Using AirVPN over Tor No Activity on Client

[jaypathora 1]

Good day,

 

I have changed the preferences on the client just as shown to do for Tor. I open Tor after it launches and confirms that I am on the Tor Network I then pick whichever server I want on the AirVPN client and then click on the modes tab and choose 443 TCP and then enter. Everything loads up just fine and the AirVPN client shows the same IP that the Tor page shows, but when I am using Tor I see no activity on the client. No upload or download. Is that right?

 

Also I noted in the Tor button preferences:

 

See attached image of Tor button preferences Window...

 

With Tors default settings "Use the recommended proxy settings for my version of Firefox" is selected. I chose "Use custom proxy settings" Should I have done that or left it to Tor default?

 

Any help would be appreciated.

 

Thanks,

J

[Staff 9825]

Hello,

 

yes, that's correct, because if you run a browser configured to connect over the SAME TOR proxy to which OpenVPN is connected as well, that browser will tunnel its traffic over TOR only, not over OpenVPN over TOR.

 

If you wish OpenVPN over TOR use a browser NOT configured to connect over TOR.

 

If you wish TOR over OpenVPN, first connect OpenVPN then launch TOR and use a browser configured to connect over the TOR proxy.

 

If you wish to connect over TOR, while connected over OpenVPN over TOR, connect a host over OpenVPN over TOR, then launch a VM (attached to the host via NAT, not bridged) and use TOR on the VM (so that on the VM you'll have connections over TOR-variable circuit over OpenVPN over TOR-another fixed circuit).

 

Kind regards

[jaypathora 1]

First off thanks for the quick response. Awesome customer service.

 

Thanks!! So the configuration I explained is right for running AirVPN over Tor? I don't normally do that, usually I just connect to the AirVPN client then open up Tor via the Tor Bundle aka Vidalia. I was just curious as to how to have my traffic encrypted by AirVPN go through all Tor nodes and I thought that was AirVPN over Tor like my original configuration I previously mentioned. In that way even though the exit node would see my traffic it would still be encrypted correct?

 

I basically just use Tor Vidalia for Tor Mail and that is it and want to be sure that all my communication through the network is encrypted all the time. Even though I know AirVPN can still trace back to me with my profile as my payment method wasn't anonymous, but that will be done in the future.

 

All in all I really enjoy your services and now that I have asked a question and received a quick response I am completely happy all the way around. I have definitely recommended your services to many people I know even small and large business owners.

 

Thanks,

J

[itsrumsey 0]

I would like to further clarify on the above options and their uses:

 

If you wish OpenVPN over TOR use a browser NOT configured to connect over TOR.

Pros: Will direct all web traffic through Tor including Flash and other plugins AirVPN servers can't see your real IP address (edit by Staff)

Cons: Will not be able to access .onion links through said applications

 

If you wish TOR over OpenVPN, first connect OpenVPN then launch TOR and use a browser configured to connect over the TOR proxy.

Pros: Tor entry point will not see your IP address (not very useful).  Your ISP will not be able to identify you are using Tor (also not so useful?).  Can still access .onion links. AirVPN servers can see your real IP address but can NOT see your traffic content, real origin and real destination (edit by Staff)

Cons: Minimal incentive to use this setup

 

If you wish to connect over TOR, while connected over OpenVPN over TOR, connect a host over OpenVPN over TOR, then launch a VM (attached to the host via NAT, not bridged) and use TOR on the VM (so that on the VM you'll have connections over TOR-variable circuit over OpenVPN over TOR-another fixed circuit).

Pros: Prevents AirVPN from seeing both your real IP OR (AND, edit by staff) your destination payload AND your traffic content (edit by Staff).  Can still access .onion links.

Cons: There is no real advantage to preventing AirVPN from seeing your unencrypted payload since any advanced adversaries can theoretically wiretap the final Tor exit node or alternative VPN provider just as easily.  Increased resource usage and more complex configuration / management.

 

In conclusion, connecting to AirVPN over Tor provides you with the majority of possible benefits without the downsides of complicated setup, which you would otherwise trade for an increased (potentially false) sense of security.

[jaypathora 1]

I am now confused. Could you tell me which configuration I am using?

