Leaderboard

Support informs me that they have reproduced this bug on a Debian 8 system and are working on a fix. Thanks again for your assistance on this, giganerd .

Hello! We're very glad to inform you that TLS 1.3 is now supported on all AirVPN web servers. Why TLS 1.3 is better than 1.2: https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3 TLS 1.0, 1.1 and 1.2 will still be available for backward compatibility. Kind regards and datalove AirVPN Staff

Hello! Today we're starting AirVPN ninth birthday celebrations! From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 22 countries in three continents, providing now 230,000+ Mbit/s to tens of thousands of people around the world. Software related development has also been powered up. Eddie Android edition is now a fully mature application which features an exclusive best effort method to prevent traffic leaks and a complete integration with AirVPN. In 2019 AirVPN has also started operating in South America, on top of Asia, Europe and North America, and the infrastructure has grown significantly, counting now on more than 260 bare metal servers, whose traffic is mainly powered by tier1 and tier2 transit providers. AirVPN has also become recently an EFF "Super Major Donor" member. Furthermore, and we're very glad to announce it here publicly for the first time, development for OpenBSD and FreeBSD has started. We are also integrating OpenVPN 3 on new software which will couple Eddie on UNIX-like systems, including Linux, during the second half of 2019. GDPR compliance was already a de facto standard for AirVPN way before the Regulation entered into force, mainly because we don't collect personal data, period. By the way the compliance is now fully formalized (check details in our Privacy Notice and Terms https://airvpn.org/privacy ). AirVPN provides probably the strongest protection to your data, not only personal data but all data, you can find on any service. If you are an AirVPN customer or user, you are probably aware that our service is radically different than any other VPN service you might have met anywhere. No whistles and bells, no marketing fluff, no fake locations, no advertising on mainstream media, a transparent privacy policy, no trackers on the web site or in mobile applications, no bullshit of any kind in our infrastructure to sell your personal data to any personal data merchant, and above all a clear mission which is the very reason which AirVPN operates for. https://airvpn.org/mission Many of you know that when you buy AirVPN service, you not only support yourself and improve your ability to exercise your fundamental rights, but you also support AirVPN mission. However, while AirVPN in itself has flourished, AirVPN mission aims and values related to fundamental rights have experienced, in 2018 and 2019, a grim time. Australia "encryption-busting" monstrous law is fully in force; the European Union has definitively approved the bad Copyright Directive, mandating automated filters, which will unavoidably limit freedom of expression on big boards, and making the first step to undermine the liability exemptions of mere conduits and web publishers alike; new threats to citizens' privacy are becoming real through plans of wide face recognition deployment, indiscriminate DNA databases proposals, more pervasive and efficient profiling (possibly even through AI), and strict cooperation between Internet tech giants and intelligence agencies; the persecution of journalists, publishers and whistleblowers all around the world has reached unprecedented levels, revealing a widespread plan to suppress freedom of the press and freedom of expression even in so called "Western democracies". One of the greatest journalists and publishers of all times, Julian Assange, nominated seven times for the Nobel Peace prize and winner of many journalistic prizes and awards, has been and is prosecuted and persecuted for having merely published the truth about war crimes, corruption, torture and more, with a 100% accuracy, and for having protected his sources as any good investigative journalist does. He has been detained arbitrarily and illegally, as widely ascertained and recognized by the UN. He has been victim of an abominable smear campaign based on ignominious lies and defamation, a campaign aimed to turn the public opinion against him and distract from WikiLeaks publications content exposing war criminals in governments key positions, warmongers, torture maniacs, systematic illegal surveillance, endemic privacy violations and plots to limit and reduce fundamental rights. He is currently detained in solitary confinement 23 hours a day, with no access to books, maximum two visits per month, forbidden in practice to coordinate a defense with his lawyers, in a tiny cell of a maximum security UK prison which has been designed for dangerous murderers and terrorists, while UK will decide whether to extradite him to the USA to face a potential 175 years imprisonment. Whistleblowers like Chelsea Manning, who should be regarded as a hero, as Noam Chomsky, John Pilger, Daniel Ellsberg and other titans of our times pointed out, have been tortured and are still persecuted by the very same criminals whose crimes were exposed. Privacy activists and software developers, like Ola Bini in Ecuador, are imprisoned without charges, simply for having showed friendship to Assange or WikiLeaks, or for having developed software aimed to protect privacy through encryption. And the list can go on and on and on. But make no mistake: the dark times we are living in, the environment of fear and intimidation that various governments are building against the exercise of those fundamental rights which our mission forces us to protect to the best of our abilities, the mounting attacks against "encryption for everyone" and the awareness that enemies of human rights nestle inside government agencies, have not undermined our determination. Quite the opposite: they have convinced us that our service is even more necessary now and we are resolute to do even more. Our mission has been and will be empowered by the ongoing support to projects and NGOs which aim to the protection of privacy, personal data and freedom of expression, now more than ever. We have confirmed our support to Tor and we will progressively add support to champions of freedom of expression and privacy in any way our capacities and abilities will allow us. If you're curious to know something about a series of fortunate events which gave birth to AirVPN, have a look here: https://airvpn.org/aboutus To worthily celebrate AirVPN ninth birthday, we're glad to inform you that starting from now we will offer a 20% discount on all long term plans. Hurry up, this special offer will end on June the 11th, 23:59:59 UTC! Check the new prices here. Kind regards and datalove AirVPN Staff

