Using AirVPN over TOR

[airbreathe 0]

Unfortunately, I have not added any "remote" options to my config and use "canonical" configuration produced by config generator.

Here it is (certs are omitted, believe the are not important in here)

client

proto tcp

dev tun

remote <snip> 443

remote <snip> 443

remote <snip> 443

remote <snip> 443

<snip>

remote-random

resolv-retry infinite

nobind

ns-cert-type server

cipher AES-256-CBC

comp-lzo

verb 3

socks-proxy 127.0.0.1 9150

<ca>

-----BEGIN CERTIFICATE-----

[Staff 9969]

Also I am not specialist in routing, so can anyone explain in details this little magic about new routes:

Mar 20 01:16:38 localhost openvpn[5214]: /sbin/ip route add 127.0.0.1/32 via 10.1.1.1

Mar 20 01:16:38 localhost openvpn[5214]: /sbin/ip route add 0.0.0.0/1 via 10.5.2.145

Mar 20 01:16:38 localhost openvpn[5214]: /sbin/ip route add 128.0.0.0/1 via 10.5.2.145

Mar 20 01:16:38 localhost openvpn[5214]: /sbin/ip route add 10.5.0.1/32 via 10.5.2.145

especially this one:

route add 127.0.0.1/32 via 10.1.1.1

why 127.0.0.1 should be accessed via 10.1.1.1? May here be a trouble with routing?

Hello!

The socks proxy can be external as well, for example on a server with a public IP address, or on another device in the LAN. OpenVPN needs to communicate with such a node outside the tunnel, needing therefore to reach the proxy server (in your case 127.0.0.1) through the default gateway (in this case 10.1.1.1).

Actually, since 127.0.0.1 is the localhost, that route is superfluous (but in no way harmful) in this particular case, OpenVPN just include it without discerning peculiar cases.

We have tried to replicate the behavior on yet another Linux box without success, eveything works swiftly. IF it's the bug that was mentioned in a previous post in this thread, it might be related to your box. Unfortunately we have currently no CentOS 6.2 available, we will investigate further. In the meantime you might like to post in CentOS and OpenVPN community support forums.

Kind regards

[airbreathe 0]

I agree that here we have symptoms looking very similar to http://readlist.com/lists/lists.sourceforge.net/openvpn-users/2/12784.html (not taking into account that error string is little different, but numeric error code is the same). However, I am not sure yet that this is the only trouble in our case - from my point of view, prior to having recv_socks_reply error 115, we are having problems with pinging server (option "ping 10" pushed by OpenVPN) which leads to triggering restart (option "ping-restart 60" pushed by OpenVPN) and this restart fails due to recv_socks_reply. So, may be, we are facing couple of issues here.

I am going to try with Debian squeeze and post results here. However, making CentOS operational is preferred solution for me.

Thanks!

[airbreathe 0]

Tested with Ubuntu 11.04 and OpenVPN 2.3.0

no luck though, result is the same

OpenVPN 2.3.0 i486-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Mar 1 2013

NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Socket Buffers: R=[87380->131072] S=[16384->131072]

Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]

TCP connection established with [AF_INET]127.0.0.1:9150

TCPv4_CLIENT link local: [undef]

TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:9150

TLS: Initial packet from [AF_INET]127.0.0.1:9150, sid=97e0e2ff c67faebd

VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

VERIFY OK: nsCertType=SERVER

VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

[server] Peer Connection Initiated with [AF_INET]127.0.0.1:9150

SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.1.98 10.5.1.97'

OPTIONS IMPORT: timers and/or timeouts modified

OPTIONS IMPORT: LZO parms modified

OPTIONS IMPORT: --ifconfig/up options modified

OPTIONS IMPORT: route options modified

OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

TUN/TAP device tun0 opened

TUN/TAP TX queue length set to 100

do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

/sbin/ifconfig tun0 10.5.1.98 pointopoint 10.5.1.97 mtu 1500

/sbin/route add -net 127.0.0.1 netmask 255.255.255.255 gw 10.1.1.1

/sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.5.1.97

/sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.5.1.97

/sbin/route add -net 10.5.0.1 netmask 255.255.255.255 gw 10.5.1.97

Initialization Sequence Completed

[server] Inactivity timeout (--ping-restart), restarting

/sbin/route del -net 10.5.0.1 netmask 255.255.255.255

/sbin/route del -net 127.0.0.1 netmask 255.255.255.255

/sbin/route del -net 0.0.0.0 netmask 128.0.0.0

/sbin/route del -net 128.0.0.0 netmask 128.0.0.0

Closing TUN/TAP interface

/sbin/ifconfig tun0 0.0.0.0

SIGUSR1[soft,ping-restart] received, process restarting

Restart pause, 5 second(s)

NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Socket Buffers: R=[87380->131072] S=[16384->131072]

Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]

TCP connection established with [AF_INET]127.0.0.1:9150

recv_socks_reply: TCP port read timeout expired: Operation now in progress (errno=115)

SIGTERM[soft,init_instance] received, process exiting

need some fresh ideas how to continue

[Royee 10]

Hi is it possible to use AirVPN with TOR on a Tomato router with airvpn configuration ?

 

I see the 1st thing this guide ask is to connect to Tor network then connect to airvpn.... ie so no one sees your ip address,   I fail how I can do this with a tomato router which is always connected to AirVPN servers.....

[Loopshell 0]

Should I see traffic on the session download and session upload window while connected to tor? I have connected to Tor then set the airvpn client to socks with port 9150, but session upload and download does not change when I browse through the tor browser. If I open a page in chrome it shows traffic in that window though. Here's a log in case its useful.

 

8/18/2013 - 8:48 PM AirVPN client version: 1.8

8/18/2013 - 8:48 PM Reading options from C:\Users\Main\AppData\Roaming\AirVPN\Air\1.0.0.0\AirVPN.xml

8/18/2013 - 8:48 PM OpenVPN bundle version: OpenVPN 2.3.0

8/18/2013 - 8:48 PM OpenVPN current version: OpenVPN 2.3.0

8/18/2013 - 8:48 PM Ready.

8/18/2013 - 8:48 PM Login...

8/18/2013 - 8:48 PM Login success.

8/18/2013 - 8:48 PM Contacting service...

8/18/2013 - 8:48 PM Connecting...

8/18/2013 - 8:48 PM OpenVPN 2.3.0 i686-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [iPv6] built on Jan 8 2013

8/18/2013 - 8:48 PM NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

8/18/2013 - 8:48 PM Socket Buffers: R=[8192->8192] S=[8192->8192]

8/18/2013 - 8:48 PM Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150

8/18/2013 - 8:48 PM TCP connection established with [AF_INET]127.0.0.1:9150

8/18/2013 - 8:48 PM TCPv4_CLIENT link local: [undef]

8/18/2013 - 8:48 PM TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:9150

8/18/2013 - 8:48 PM TLS: Initial packet from [AF_INET]127.0.0.1:9150, sid=aa8e19ff ba8c43e1

8/18/2013 - 8:48 PM VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org

8/18/2013 - 8:48 PM VERIFY OK: nsCertType=SERVER

8/18/2013 - 8:48 PM VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

8/18/2013 - 8:48 PM Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

8/18/2013 - 8:48 PM Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

8/18/2013 - 8:48 PM Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

8/18/2013 - 8:48 PM Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

8/18/2013 - 8:48 PM Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

8/18/2013 - 8:48 PM [server] Peer Connection Initiated with [AF_INET]127.0.0.1:9150

8/18/2013 - 8:48 PM SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

8/18/2013 - 8:48 PM PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.3.190 10.5.3.189'

8/18/2013 - 8:48 PM OPTIONS IMPORT: timers and/or timeouts modified

8/18/2013 - 8:48 PM OPTIONS IMPORT: LZO parms modified

8/18/2013 - 8:48 PM OPTIONS IMPORT: --ifconfig/up options modified

8/18/2013 - 8:48 PM OPTIONS IMPORT: route options modified

8/18/2013 - 8:48 PM OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

8/18/2013 - 8:48 PM do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0

8/18/2013 - 8:48 PM open_tun, tt->ipv6=0

8/18/2013 - 8:48 PM TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{CB49026E-06CE-4F26-A185-76BDF1D3B3AC}.tap

