11.962 ms

5 [...] 13.016 ms 13.600 ms 13.776 ms

6 [...] 11.870 ms 5.322 ms 7.665 ms

7 [...] 16.258 ms [...] 16.246 ms 16.009 ms

8 [...] 19.721 ms [...] 19.829 ms [...] 20.050 ms

9 [...] 65.476 ms [...] 29.898 ms [...] 48.022 ms

10 [...] 28.460 ms 39.625 ms [...] 49.485 ms

11 [...] 49.846 ms 51.959 ms 60.327 ms

12 [...] 38.879 ms 52.031 ms 48.672 ms

13 [...] 55.202 ms 54.850 ms 73.362 ms

14 [...] 57.624 ms 79.506 ms 54.419 ms

 

ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=35.0 ms

64 bytes from 8.8.8.8: icmp_seq=2 ttl=46 time=50.9 ms

64 bytes from 8.8.8.8: icmp_seq=3 ttl=46 time=63.9 ms

64 bytes from 8.8.8.8: icmp_seq=4 ttl=46 time=67.8 ms

64 bytes from 8.8.8.8: icmp_seq=5 ttl=46 time=33.9 ms

64 bytes from 8.8.8.8: icmp_seq=6 ttl=46 time=73.7 ms

^C

--- 8.8.8.8 ping statistics ---

6 packets transmitted, 6 received, 0% packet loss, time 5005ms

 

When connected via TOR → AirVPN (TCP, port 443, SOCKS, 127.0.0.1 9150):

 

ping 10.5.0.1

PING 10.5.0.1 (10.5.0.1) 56(84) bytes of data.

^C

--- 10.5.0.1 ping statistics ---

9 packets transmitted, 0 received, 100% packet loss, time 7999ms

 

traceroute google.com

traceroute to google.com (173.194.70.113), 30 hops max, 60 byte packets

1 * * *

2 * * *

3 * * *

4 * * *

5 * * *

6 * * *

7 * * *

8 * * *

9 * * *

10 * * *

11 * * *

...

27 * *^C

 

ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

^C

--- 8.8.8.8 ping statistics ---

32 packets transmitted, 0 received, 100% packet loss, time 30999ms

 

Any ideas?

Share this post


Link to post

ICMP packets (ping, traceroute) do not go through the Tor network. Looks like you're not able to query your VPN name server (10.5.0.1). I'm assuming the name resolution for your google.com trace was cached from before connecting the tunnel.

Can you post your OpenVPN log from your connection after you connect over Tor?

 

I don't use Linux much but the logs might be here:

 

/etc/openvpn/

Share this post


Link to post

Hello again. All right. I look for and will paste the log.

Thank you.

 

EDIT:

Below is my log of the connection via AirVPN (without TOR, only via AirVPN UDP):

2013-12-14T13:30:22.028230+01:00 [hostname hidden] NetworkManager[793]: <info> Starting VPN service 'openvpn'...

2013-12-14T13:30:22.031112+01:00 [hostname hidden] NetworkManager[793]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 4417

2013-12-14T13:30:22.065144+01:00 [hostname hidden] NetworkManager[793]: <info> VPN service 'openvpn' appeared; activating connections

2013-12-14T13:30:22.068829+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: init (1)

2013-12-14T13:30:22.111082+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: starting (3)

2013-12-14T13:30:22.111648+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (Connect) reply received.

2013-12-14T13:30:22.117358+01:00 [hostname hidden] nm-openvpn[4419]: OpenVPN 2.3.2 x86_64-suse-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [iPv6] built on May 31 2013

2013-12-14T13:30:22.133543+01:00 [hostname hidden] nm-openvpn[4419]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

2013-12-14T13:30:22.135735+01:00 [hostname hidden] nm-openvpn[4419]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2013-12-14T13:30:22.185401+01:00 [hostname hidden] nm-openvpn[4419]: UDPv4 link local: [undef]

2013-12-14T13:30:22.186104+01:00 [hostname hidden] nm-openvpn[4419]: UDPv4 link remote: [AF_INET][my IP hidden]:443