Hello! We are starting to publish "transparency mission reports" to add information and clarifications about the reasons of our support to projects, persons and NGOs. While the organic summary, as well as the mission statements, remains in https://airvpn.org/mission page, the reports will provide important explanations and insights. Our first report, covering the first five 2019 months, has just been published here: Kind regards and datalove AirVPN Staff

After a bit of tinkering I finally get 19/20 on ipv6-test.com running Waterfox 56.2.6 on Debian. I also get 19/20 on Chromium 70 and Firefox ESR (60.4.0). Waterfox addons also indicate that the browser connects to IPv6 addresses all the time. It doesn't seem to be an issue with getaddrinfo() or its config in gai.conf at all as mine is the same as Mr. kaymio's. So, what did I do? I am not entirely sure, to be honest. I disconnected from AirVPN and went on doing experiments on my ISP line with native IPv6. I set network.http.fast-fallback-to-IPv4;false network.notify.IPv6;false and restarted the browser. Then I reenabled the notify setting and restarted again. After that, Firefox/Waterfox magically started to prefer IPv6 and ipv6-test.com gave me 17/20. This is due to my router blocking ICMP (Fritz!Box calls this "Stealth Mode" ) so it should be 19/20 if I decide to stop filtering it. I reconnected to AirVPN and voilà, still prefers IPv6, now 19/20.

I Do not have the AI protection enabled in the router. My concern is more what will happen if the openVPN connection does not work. @kenwell I do not understand this part on your suggestion above Option; 1. Go to Firewall then to Network Services Filter. Select White-list then tick all days, 23:59 to 23:59. Click Apply Which firewall? In the router? On my PC?

As Staff recommended, I ran networksetup -getinfo Ethernet in Terminal. OK then, time to do some searching on my router and provider.

Windows 7 Firefox 61.0.1 Testing on Eridanus server with ipv6-test.com gives me a score of 19/20 test-ipv6.com score of 10/10 with no warnings

Seamless tunnel: ON Connect via: any network Reconnect on wakeup: ON Protocol: Adaptive Compression: Full Connection timeout: None Network state detection: Active Force AES-CBC ciphersuites: OFF Google DNS fallback: OFF (this one is up to you) Layer 2 reachability: ON

Thanks for that @S.O.A. It pretty much matches my usage. Tend to use Tor Browser by default. I second that.

Comodo Dragon + ABP (removed Comodo Media downloader and one more bundled extension) and still looking for way to disable youtube DASH without limiting myself to 360p

Great work! Do you have experience/knowledge about setting up TOR on pfSense and configure AirVPN over TOR directly on the pfSense?

I'm already on 2.3 Release via upgrade from 2.2.6. I'm just hesitant to do a clean install because everything seems to be working. That's why I asked how you're testing DNS and if the tunables problem was important.

Android does not include integrated support for OpenVPN servers. That's why you need an app which uses the VpnService API introduced in Android 4.0. Regarding port forwarding: Go to Client Area > Forwarded Ports and simply click on the +Add button. It will forward a random port for you, let's say, it's 9000. Then configure your P2P client to use the port it forwarded for you, in this case 9000.

Hello, this is a guide to prevent ANY leak on Windows 7/8 with Windows Firewall published by Omniferum. It is particularly simple to follow and well written, and it provides also a very comfortable "VPN flipper". Thank you Omniferum! Warning: the setup works on Windows 7 and Windows 8 with the default Windows Firewall. It has NOT been tested on any other Windows version. It will NOT work on Windows XP (whose firewall is completely different and very limited, Windows XP users might like to use Comodo Firewall). It is NOT suitable if you have any other firewall running on your system (remember, you must never run two firewalls simultaneously). Important: the VPN flipper script will NOT work if your Windows is not in English language, because the system Firewall rules names change (incredible but true!) according to the language (thanks to Esamu for the information). UPDATE 14-May-14: issue fixed. Original thread updated on May the 14th, 2014: https://airvpn.org/topic/9609-blocking-non-vpn-traffic-with-windows-firewall Kind regards

Hello! Locate line 23 to be sure to identify which line is giving syntax error. Also, make sure that after the copy & paste you have not inserted characters which may cause problems to the pf parser, for example CR+LF. Also, each line must be terminated with a CR, including the last line. Refer finally to your pf man page to check whether the syntax of your pf version is slightly different. Kind regards

Hello! Is there a good and easy way to block traffic when VPN disconnects for Mac OS X? Thanks

this is another internet under p2p.