8/18/2013 - 8:48 PM TAP-Windows Driver Version 9.9

8/18/2013 - 8:48 PM Notified TAP-Windows driver to set a DHCP IP/netmask of 10.5.3.190/255.255.255.252 on interface {CB49026E-06CE-4F26-A185-76BDF1D3B3AC} [DHCP-serv: 10.5.3.189, lease-time: 31536000]

8/18/2013 - 8:48 PM Successful ARP Flush on interface [14] {CB49026E-06CE-4F26-A185-76BDF1D3B3AC}

8/18/2013 - 8:48 PM TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

8/18/2013 - 8:48 PM C:\Windows\system32\route.exe ADD 127.0.0.1 MASK 255.255.255.255 10.1.10.1

8/18/2013 - 8:48 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

8/18/2013 - 8:48 PM Route addition via IPAPI succeeded [adaptive]

8/18/2013 - 8:48 PM C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.5.3.189

8/18/2013 - 8:48 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

8/18/2013 - 8:48 PM Route addition via IPAPI succeeded [adaptive]

8/18/2013 - 8:48 PM C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.5.3.189

8/18/2013 - 8:48 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

8/18/2013 - 8:48 PM Route addition via IPAPI succeeded [adaptive]

8/18/2013 - 8:48 PM C:\Windows\system32\route.exe ADD 10.5.0.1 MASK 255.255.255.255 10.5.3.189

8/18/2013 - 8:48 PM ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

8/18/2013 - 8:48 PM Route addition via IPAPI succeeded [adaptive]

8/18/2013 - 8:48 PM Initialization Sequence Completed

8/18/2013 - 8:48 PM Starting Management Interface...

8/18/2013 - 8:48 PM Checking...

8/18/2013 - 8:49 PM Retrieve statistics...

8/18/2013 - 8:49 PM Connected.

 

[Staff 9969]

Hello,

 

that's correct: if you run a program configured to connect over the TOR proxy, its traffic will be tunneled over TOR only. When you wish traffic over OpenVPN over TOR you must run programs NOT configured to connect to TOR.

 

Kind regards

[airvpnuser256 0]

hello.

 

So i think i finally got it to work on my Win7. At least i think...

 

 

I was initally using the AirVPN.exe client (changing the settings to point to the SOCKS Proxy) which failed.

 

Then went the other route and used the OpenVPN.exe.

I generated the config files using the SOCKS Proxy Host and port from AirVPN website

Added those config files into the OpenVPN config dir

Ran the OpenVPN key utility as administator

Started TOR

Ran the OpenVPN Gui (openvpn-gui.exe) as admin

In the right systems tray right clicked on OpenVPN Gui and selected any of the AirVPN_xxx configs

For a popup saying im connected to AirVPN...

 

So my question is, how do i know i am running VPN over TOR?

 

Cheers!

 

 

[Royee 10]

hello.

 

So i think i finally got it to work on my Win7. At least i think...

 

 

I was initally using the AirVPN.exe client (changing the settings to point to the SOCKS Proxy) which failed.

 

Then went the other route and used the OpenVPN.exe.

I generated the config files using the SOCKS Proxy Host and port from AirVPN website

Added those config files into the OpenVPN config dir

Ran the OpenVPN key utility as administator

Started TOR

Ran the OpenVPN Gui (openvpn-gui.exe) as admin

In the right systems tray right clicked on OpenVPN Gui and selected any of the AirVPN_xxx configs

For a popup saying im connected to AirVPN...

 

So my question is, how do i know i am running VPN over TOR?

 

Cheers!

 

Am no expert,  but could you not just check under Client Area,  and see at the bottom where it says "We see your connection coming from" as long as your IP is not the one your ISP is and its a different one then bingo your safe. 

 

Perhaps even checking the IP that Tor gives you when you first run the Tor Browser with should be listed under client area too.

[airvpnuser256 0]

Am no expert,  but could you not just check under Client Area,  and see at the bottom where it says "We see your connection coming from" as long as your IP is not the one your ISP is and its a different one then bingo your safe. 

