dwright 25 Posted ... I was reading about a provider and came across a feature they called VPN chaining, where you connect to several nodes in sequence, a bit like Tor I suppose. With them you can connect to up to 4 of their servers. Would it be possible to do this with AirVPN? If not, would you be able to enable it? Also, if you did and I connected to 3 nodes for example, would the 3rd node have any 'knowledge' of the first node I connected to? I have tried connecting to more than one server at once without success. I have also tried first connecting to a different provider and then Air (and vice versa) but it didn't work. Quote Share this post Link to post
Staff 9972 Posted ... Hello, sorry, we do not offer this option by default, which is considered substantially useless and less secure in comparison to TOR over OpenVPN (or OpenVPN over TOR), because all the nodes are operated by the same entity. Kind regards Quote Share this post Link to post
dd79 15 Posted ... Isnt this the routing (double hoping) that allows me to access american streaming sites, even if connection to a swedish vpn server? Quote Share this post Link to post
Staff 9972 Posted ... Isnt this the routing (double hoping) that allows me to access american streaming sites, even if connection to a swedish vpn server?Correct! Kind regards Quote Share this post Link to post
lordlukan 3 Posted ... Hello, sorry, we do not offer this option by default, which is considered substantially useless and less secure in comparison to TOR over OpenVPN (or OpenVPN over TOR), because all the nodes are operated by the same entity. Kind regards Interesting response! How about this senario.1. A court orders the data centre to provide them with logs of all network traffic associated with AirVPN server (source IP address, source port, destination IP address, destination port, time, bytes).2. user -(1)→ VPN -(2)→ Internet. Enough data and analysis can yield (1) and (2) network activity and get the IP address of the user.3. AirVPN doesn't need to provide this data. Data centre already has it.4. Chaining 2 or more services (even from same provider, but in different jurisdictions) will make this kind of analysis more difficult. I wouldn't describe it as useless :-) Quote Share this post Link to post
lordlukan 3 Posted ... I have tried connecting to more than one server at once without success. I have also tried first connecting to a different provider and then Air (and vice versa) but it didn't work.It will work if you use UDP for the first hop on provider 1 and TCP on the 2nd hop of provider 2. It certainly works when having the first hop on a router (OpenWrt) providing wifi and then connecting with openvpn clinet on pc. You may have stability issues, however. Quote Share this post Link to post
Staff 9972 Posted ... Hello, sorry, we do not offer this option by default, which is considered substantially useless and less secure in comparison to TOR over OpenVPN (or OpenVPN over TOR), because all the nodes are operated by the same entity. Kind regards Interesting response! How about this senario.1. A court orders the data centre to provide them with logs of all network traffic associated with AirVPN server (source IP address, source port, destination IP address, destination port, time, bytes). Hello! So, they already can see your real IP address in the first place, if that VPN server is the first hop you connect to. 2. user -(1)→ VPN -(2)→ Internet. Enough data and analysis can yield (1) and (2) network activity and get the IP address of the user. So, even if they can't see your real IP address, they can see the exit-IP address of another server of the same company. 3. AirVPN doesn't need to provide this data. Data centre already has it.4. Chaining 2 or more services (even from same provider, but in different jurisdictions) will make this kind of analysis more difficult. It can slow it down. OpenVPN over TOR can make it impossible. I wouldn't describe it as useless :-) It is useless in comparison to OpenVPN over TOR. Additionally, OpenVPN over TOR protects you against the VPN provider itself, while multi-hopping to different servers of the same provider does not. Kind regards Quote Share this post Link to post
Royee 10 Posted ... I too was thinking why not spread the level of trust with VPN chaining, but as pointed out above multi hopping may not. OpenVPN over tor would protect against the VPN or anyone knowing at least who you are. But is User VPN 1 > VPN 2 Still going to much faster then say User > OpenVPN over tor ? Quote Share this post Link to post