2013-12-14T13:30:27.904082+01:00 [hostname hidden] nm-openvpn[4419]: [server] Peer Connection Initiated with [AF_INET][my IP hidden]:443

2013-12-14T13:30:30.269429+01:00 [hostname hidden] nm-openvpn[4419]: TUN/TAP device tun0 opened

2013-12-14T13:30:30.270154+01:00 [hostname hidden] nm-openvpn[4419]: /usr/lib/nm-openvpn-service-openvpn-helper tun0 1500 1558 10.4.90.2 10.4.90.1 init

2013-12-14T13:30:30.279939+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (IP4 Config Get) reply received from old-style plugin.

2013-12-14T13:30:30.281950+01:00 [hostname hidden] NetworkManager[793]: <info> VPN Gateway: [my IP hidden]

2013-12-14T13:30:30.282490+01:00 [hostname hidden] NetworkManager[793]: <info> Tunnel Device: tun0

2013-12-14T13:30:30.282911+01:00 [hostname hidden] NetworkManager[793]: <info> IPv4 configuration:

2013-12-14T13:30:30.283416+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Gateway: 10.4.90.1

2013-12-14T13:30:30.283898+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Address: 10.4.90.2

2013-12-14T13:30:30.286084+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Prefix: 32

2013-12-14T13:30:30.286641+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Point-to-Point Address: 10.4.90.1

2013-12-14T13:30:30.288702+01:00 [hostname hidden] NetworkManager[793]: <info> Maximum Segment Size (MSS): 0

2013-12-14T13:30:30.289431+01:00 [hostname hidden] NetworkManager[793]: <info> Static Route: 10.4.0.1/32 Next Hop: 10.4.0.1

2013-12-14T13:30:30.290165+01:00 [hostname hidden] NetworkManager[793]: <info> Forbid Default Route: no

2013-12-14T13:30:30.290717+01:00 [hostname hidden] NetworkManager[793]: <info> Internal DNS: 10.4.0.1

2013-12-14T13:30:30.292620+01:00 [hostname hidden] NetworkManager[793]: <info> DNS Domain: '(none)'

2013-12-14T13:30:30.293164+01:00 [hostname hidden] NetworkManager[793]: <info> No IPv6 configuration

2013-12-14T13:30:30.293657+01:00 [hostname hidden] nm-openvpn[4419]: Initialization Sequence Completed

2013-12-14T13:30:31.289281+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (IP Config Get) complete.

2013-12-14T13:30:31.291697+01:00 [hostname hidden] NetworkManager[793]: <info> Policy set '[AirVPN connection name hidden]' (tun0) as default for IPv4 routing and DNS.

2013-12-14T13:30:31.374196+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: started (4)

2013-12-14T13:30:31.374676+01:00 [hostname hidden] NetworkManager[793]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...

 

Below my log from trying to connect to AirVPN (TCP) via TOR:

2013-12-14T13:09:31.375468+01:00 [hostname hidden] NetworkManager[793]: <info> Starting VPN service 'openvpn'...

2013-12-14T13:09:31.414339+01:00 [hostname hidden] NetworkManager[793]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 3717

2013-12-14T13:09:31.465314+01:00 [hostname hidden] NetworkManager[793]: <info> VPN service 'openvpn' appeared; activating connections

2013-12-14T13:09:31.470329+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: init (1)

2013-12-14T13:09:31.589914+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: starting (3)

2013-12-14T13:09:31.621341+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (Connect) reply received.