 

Perhaps even checking the IP that Tor gives you when you first run the Tor Browser with should be listed under client area too.

 

hi. yea i did something like that and it didnt seem to match up. so i wasnt sure what was going on.

 

so...on airvpn site and checked the bottom of the page where it says "Connected" in green with the ip address, which read AirVPN ip.

 

And on the new tor browser page, it showed the Tor IP.

 

Both were different. I wasn't sure if the Tor page was showing an entrance node ip and maybe AirVPN was showing an exit node ip...anyways im new to this so i was confused.

 

 

So does anyone know if i did in fact got VPN over TOR working?

[JaxT 0]

Is there software to set this up to run with mac os x and TOR? cause I can't get it done whatsoever!

[Royee 10]

I retried it again yesterday,  and I see what you mean it is confusing.

 

It gets tricky to know for sure considering there is entrance and exit nodes involved,  in my situation I saw the Airvpn website green icon saying "not connected"  and had a different IP address in Red,  also AirVPN client still saw my real ISP IP under client so I was connecting Tor over AirVPN.

 

See here:

https://airvpn.org/tor/

 

I assume you want to do AirVPN with Tor?  This way its much more secure and this way AirVPN should then show a different IP under client Area section rather then your real ISP IP.

 

I assume I have the above information is correct,  but it would be nice if staff or someone else can confirm it.   It would also be most helpful if the AirVPN guide could be update the guide informing a method to confirm if the Connection to Tor is successful or not for both types of connection to tor,  us newbies would appreciate it

[airvpnuser256 0]

I retried it again yesterday,  and I see what you mean it is confusing.

 

It gets tricky to know for sure considering there is entrance and exit nodes involved,  in my situation I saw the Airvpn website green icon saying "not connected"  and had a different IP address in Red,  also AirVPN client still saw my real ISP IP under client so I was connecting Tor over AirVPN.

 

See here:

https://airvpn.org/tor/

 

I assume you want to do AirVPN with Tor?  This way its much more secure and this way AirVPN should then show a different IP under client Area section rather then your real ISP IP.

 

I assume I have the above information is correct,  but it would be nice if staff or someone else can confirm it.   It would also be most helpful if the AirVPN guide could be update the guide informing a method to confirm if the Connection to Tor is successful or not for both types of connection to tor,  us newbies would appreciate it

Hey  Royee,

 

Ok i think it worked! And i did check the Client Area to see my incoming IP. It looked like this.

 

 

Client Area > Current session statistics

 

This account is actually logged to [AIRVPN SERVER] (xxx.xxx.xxx.xxx, TCP), located in...

You are visible from the Internet with IP xxx.xxx.xxx.xxx (Server Exit-IP).

 

We see your connection coming from xxx.xxx.xxx.xxx:xxxx [TOR IP].

 

So looks like my incoming is the TOR IP and AIRVPN is assigning me its IP.

 

I think this is VPN over TOR.

 

The trick was not to use the AirVPN client and using OpenVPN client.

 

Thanks for the help!

[Royee 10]

Yes I think you got it !  The incoming IP should be the Tor one and not your original ISP,   yes I read a while back on one of the postings here its recommended to use the OpenVPN client so it connects more direct before revealing your original IP.

 

I find OpenVPN client good but noticed it can stop working sometimes without warning you!   perhaps its advisable to setup firewall rules in case it goes down.

 

I think you are on VPN with Tor, I am on a router myself so no idea if its possible but that is another tale....

[Royee 10]

Just to confirm attempted the AirVPN with Tor (better privacy) way,  I had the same experience as Airvpn user above,  I was not able to successfully use AirVPN client with socks etc,  I think the client is buggy or not remembering the sock/port setting !

 

Ended up just connecting to internet normal isp way,  then ran tor to get a new tor ip,  then ran openVPN client and clicked connect (placed my config files in program files\openvpn\config) and it took longer but connected with OpenVPN client and then to confirm It was in fact working,  logged onto AirVPN client area and noticed :

 

We see your connection coming from xxx.xxx.xxx.xxx:xxxx [TOR IP].

 

If you check the Green button at bottom of Airvpn website where it usually says connected it should be in Red and with Tors IP instead,  so your client area will see the connection coming from "Tor IP" as mentioned above.