Staff 9972 Posted ... I too was thinking why not spread the level of trust with VPN chaining, but as pointed out above multi hopping may not. OpenVPN over tor would protect against the VPN or anyone knowing at least who you are. But is User VPN 1 > VPN 2 Still going to much faster then say User > OpenVPN over tor ? Hello! Yes, in most cases it will be faster. Additionally you will have no protocol limitations like in TOR. However, it's not as secure as TOR over VPN, or VPN over TOR. As usual, it depends on the balance between security and performance that you want to achieve. Such balance can be correctly evaluated only by yourself, carefully, according to the sensitiveness of the data you need to receive or impart. Probably the easiest way to connect over a VPN over a VPN is through a VM attached via NAT (important!) to the host machine. The host connects to VPN1. The VM connects to VPN2. On the VM all the traffic will be tunneled over VPN2 over VPN1. This solution has also some nice side-effects, the usual advantages of running a VM: disasters and attacks isolation, portability, option to keep the virtual disk encrypted with the assurance that no unencrypted data can be written without your knowledge outside the virtual machine disk. Kind regards 2 dd79 and Royee reacted to this Quote Share this post Link to post
Royee 10 Posted ... thanks I like that idea of of host to VPN 1> VM to VPN2, and as you said protect it via encryption, guess it is for the super paranoid like myself ! Quote Share this post Link to post
JamesDean 10 Posted ... Here'a question I've always thought about, but never asked:If I have connected directly to Air in the past, but then connect via Tor one time...can that 'connected via Tor' session, be linked in any way to my previous 'direct connect' sessions? I was under the impression that if you didn't *always* connect via Tor, it is of no use to do so now. Am I correct? (I hope not! LOL) Quote Share this post Link to post
zzyzx 0 Posted ... Hello, I apologize for the lack of knowledge in this field (also, I don't think I can start a new thread since I haven't made enough posts so I have to bump up this (nice) thread). I've read about and tried VPN chaining with a VM as aforementioned in this thread. I have a question about what is actually happening in the following scenario (I can't reproduce it right now). My friend has a VPN configured on a DD-WRT router. I connected to AirVPN on my laptop while connecting to that router via WiFi. It didn't really concern me at the time, so I didn't check my IP, but I was able to connect to the web normally. Thank you! Quote Share this post Link to post
zhang888 1066 Posted ... Simple. You connect to AirVPN from the VPN server you are connected to via WiFi. That is in case the WiFi is bridged to the VPN interface on that router, which in most cases will be. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
zzyzx 0 Posted ... Thank you for your reply zhang888. Is this setup similar to chaining two VPN's using a VM? How would you (or anyone) rate this setup (connecting to AirVPN from DD-WRT router with a second VPN configured on it) for it's anonymity with the following two configurations? 1) AirVPN over Tor: I've read in this forum that VPN over Tor is the best configuration to secure your traffic, since the AirVPN will not know the user's true IP + all traffic is encrypted, so not even the Tor will know the nature of it. However, wouldn't the first Tor node know the user's true IP? 2) Chaining two VPN's using a VM ( AirVPN -> VPN 2): All traffic is encrypted however, VPN 2 will know the user's true IP. Please correct me if I am wrong about anything. Thank you! Quote Share this post Link to post
zhang888 1066 Posted ... In both of your examples the second VPN provider will not know your original IP, since you are connecting to it via the first one or via Tor.Tor>VPN is the most anonymous but also significantly slower, if you trust your provider and the connection methods it offers are not blockedfrom your source, there is no reason to use such an overhead setup. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
zzyzx 0 Posted ... Thank you, again, for your help zhang888! I'll put all my faith in a VPN over Tor (Tor > VPN); it gets kind of confusing for me when the comparison operator points the other way. I'm in the midst of trying to get AirVPN over Tor working on OSX, but am having trouble connecting to Tor even though I have installed the Tor Bundle (not just the Tor Browser) and configured AirVPN client and the torrc file as I posted here. I'll try to get it working properly. https://airvpn.org/topic/9978-vpn-chaining/?do=findComment&comment=52937 Thank you! Quote Share this post Link to post