2013-12-14T13:09:31.677513+01:00 [hostname hidden] nm-openvpn[3721]: OpenVPN 2.3.2 x86_64-suse-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [iPv6] built on May 31 2013

2013-12-14T13:09:31.689858+01:00 [hostname hidden] nm-openvpn[3721]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

2013-12-14T13:09:31.690659+01:00 [hostname hidden] nm-openvpn[3721]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2013-12-14T13:09:31.810230+01:00 [hostname hidden] nm-openvpn[3721]: Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]

2013-12-14T13:09:31.811005+01:00 [hostname hidden] nm-openvpn[3721]: TCP connection established with [AF_INET]127.0.0.1:9150

2013-12-14T13:09:32.450939+01:00 [hostname hidden] nm-openvpn[3721]: TCPv4_CLIENT link local: [undef]

2013-12-14T13:09:32.452589+01:00 [hostname hidden] nm-openvpn[3721]: TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:9150

2013-12-14T13:09:45.238570+01:00 [hostname hidden] nm-openvpn[3721]: [server] Peer Connection Initiated with [AF_INET]127.0.0.1:9150

2013-12-14T13:09:48.120747+01:00 [hostname hidden] nm-openvpn[3721]: TUN/TAP device tun0 opened

2013-12-14T13:09:48.121878+01:00 [hostname hidden] nm-openvpn[3721]: /usr/lib/nm-openvpn-service-openvpn-helper tun0 1500 1560 10.5.11.6 10.5.11.5 init

2013-12-14T13:09:48.148558+01:00 [hostname hidden] NetworkManager[793]: <warn> /sys/devices/virtual/net/tun0: couldn't determine device driver; ignoring...

2013-12-14T13:09:48.161068+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (IP4 Config Get) reply received from old-style plugin.

2013-12-14T13:09:48.161607+01:00 [hostname hidden] NetworkManager[793]: <info> VPN Gateway: 127.0.0.1

2013-12-14T13:09:48.161973+01:00 [hostname hidden] NetworkManager[793]: <info> Tunnel Device: tun0

2013-12-14T13:09:48.162456+01:00 [hostname hidden] NetworkManager[793]: <info> IPv4 configuration:

2013-12-14T13:09:48.162881+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Gateway: 10.5.11.5

2013-12-14T13:09:48.163583+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Address: 10.5.11.6

2013-12-14T13:09:48.164084+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Prefix: 32

2013-12-14T13:09:48.164562+01:00 [hostname hidden] NetworkManager[793]: <info> Internal Point-to-Point Address: 10.5.11.5

2013-12-14T13:09:48.165054+01:00 [hostname hidden] NetworkManager[793]: <info> Maximum Segment Size (MSS): 0

2013-12-14T13:09:48.165569+01:00 [hostname hidden] NetworkManager[793]: <info> Static Route: 10.5.0.1/32 Next Hop: 10.5.0.1

2013-12-14T13:09:48.166157+01:00 [hostname hidden] NetworkManager[793]: <info> Forbid Default Route: no

2013-12-14T13:09:48.166633+01:00 [hostname hidden] nm-openvpn[3721]: Initialization Sequence Completed

2013-12-14T13:09:48.167237+01:00 [hostname hidden] NetworkManager[793]: <info> Internal DNS: 10.5.0.1

2013-12-14T13:09:48.167718+01:00 [hostname hidden] NetworkManager[793]: <info> DNS Domain: '(none)'

2013-12-14T13:09:48.168198+01:00 [hostname hidden] NetworkManager[793]: <info> No IPv6 configuration

2013-12-14T13:09:49.167939+01:00 [hostname hidden] NetworkManager[793]: <info> VPN connection '[AirVPN connection name hidden]' (IP Config Get) complete.

2013-12-14T13:09:49.170389+01:00 [hostname hidden] NetworkManager[793]: <info> Policy set '[AirVPN connection name hidden]' (tun0) as default for IPv4 routing and DNS.

2013-12-14T13:09:49.241805+01:00 [hostname hidden] NetworkManager[793]: <info> VPN plugin state changed: started (4)

2013-12-14T13:10:48.018684+01:00 [hostname hidden] nm-openvpn[3721]: [server] Inactivity timeout (--ping-restart), restarting

2013-12-14T13:10:48.020724+01:00 [hostname hidden] nm-openvpn[3721]: SIGUSR1[soft,ping-restart] received, process restarting

2013-12-14T13:10:53.024342+01:00 [hostname hidden] nm-openvpn[3721]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