 

At least this way people will be able to see if you have connected "AirVPN with TOR" Correctly.  

 

If you want to confirm if you have connected to

"tor over airvpn"

Simply look into Client Area and you will see your isp IP as "coming from"

[airvpnuser256 0]

Hey Royee or Admin,

So i've been using OpenVPN over TOR and here are somethings i notice/wondering:

A.) Desktop browser uses OpenVPN >> TOR (verified through AirVPN/Client Area), while TOR Bundle Browser just use TOR relays
B.) Desktop browser cant open .onion sites

So that makes me wonder:
1.) Is OpenVPN >> TOR using any of the layered encryption through each relay?
2.) Is it even going through the three relays at all or just from my Start node to AirVPN?
3.) When i use the TOR Bundle Browser, am I doing TOR >> VPN?

Royee, Admin, anyone knows whats going on?

Cheers!

[Staff 9969]

Hello!

 

A - If you connect any application to the same TOR proxy OpenVPN connects to, that application traffic will be tunneled over TOR only. That's normal and correct.

 

B - Normal again.

 

1. The question is a little unclear. Anyway, a packet tunneled over OpenVPN over TOR will be encrypted by OpenVPN and then by TOR. The TOR encryption will be no more when the packet gets out of the TOR exit-node to reach the Air server. The OpenVPN encryption will be no more when the packet gets out of the AirVPN server. When passing through all the TOR nodes, your packet "real" payload and header will be still encrypted by OpenVPN.

 

2. Yes, basically, oversimplifying: your node->TOR entry->TOR relay->TOR exit->Air server->the Internet

 

3. Assuming that with TOR -> VPN you mean "OpenVPN over TOR": if OpenVPN is connected over TOR: NO. If OpenVPN is NOT connected over TOR: YES.

 

To say it with different words: if you wish TOR over OpenVPN (without using VM), connect OpenVPN directly, then use TOR. In this case remember that only applications configured to connect to the TOR proxy will have their traffic over TOR over OpenVPN, all the others will have their traffic over OpenVPN only.

 

Kind regards

[VPS 1]

Question about malicious TOR exit nodes when using AirVPN over TOR:

 

How is it possible that a malicious TOR exit node would not be able to see the decrypted traffic?

 

As I understand it traffic is decrypted when leaving TOR and then again encrypted by AirVPN. So should an adversary not be possible to spy on the traffic when decryption/encryption happens between TOR and AirVPN?

 

Otherwise any VPN over TOR would be the 'magical' solution to overcoming the malicious TOR exit node problem that plagues TOR. If this is the case, I don't understand why it's not more commonly advocated.

[Staff 9969]

Question about malicious TOR exit nodes when using AirVPN over TOR: How is it possible that a malicious TOR exit node would not be able to see the decrypted traffic?

 

Hello,

 

because the traffic is still encrypted by your OpenVPN 'client' when it passes through the TOR nodes. It is decrypted by our VPN server and then sent out on the Internet.

 

Remember that OpenVPN has the ability to connect to a VPN server over a socks or an http proxy. Example for outgoing packets: your cleartext packets headers and payloads are encrypted and then encapsulated in TCP or UDP by your OpenVPN. Before getting out of your system, they are again encrypted and encapsulated by TOR. When they reach the TOR exit-node, only the encryption layer by TOR is no more. The OpenVPN encryption is still there.

 

 

As I understand it traffic is decrypted when leaving TOR and then again encrypted by AirVPN.

 

See above.

 

So should an adversary not be possible to spy on the traffic when decryption/encryption happens between TOR and AirVPN? Otherwise any VPN over TOR would be the 'magical' solution to overcoming the malicious TOR exit node problem that plagues TOR. If this is the case, I don't understand why it's not more commonly advocated.

 

Yes, this the solution.