Hi NaDre, thank you but I am hoping to do this over command line rather than a browser ideally so I can automate it as a script. Is there a way to do this using the API?

Yes though I don't know if you need to install entware for just SSH tunnel. I've done it in the past with an old asus router with merlin and entware. SSL tunnel too.

For those running Windows 10 and don't want to run the persistent command but still want the IPV6 by default, you can do so via Eddie. Open up Preferences, Go To Events, open the VPN Up (or anything above it, I don't know if it matters) option. For file name navigate to C:/Windows/System32/netsh.exe For argument type: interface ipv6 set prefixpolicy fc00::/7 37 1 store=active I have "Wait end of process" disabled, but I don't know if that matters. Click Save. Reconnect to an AirVPN server. You should now have IPV6 by default any time you connect to a server, and upon reboot, it will reset back to normal. It would probably be idea if the VPN Down option had something resetting the Netsh settings, but I don't know how to do that. Also Microsoft apparently says Netsh might be removed in the future for a powershell option so... ¯\_(ツ)_/¯

Hello, you may also consider this as an extra partial choice: ---------------------------------------------------------------------------------------------- netsh int tcp set global timestamps=disabled netsh interface ipv6 set privacy state=disable netsh interface ipv6 6to4 set state state=disabled netsh interface ipv6 isatap set state state=disabled netsh interface ipv6 set teredo disabled ----------------------------------------------------------------------------------------------- Regards, Flx

Following @randombit 's tutorial things are working but I'm curious if anyone's getting the same curious ufw logs: [open Firefox]: [local dhcp ip] on [local adapter]->outgoing block to [vpn ip]:80 -- not a "continuous" log but happens after the first couple of minutes of FF being opened. At first I thought this might have been related to FF52's new "captive portal detection" feature but after disabling network.captive-portal-service.enabled, the same behavior exists.[upon allowing forwarded tun0 port] : [local dhcp ip] on [local adapter]->outgoing block to [vpn ip]:[forwarded port] -- regularly repeating log, but not every second. Everything appears to be fine otherwise. Any ideas?

Epic Privacy Browser, because privacy

Thanks for this post Thanks for this post... this does describe the problem I've been having. My tunnel seems to collapse at 11:59 am and pm with at lest one more random time during the day. I've done as instructed with the .bat file, now there is a cmd window open and counting down from 300, with "press any key to continue...." do I need to leave that open? Thanks again, I hope this keeps my connection on 24/7 with the client.

Website: Swisscom TV Switzerland streaming television from Swisscom, Live and On Demand. Status: OK Native: CH servers. Routing: All other servers.

Hello! We're sorry, currently we don't provide step-by-step support for Symantec products. Symantec products are commercial products which offer full customer support, so you might try to have support from their team. You could: - replicate the rules suggested for any firewall in the forum (Comodo, PF...) on your Norton Firewall - switch to Comodo: independent peer-reviews performed with high-standard leak tests show that Comodo Firewall in terms of security is highly superior to Norton Firewall (we underline "firewall"); in severe leak tests Norton Firewall 2012 protection rates as "NONE" (!!!) while Comodo rates as "excellent", see for example http://www.matousec.com/projects/proactive-security-challenge/results.php - Comodo is not open source but it's freely redistributable, see https://personalfirewall.comodo.com The only software firewalls for old Windows OS that are not useless (or dangerous) toys are (% shows the percentage of passed leak tests, the higher the better): Comodo Internet Security 5.3.176757.1236FREE 100 % Online Solutions Security Suite 1.5.14905.0 99% Privatefirewall 7.0.25.4FREE 98 % Outpost Security Suite Free 7.0.4.3418.520.1245.401FREE 97% Outpost Security Suite Pro 7.5.1.3791.596.1681 97% BitDefender Internet Security 2011 14.0.30.357 97 % Kaspersky Internet Security 2012 12.0.0.374 93 % Malware Defender 2.7.3.0002FREE 91% Norton Internet Security 2012 has 20% (protection "none"). For the most updated "Proactive Security Challenge", see http://www.matousec.com/projects/proactive-security-challenge-64/results.php. This new challenge shows that apart from Comodo (94%), a secure firewall for 64-bit Windows versions does not exist. Kind regards