2013-12-14T13:10:53.026148+01:00 [hostname hidden] nm-openvpn[3721]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2013-12-14T13:10:53.027681+01:00 [hostname hidden] nm-openvpn[3721]: Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]

2013-12-14T13:10:53.029014+01:00 [hostname hidden] nm-openvpn[3721]: TCP connection established with [AF_INET]127.0.0.1:9150

2013-12-14T13:10:58.030707+01:00 [hostname hidden] nm-openvpn[3721]: recv_socks_reply: TCP port read timeout expired: Operation now in progress (errno=115)

2013-12-14T13:10:58.032589+01:00 [hostname hidden] nm-openvpn[3721]: SIGUSR1[soft,init_instance] received, process restarting

2013-12-14T13:11:03.035612+01:00 [hostname hidden] nm-openvpn[3721]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

 

The content of the last six entries are repeated over and over again.

 

EDIT2:

I checked on a virtualized Windows 7 (guest), with direct connection to the physical network - I do not have any problems in connection TOR -> AirVPN. But in Linux (host: openSUSE 13.1, kernel 3.12) I do not have connection...

 

Kind regards,

Amadeus

Share this post


Link to post

I do not know what is going on. I saw the inactivity timeout when running VPN over Tor on Windows XP.

 

https://airvpn.org/topic/10172-connection-disconnection-loop/?p=13141

 

but it was in about 41 (yours is about 59 seconds) seconds after an established connection.

 

2013-12-14T13:10:48.018684+01:00 [hostname hidden] nm-openvpn[3721]: [server] Inactivity timeout (--ping-restart), restarting

 

This looks similar to what @airbreathe experienced: https://airvpn.org/topic/54-using-airvpn-over-tor/?p=8550

It appears he might have also posted this issue (without resolution) here:

http://superuser.com/questions/608897/openvpn-through-socks-proxy-on-linux

but it was suggested to check SOCKS proxy

 

This

2013-12-14T13:10:58.030707+01:00 [hostname hidden] nm-openvpn[3721]: recv_socks_reply: TCP port read timeout expired: Operation now in progress (errno=115)

 

might be residual but it looks similar to this bug:

https://community.openvpn.net/openvpn/ticket/328

 

I saw a few e-mails yesterday on Tor-Talk regarding this - OpenVPN over Tor [#328 recv_socks_reply TCP timeout]

 

Some are saying: "Now if you can't ever connect openvpn via socks at all, you need to watch your tor log for that and add prefersocksnoauth to socksport. Or presumably apply this patch to openvpn".

 

I'm a bit confused why authentication would play a part in this.

 

There is also a (prefersocksnoauth) major bug fix that was applied to TBB 0.2.4.19 - 2013-12-11

 

I’m not sure what’s up with this:

2013-12-14T13:09:31.689858+01:00 [hostname hidden] nm-openvpn[3721]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

But that link had this:

Important Note on possible "Man-in-the-Middle" attack if clients do not verify the certificate of the server they are connecting to.

To avoid a possible Man-in-the-Middle attack where an authorized client tries to connect to another client by impersonating the server, make sure to enforce some kind of server certificate verification by clients. There are currently five different ways of accomplishing this, listed in the order of preference:

  • [OpenVPN 2.1 and above]Build your server certificates with specific key usage and extended key usage. The RFC3280 determine that the following attributes should be provided for TLS connections:

Mode         Key usage                                                                            Extended key usage
Client         digitalSignature                                                                    TLS Web Client Authentication
                  keyAgreement
                  digitalSignature, keyAgreement

Server       digitalSignature, keyEncipherment                                        TLS Web ServerAuthentication         

                 digitalSignature, keyAgreement

Share this post


Link to post

I am interested in running VPN over TOR but as you replied earlier to me tunnelblick cannot do that.

 

If I understand correctly there still is no mac osx client available.

 

How can I run this configuration on mac? I am using Viscosity.

Share this post


Link to post

All this is insanely confusing and enormously frustrating. I'd like to setup airVPN over Tor on Ubuntu 13.10 using network manager.

