Jump to content
Not connected, Your IP: 18.189.143.1
AirVPN
Sign in to follow this  
Followers 0
donald_duck

AirVPN over TOR connection

By donald_duck, ... in Eddie - AirVPN Client

Recommended Posts

donald_duck    0

donald_duck
Posted ...

Hi, I'm trying to use TOR and AirVPN together but I receive an error (I've downloaded TOR bundle and configured 127.0.0.1:9050 as socks in AirVPN connection). It fails to connect if I choose TCP or UDP for any possible port (443 or 80). The log is:

07/11/2012 - 16.55 Login...

07/11/2012 - 16.55 Login success.

07/11/2012 - 16.55 Contacting service...

07/11/2012 - 16.55 Connecting...

07/11/2012 - 16.55 OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

07/11/2012 - 16.55 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

07/11/2012 - 16.55 LZO compression initialized

07/11/2012 - 16.55 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:10 ]

07/11/2012 - 16.55 Socket Buffers: R=[8192->8192] S=[8192->8192]

07/11/2012 - 16.55 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:10 AF:3/1 ]

07/11/2012 - 16.55 Local Options hash (VER=V4): '22188c5b'

07/11/2012 - 16.55 Expected Remote Options hash (VER=V4): 'a8f55717'

07/11/2012 - 16.55 Attempting to establish TCP connection with 127.0.0.1:9050

07/11/2012 - 16.55 TCP connection established with 127.0.0.1:9050

07/11/2012 - 16.55 recv_socks_reply: Socks proxy returned bad reply

07/11/2012 - 16.55 TCP/UDP: Closing socket

07/11/2012 - 16.55 SIGTERM[soft,init_instance] received, process exiting

07/11/2012 - 16.55 Failed to start.

Thanks in advance.

Share this post

Link to post

Staff    9972

Staff
Posted ...

Hello!

Can you please make sure that you have selected a TCP port (the proxy can't handle UDP) and that the proxy type (http or socks) is correct?

Kind regards

Share this post

Link to post

Staff    9972

Staff
Posted ...

Yes, I'm sure and I can confirm that to you.

Hello!

Can you please try a connection over the TOR proxy directly with OpenVPN (i.e. not using the Air client)?

You can generate the appropriate configuration and get certificates and key with the configuration generator.

Kind regards

Share this post

Link to post

donald_duck    0

donald_duck
Posted ...

Ok, thanks. It seems that I can connect properly, this is openvpn log:

Thu Nov 08 09:43:01 2012 OpenVPN 2.2.2 Win32-MSVC++ [sSL] [LZO2] [PKCS11] built on Dec 15 2011

Thu Nov 08 09:43:01 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Thu Nov 08 09:43:02 2012 LZO compression initialized

Thu Nov 08 09:43:02 2012 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]

Thu Nov 08 09:43:02 2012 Socket Buffers: R=[8192->8192] S=[8192->8192]

Thu Nov 08 09:43:02 2012 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]

Thu Nov 08 09:43:02 2012 Local Options hash (VER=V4): '958c5492'

Thu Nov 08 09:43:02 2012 Expected Remote Options hash (VER=V4): '79ef4284'

Thu Nov 08 09:43:02 2012 Attempting to establish TCP connection with 127.0.0.1:9050

Thu Nov 08 09:43:02 2012 TCP connection established with 127.0.0.1:9050

Thu Nov 08 09:43:02 2012 TCPv4_CLIENT link local: [undef]

Thu Nov 08 09:43:02 2012 TCPv4_CLIENT link remote: 127.0.0.1:9050

Thu Nov 08 09:43:03 2012 TLS: Initial packet from 127.0.0.1:9050, sid=106ef094 8b7d2fa7

Thu Nov 08 09:43:08 2012 VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

Thu Nov 08 09:43:08 2012 VERIFY OK: nsCertType=SERVER

Thu Nov 08 09:43:08 2012 VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

Thu Nov 08 09:43:19 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Thu Nov 08 09:43:19 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Thu Nov 08 09:43:19 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Thu Nov 08 09:43:19 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Thu Nov 08 09:43:19 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

Thu Nov 08 09:43:19 2012 [server] Peer Connection Initiated with 127.0.0.1:9050

Thu Nov 08 09:43:21 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Thu Nov 08 09:43:22 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.1.90 10.5.1.89'