What I have:

AirVPN Client
TOR Bundle

What I do:

1. Prior to doing anything I confirm AirVPN Settings by right clicking on the icon in the tray and click preferences. I confirm that the AirVPN proxy settings are set to:

Socks
Host: 127.0.0.1
Port: 9150

2. Run Tor via Vidalia Control Panel. TOR Browser comes up with the page showing I have properly configured Tor and shows what IP address I now have. I click the TOR Button and go to preferences. In the proxy setting tab I select "Use Custom Proxy Settings" as shown in the previously attached picture.

3. I go back to the AirVPN Client and login. I choose the server then click the mode tab and choose a TCP connection and hit enter.

4. Once connected the AirVPN Client displays the IP address that was given to me by TOR mentioned in step 2 above.

5. After that I check both the AirVPN log and the Vidalia Control Panel log. See below of both logs once I've completed the steps I've just explained.


Tor Log:

Jun 25 21:17:31.047 [Notice] Tor v0.2.3.25 (git-17c24b3118224d65) running on Windows 7.
Jun 25 21:17:31.047 [Notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 25 21:17:31.047 [Notice] Read configuration file "C:\Users\Junkie\Downloads\Tor Browser\Data\Tor\torrc".
Jun 25 21:17:31.047 [Notice] Initialized libevent version 2.0.21-stable using method win32. Good.
Jun 25 21:17:31.047 [Notice] Opening Socks listener on 127.0.0.1:9150
Jun 25 21:17:31.047 [Notice] Opening Control listener on 127.0.0.1:9151
Jun 25 21:17:31.266 [Notice] Parsing GEOIP file .\Data\Tor\geoip.
Jun 25 21:17:34.183 [Notice] No AES engine found; using AES_* functions.
Jun 25 21:17:34.183 [Notice] This OpenSSL has a good implementation of counter mode; using it.
Jun 25 21:17:34.183 [Notice] OpenSSL OpenSSL 1.0.0k 5 Feb 2013 looks like version 0.9.8m or later; I will try SSL_OP to enable renegotiation
Jun 25 21:17:34.183 [Notice] Reloaded microdescriptor cache.  Found 8931 descriptors.
Jun 25 21:17:34.183 [Notice] We now have enough directory information to build circuits.
Jun 25 21:17:34.183 [Notice] Bootstrapped 80%: Connecting to the Tor network.
Jun 25 21:17:34.183 [Notice] New control connection opened.
Jun 25 21:17:34.948 [Notice] Heartbeat: Tor's uptime is 0:00 hours, with 1 circuits open. I've sent 0 kB and received 0 kB.
Jun 25 21:17:35.057 [Notice] Bootstrapped 85%: Finishing handshake with first hop.
Jun 25 21:17:36.040 [Notice] Bootstrapped 90%: Establishing a Tor circuit.
Jun 25 21:17:37.132 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Jun 25 21:17:37.132 [Notice] Bootstrapped 100%: Done.

AirVPN Log:

6/25/2013 - 9:17 PM    AirVPN client version: 1.8
6/25/2013 - 9:17 PM    Reading options from C:\Users\Junkie\AppData\Roaming\AirVPN\Air\1.0.0.0\AirVPN.xml
6/25/2013 - 9:17 PM    OpenVPN bundle version: OpenVPN 2.3.0
6/25/2013 - 9:17 PM    OpenVPN current version: OpenVPN 2.3.0
6/25/2013 - 9:17 PM    Ready.
6/25/2013 - 9:18 PM    Login...
6/25/2013 - 9:18 PM    Login success.
6/25/2013 - 9:18 PM    Contacting service...
6/25/2013 - 9:18 PM    Connecting...
6/25/2013 - 9:18 PM    OpenVPN 2.3.0 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [iPv6] built on Jan  8 2013
6/25/2013 - 9:18 PM    NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
6/25/2013 - 9:18 PM    Socket Buffers: R=[8192->8192] S=[8192->8192]
6/25/2013 - 9:18 PM    Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150
6/25/2013 - 9:18 PM    TCP connection established with [AF_INET]127.0.0.1:9150
6/25/2013 - 9:18 PM    TCPv4_CLIENT link local: [undef]
6/25/2013 - 9:18 PM    TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:9150
6/25/2013 - 9:18 PM    TLS: Initial packet from [AF_INET]127.0.0.1:9150, sid=e43398ef 1f1ce8ed
6/25/2013 - 9:18 PM    VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
6/25/2013 - 9:18 PM    VERIFY OK: nsCertType=SERVER
6/25/2013 - 9:18 PM    VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
6/25/2013 - 9:18 PM    Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
6/25/2013 - 9:18 PM    Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
6/25/2013 - 9:18 PM    Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
6/25/2013 - 9:18 PM    Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
6/25/2013 - 9:18 PM    Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
6/25/2013 - 9:18 PM    [server] Peer Connection Initiated with [AF_INET]127.0.0.1:9150
6/25/2013 - 9:18 PM    SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
6/25/2013 - 9:18 PM    PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.5.0.1,comp-lzo no,route 10.5.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.5.2.158 10.5.2.157'
6/25/2013 - 9:18 PM    OPTIONS IMPORT: timers and/or timeouts modified
6/25/2013 - 9:18 PM    OPTIONS IMPORT: LZO parms modified
6/25/2013 - 9:18 PM    OPTIONS IMPORT: --ifconfig/up options modified
6/25/2013 - 9:18 PM    OPTIONS IMPORT: route options modified
6/25/2013 - 9:18 PM    OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
6/25/2013 - 9:18 PM    do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
6/25/2013 - 9:18 PM    open_tun, tt->ipv6=0
6/25/2013 - 9:18 PM    TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{AED003B9-ED11-4E48-B22C-591150314D11}.tap
6/25/2013 - 9:18 PM    TAP-Windows Driver Version 9.9
6/25/2013 - 9:18 PM    Notified TAP-Windows driver to set a DHCP IP/netmask of 10.5.2.158/255.255.255.252 on interface {AED003B9-ED11-4E48-B22C-591150314D11} [DHCP-serv: 10.5.2.157, lease-time: 31536000]
6/25/2013 - 9:18 PM    Successful ARP Flush on interface [16] {AED003B9-ED11-4E48-B22C-591150314D11}
6/25/2013 - 9:18 PM    TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
6/25/2013 - 9:18 PM    C:\Windows\system32\route.exe ADD 127.0.0.1 MASK 255.255.255.255 192.168.1.1
6/25/2013 - 9:18 PM    ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
6/25/2013 - 9:18 PM    Route addition via IPAPI succeeded [adaptive]
6/25/2013 - 9:18 PM    C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.5.2.157
6/25/2013 - 9:18 PM    ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
6/25/2013 - 9:18 PM    Route addition via IPAPI succeeded [adaptive]
6/25/2013 - 9:18 PM    C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.5.2.157
6/25/2013 - 9:18 PM    ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
6/25/2013 - 9:18 PM    Route addition via IPAPI succeeded [adaptive]
6/25/2013 - 9:18 PM    C:\Windows\system32\route.exe ADD 10.5.0.1 MASK 255.255.255.255 10.5.2.157
6/25/2013 - 9:18 PM    ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
6/25/2013 - 9:18 PM    Route addition via IPAPI succeeded [adaptive]
6/25/2013 - 9:18 PM    Initialization Sequence Completed
6/25/2013 - 9:18 PM    Starting Management Interface...
6/25/2013 - 9:18 PM    Checking...
6/25/2013 - 9:19 PM    Retrieve statistics...
6/25/2013 - 9:19 PM    Connected.

 

It doesn't show any communication of the two in my eyes, but I am not an expert by no means.

 

Is this correct? If so what do you consider this configuration? AirVPN over Tor? Or am I missing the point completely. I see you noted that I should use a browser NOT configured for TOR... how does that work? By using a different version of TOR instead of the out of the box TOR bundle? If so that may be out of my league

 

Also Admin, If I provided too much personal data in these logs please do not post or let me know and I'll fix it.

 

Thanks again to all that have helped me to understand these configurations.

[Staff 9825]

Hello jaypathora,

 

you're connecting your system over OpenVPN over TOR.

 

Kind regards

[jaypathora 1]

In the configuration I described I am still able to access .onion links. Which someone above mentioned I wouldn't be able to. That's ok. Also while in this configuration it seems to run at reasonable performance.

[itsrumsey 0]

In the configuration I described I am still able to access .onion links. Which someone above mentioned I wouldn't be able to. That's ok. Also while in this configuration it seems to run at reasonable performance.

 

I failed to mention that any software software configured to point to the Tor proxy will still use Tor, therefore your preconfigured Tor browser will still connect to onion links.