Follow this guide: https://airvpn.org/tor/
But where it says:
"If you use the configuration generator, don't forget to download the archive air.zip, copy all the files inside it, and paste them into the OpenVPN configuration directory."
I have no idea which folder is referred to. I have 6 folders named openvpn, 1 named network-manager-openvpn and 1 named network-manager-openvpn-gnome. Which is it?

To setup the vpn in the network manager I followed a guide on this forum that I don't have the link for atm... but the procedure was the following:
- edit connections, add, import saved vpn settings, create, select .ovpn file, save, connect. Works fine for direct connections (i.e not socks nor SSH, these two just fail at connection attempt.)

From https://airvpn.org/tor/ I gather I launch tor browser bundle first, then try to connect. But this fails immediately.
Also wondering if 127.0.0.1 is the correct SOCKS proxy? Saw someone else mentioned another number.

Please help me out with this. I have now wasted a third of my bought access time to airVPN trying to get this to just work =)
 

Share this post


Link to post

All this is insanely confusing and enormously frustrating. I'd like to setup airVPN over Tor on Ubuntu 13.10 using network manager.

 

Follow this guide: https://airvpn.org/tor/

But where it says:

"If you use the configuration generator, don't forget to download the archive air.zip, copy all the files inside it, and paste them into the OpenVPN configuration directory."

I have no idea which folder is referred to. I have 6 folders named openvpn, 1 named network-manager-openvpn and 1 named network-manager-openvpn-gnome. Which is it?

 

To setup the vpn in the network manager I followed a guide on this forum that I don't have the link for atm... but the procedure was the following:

- edit connections, add, import saved vpn settings, create, select .ovpn file, save, connect. Works fine for direct connections (i.e not socks nor SSH, these two just fail at connection attempt.)

 

From https://airvpn.org/tor/ I gather I launch tor browser bundle first, then try to connect. But this fails immediately.

Also wondering if 127.0.0.1 is the correct SOCKS proxy? Saw someone else mentioned another number.

 

Please help me out with this. I have now wasted a third of my bought access time to airVPN trying to get this to just work =)

 

 

Just bear in mind that support for 13.10 ends in July.  I switched my stuff to 14.04 recently realizing that I don't want to beat myself up with something that is over in a few months.  A thought??

Share this post


Link to post

From https://airvpn.org/tor/ I gather I launch tor browser bundle first, then try to connect. But this fails immediately.

Also wondering if 127.0.0.1 is the correct SOCKS proxy? Saw someone else mentioned another number.

 

Please help me out with this. I have now wasted a third of my bought access time to airVPN trying to get this to just work =)

 

I'm not familiar with Linux. Yes, 127.0.0.1 is correct.

Could you paste your OpenVPN config file settings. They should look something like this:

 

client

dev tun

proto tcp

remote <...> 433

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

cipher AES-256-CBC

comp-lzo no

verb 3

 

socks-proxy 127.0.0.1 9150

 

Also try to locate you log file for this particular (failed) OpenVPN connection and paste it here.

 

It's probably not that long if it's not connecting but it doesn't matter. If it's long paste it. The log file should be in ./log and the naming convention is like your config file, something like this AirVPN_SE-Cygni_TCP-443.log

I do not know where Ubuntu places them, maybe somewhere in /Applications or /users if those even exist in Linux.

Share this post


Link to post

iwih2gk:

I was using 12.04 and when 14.04 was released I wanted to upgrade to it. I stay with the 04s because I'm new to ubuntu. Ubuntu.com stated that I needed to upgrade one release at a time though. But by the time I got to 13.10 there had been so many errors that it couldn't be upgraded again. Now there are a lot of annoying error messages all the time. I don't know whether to wipe the installation completely (which was what I was trying to avoid in the first place) or go through the errors one by one with help from ubuntuforums, and pull my hair out. Rock and a hard place. Ironic that I wanted to upgrade to 14.04 to stay as secure and error free as possible...


amnesty:

client
dev tun
proto tcp
remote europe.vpn.airdns.org 443
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
verb 3
 
socks-proxy 127.0.0.1 9150
ca "ca.crt"
cert "user.crt"
key "user.key"
tls-auth "ta.key" 1

I renamed this to AirVPN_EU_TCP-443 in network manager but that doesnt matter right? The name was to long for me to be able to tell which of the different airVPN settings was which because that menu only allows the display of so many characters.