Thu Nov 08 09:43:22 2012 OPTIONS IMPORT: timers and/or timeouts modified

Thu Nov 08 09:43:22 2012 OPTIONS IMPORT: LZO parms modified

Thu Nov 08 09:43:22 2012 OPTIONS IMPORT: --ifconfig/up options modified

Thu Nov 08 09:43:22 2012 OPTIONS IMPORT: route options modified

Thu Nov 08 09:43:22 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

Thu Nov 08 09:43:22 2012 ROUTE default_gateway=81.119.134.129

Thu Nov 08 09:43:22 2012 TAP-WIN32 device [Connessione alla rete locale (LAN) 2] opened: \\.\Global\{18D36A11-0294-4A04-8621-49231B9FB5D5}.tap

Thu Nov 08 09:43:22 2012 TAP-Win32 Driver Version 9.9

Thu Nov 08 09:43:22 2012 TAP-Win32 MTU=1500

Thu Nov 08 09:43:22 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.5.1.90/255.255.255.252 on interface {18D36A11-0294-4A04-8621-49231B9FB5D5} [DHCP-serv: 10.5.1.89, lease-time: 31536000]

Thu Nov 08 09:43:22 2012 Successful ARP Flush on interface [24] {18D36A11-0294-4A04-8621-49231B9FB5D5}

Thu Nov 08 09:43:27 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up

Thu Nov 08 09:43:27 2012 C:\WINDOWS\system32\route.exe ADD 127.0.0.1 MASK 255.255.255.255 81.119.134.129

Thu Nov 08 09:43:27 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4

Thu Nov 08 09:43:27 2012 Route addition via IPAPI succeeded [adaptive]

Thu Nov 08 09:43:27 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.5.1.89

Thu Nov 08 09:43:27 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

Thu Nov 08 09:43:27 2012 Route addition via IPAPI succeeded [adaptive]

Thu Nov 08 09:43:27 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.5.1.89

Thu Nov 08 09:43:27 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

Thu Nov 08 09:43:27 2012 Route addition via IPAPI succeeded [adaptive]

Thu Nov 08 09:43:27 2012 C:\WINDOWS\system32\route.exe ADD 10.5.0.1 MASK 255.255.255.255 10.5.1.89

Thu Nov 08 09:43:27 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4

Thu Nov 08 09:43:27 2012 Route addition via IPAPI succeeded [adaptive]

Thu Nov 08 09:43:27 2012 Initialization Sequence Completed

Now, in Tor Browser if I check my IP I see: 173.*.*.69 and in the other browser (here I have not changed nothing) I see: 178.*.*.132.

It is correct? Which browser I have to use for full use of AirVPN and Tor?

Thanks.

Share this post

Link to post

Staff    9972

Staff
Posted ...

Now, in Tor Browser if I check my IP I see: 173.*.*.69 and in the other browser (here I have not changed nothing) I see: 178.*.*.132.

It is correct? Which browser I have to use for full use of AirVPN and Tor?

Thanks.

Hello!

The logs are just fine and yes, what you see is exactly how it works.

When you use an application not configured to be tunneled over TOR, you will tunnel it over AirVPN over TOR transparently. On the Internet "you will be visible" with the exit-IP of the Air server the TOR exit-node sends to and receive from the packets.

When you use a program that is configured to be tunneled over TOR, you will tunnel it either over TOR alone (if it connects over the same proxy OpenVPN connects over as well, apparently your case) or over TOR over AirVPN over TOR (if you tunnel it over a different TOR proxy).

In all the above cases, your real IP address is never known to our servers.

So, to tunnel over Air over TOR, you need to use a browser NOT configured for TOR. In order to tunnel over TOR over Air over TOR, you need a browser configured to be tunneled over TOR which connects over a different TOR proxy. You can easily do that for example in a VM. In this way, when using the TOR browser in the VM, you will tunnel it over TOR over Air over TOR and you will be visible on the Internet with the Air server exit-IP address. In this case our servers will be able neither to see your real IP address, nor your "real" encapsulated packet headers nor your packets payload.

In general the second circuit of your TOR browser in the VM will be different from the first, established circuit "used" by your OpenVPN client.

Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...