 

It introduces other problems (see http://forum.dee.su/topic/vpn-tor-more-anonymity) so you must evaluate the purpose of this solution. The main purposes are solving the TOR exit-node problem you cited, hiding your IP address to our VPN servers (partition of trust, to defeat an adversary that's wiretapping a VPN server) and hiding to the final node (but not to your ISP!) the fact that you're using TOR. Additionally, this is a "starting point" for more sophisticated forms of partition of trust. Imagine for example to connect a host over OpenVPN over TOR. Then run a Virtual Machine in that same host and connect to a VPN service, or to TOR, or to another proxy, that VM (itself connected via NAT to the host machine). You will have an additional partition of trust which might be desirable in extremely critical data transfer, when low performance is considered an acceptable price to pay.

 

Kind regards

[### 0]

 

Could you please explain the technical side of your VPN over Tor solution?

I mean, 127.0.0.1:9050 is usually used by the Tor client (Vidalia). So, how can both the OpenVPN client and Vidalia share the same socket?

 

Also, would that method work in case the whole system traffic is to be torified, e.g. if you're using Liberte Linux which does so?

 

Hello!

 

Connections over http or over SOCKS proxy are a smart feature of OpenVPN. http://openvpn.net/index.php/open-source/documentation/howto.html#http

 

The method we suggest in our example can be used successfully in Linux Liberte as well.

https://airvpn.org/tor

 

Please do not hesitate to contact us for any further information.

 

Kind regards

Can you please explain exactly how to do because:

 

http://forum.dee.su/topic/vpn-tor-more-anonymity

[darkesthour 0]

I have 2 technical questions to this topic still, regardless the enormous amount of threads I read about AirVPN over TOR   or   TOR over AirVPN....

 

 

 

1) How does AirVPN client handle TOR dynamical IPs when on AirVPN over TOR?

 

the Air Client seems be showing only the first Tor assigned IP as entry address, unregarded of the continuos Tor IPs changing. How does this TOR behavior influence on the VPN Tunneling process?

 

2) Is my understanding right:

 

"There is no way whatsoever with either two of the configs  [ AirVPN over TOR   or   TOR over AirVPN ] to channel and so consequently encrypt .onion site data."

 

- If TOR over AirVPN can access .onion without configuring any specific rule ( using TorBrowser with Identity = Tor's IP -> VPN's IP -> MY IP), but my exit node will have no encryption ( on any data ,neither other browsers's / aps's )

- if AirVPN over TOR will have encryption on all data that is not proxied directly to TOR, which is exactly the case of .onion sites, which are accessible only via TorBrowser which is only dealing with it's Proxy, skipping  so completely the VPN.

 

 

I hope i made any sense and hopefully I can clear some of my questions in order to choose the best set up.

 

Thank you

[apollo808 0]

Exactly how does one initiate TOR over VPN?

 

i.e. In steps: I turn my computer on, plug in my internet cable, connect to AirVPN... THEN turn on TOR.

 

Is it as simple as that?

[apollo808 0]

 

Is there software to set this up to run with mac os x and TOR? cause I can't get it done whatsoever!

 

 

Giving back to the community

 

You NEED TO DOWNLOAD TUNNELBLICK (this is what you connect with.) The link is on the AirVPN website.

 

Then you open it and follow the instructions.

 

Then you import one of the files from the main AirVPN site which is your VPN preferences. You turn that into a file on your computer and make a new file for TUNNLEBLICK to work with.

 

Then you double click and cross your fingers.

 

Good luck.

[amnesty 18]

Exactly how does one initiate TOR over VPN? i.e. In steps: I turn my computer on, plug in my internet cable, connect to AirVPN... THEN turn on TOR. Is it as simple as that?

 

Yes.

 

If you are using Vidalia, you can select, "View the Network" and check out the "Connections". In there you will see which circuit(s) and TCP ports you are using.

[curryface 0]

Hello there, i try this coombination:

my node->TOR entry->TOR relay->TOR exit->Air server->the Internet

i open TOR, then launch airvpn client

Vidalia options are:

tor management: use TCP connection (control port) 127.0.0.1:9151

i change airvpn pref for proxy as: type socks, 127.0.0.1:9150 and also i tried 127.0.01:9151

airvpn connects me to the server list, but fails on connecting to any server

 

vidalia journal show this: socks5: command 3 not recognized. Rejecting

Fetching socks handshake failed. Closing

 

What should i do?

 

thx!