I did a search on the entire computer for something called ./log but found nothing. Also manually looked through all openvpn folders but there was nothing like a log file in any of them.. Did another search for 'airvpn' and found no log files. Is there another way?

Thanks for helping.

Share this post


Link to post

Try searching for log lose the ./

I don't remember how you do that in Linux but it sounds like you do.

find / -name log -print ?

 

I need to run out for the night but hang in there with your timeframe.

Once you get it going you'll be golden.

This is a great service.

 

You might also wanna look into what @iwih2gk was talking about once you get this ironed out.

Share this post


Link to post

amnesty:
Here we go! For anyone reading this who would like to find the same log, it's talked about here. It's located in etc/var/log/syslog
For this log I followed the guide and launched Tor before trying to connect to airVPN. It immediately fails...

May  4 11:03:47 username NetworkManager[843]: <info> Starting VPN service 'openvpn'...
May  4 11:03:47 username NetworkManager[843]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 27012
May  4 11:03:47 username NetworkManager[843]: <info> VPN service 'openvpn' appeared; activating connections
May  4 11:03:47 username NetworkManager[843]: <info> VPN plugin state changed: init (1)
May  4 11:03:47 username NetworkManager[843]: <info> VPN plugin state changed: starting (3)
May  4 11:03:47 username NetworkManager[843]: <info> VPN connection 'AirVPN_EU_TCP-443_TOR' (Connect) reply received.
May  4 11:03:47 username nm-openvpn[27015]: OpenVPN 2.3.2 i686-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Jul 12 2013
May  4 11:03:47 username nm-openvpn[27015]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May  4 11:03:47 username nm-openvpn[27015]: WARNING: file '/media/truecrypt1/Security/airVPN/AirVPN TOR/user.key' is group or others accessible
May  4 11:03:47 username nm-openvpn[27015]: WARNING: file '/media/truecrypt1/Security/airVPN/AirVPN TOR/ta.key' is group or others accessible
May  4 11:03:47 username nm-openvpn[27015]: Control Channel Authentication: using '/media/truecrypt1/Security/airVPN/AirVPN TOR/ta.key' as a OpenVPN static key file
May  4 11:03:47 username nm-openvpn[27015]: Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]
May  4 11:03:47 username nm-openvpn[27015]: TCP connection established with [AF_INET]127.0.0.1:9150
May  4 11:03:47 username nm-openvpn[27015]: socks_handshake: server asked for username/login auth but we were not provided any credentials
May  4 11:03:47 username nm-openvpn[27015]: SIGTERM[soft,init_instance] received, process exiting
May  4 11:03:47 username NetworkManager[843]: <info> VPN plugin state changed: stopped (6)
May  4 11:03:47 username NetworkManager[843]: <info> VPN plugin state change reason: 0
May  4 11:03:47 username NetworkManager[843]: <info> Policy set 'Uplink' (eth1) as default for IPv4 routing and DNS.
May  4 11:03:47 username NetworkManager[843]: <warn> error disconnecting VPN: Could not process the request because no VPN connection was active.
May  4 11:03:53 username NetworkManager[843]: <info> VPN service 'openvpn' disappeared


Also found this in a file called tor-socks.conf. Don't know if it's important but thought I'd add it. Note the red above and below:

# This is the configuration for libtsocks (transparent socks) for use
# with tor, which is providing a socks server on port 9050 by default.
#
# See tsocks.conf(5) and torify(1) manpages.

server = 127.0.0.1
server_port = 9050

Share this post


Link to post

Tor Browser Bundle uses TCP port 9150
Tor uses TCP port 9050

Try changing your OpenVPN config file to 9050

socks-proxy 127.0.0.1 9050

Share this post


Link to post

Hello guys !
.

I can connecte Tor and airvpn togheter (if i close Tor browser the vpn is disconnected and the little pc icon become yellow).

But when i'm using firefox, my ip adresse is one of Tor's ip and not the ip of airvpn.

I would like to :

-  use classical browsers (firefox, google chrome etc..)

-  but i want thoses browsers to see the Airvpn ip adresse and not mine.

-  and i want Aivpn to see Tor's exit node ip adresse and not mine.

I didn't find the solution in the forum, and i'm not very good (sorry). All this is a little bit new for me.

I use open vpn (proxy socks, 127.0.0.1 ;  9150  in open vpn configuration).

Thank you very much for your reply !

Share this post


Link to post

'm a computer science layman attempting to utilize AirVPN and TOR to browse anonymously. 

When i first got AirVPN i went to preferences>protocols> Tor and checked it. Now i have to open TOR first to then run AirVPN. My worry is that i paid for AirVPN non-anonymously. If an attacker were to link my activity on TOR with my account with AirVPN they essentially have my identity, correct? 

If i were to make a new AirVPN account on public wifi and pay for it with bitcoins from said public wifi then would i need to even mess with OpenVPN to browse anonymously? 

https://airvpn.org/tor/  This guide doesn't even mention OpenVPN, is it really necessary for my purpose?

Share this post


Link to post

No.  Do you see anywhere in your airvpn user settings where it contains your name or e-mail address? Even the billing information and alternate contacts areas of the client area stay blank unless you specifically put information in them.  There's no risks unless you make them.  AirVPN doesn't care who you are.  There's no data about it in the Client Area unless you put it there.

Share this post


Link to post

 

anonmc wrote:

Would this work on debian using torify command? i.e. say i wanted to torify an ssh connection, what would be the signal path?

 

my pc -> vpn ->tor entry node -> tor exit node -> ssh server?

 

Or is that wrong?

 

Thanks

 

Pete

 

Hello!

 

You have described TOR over VPN. We recommend VPN over TOR, so that we can't see your real IP address and the TOR nodes see encrypted OpenVPN traffic.

 

The correct path of your config is:

PC (OpenVPN with proxy) -> TOR entry -> TOR exit -> VPN server -> SSH server

 

There should be no need to torify anything. Every application should transparently use VPN over TOR (thanks to OpenVPN proxy features). Furthermore, UDP traffic now can go through TOR (it's TCP over UDP, done by OpenVPN)!

 

In this way:

 

- SSH server sees VPN server exit-IP address

- VPN server sees TOR exit node IP address

- VPN server sees SSH encrypted traffic

- TOR servers see OpenVPN+SSH encrypted traffic

 

The packets which finally go out have the SSH server IP address on their header. So please note that if the SSH server is owned by you and you have given your real identity to rent or house it, you might destroy completely the anonymity layer.

 

Kind regards

AirVPN

 

Hey there do you have any tips on how to set up the config of: PC (OpenVPN with proxy) -> TOR entry -> TOR exit -> VPN server -> SSH server

?

 

I've gotten the AirVPN over Tor part working. Both on Linux and Mac OS X. How are you using OpenVPN with proxy (I assume Stunnel or Obfsproxy) to connect to TOR independently? If I try to use Obfs4Proxy as a bridge using TOR, AirVPN client then times out because it can't figure out the entry node of TOR. Isn't AirVPN client already using OpenVPN? Once I've done gotten the OpenVPN with proxy working, how do I then get AirVPN to connect to an SSH Server? I've tried doing a bunch of different ways but still can't get it. Any help is greatly appreciated. I work primarily on Linux but I can do Mac OS X too. Thank you!

Share this post


Link to post

So I got the following msg; "successful test. Tor Version: 0.3.4.9"

 

Does this mean that I'm using my AirVPN with Tor being first? --> so my internet providers sees that I'm using TOR essentially, correct?

To keep it like that, do I simple minimize the "Tor Browser" and just do whatever I'm doing, but with TOR + AirVPN protection?

 
 
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...