Jump to content
Not connected, Your IP: 3.223.3.101

Leaderboard


Popular Content

Showing content with the highest reputation since 03/01/20 in Posts

  1. 11 points
    Hello! We would like to inform you that we have made every effort to ensure AirVPN full and efficient operation during the pandemic caused by SARS-CoV-2. In order to reduce hazard and safeguard health, AirVPN staff and personnel work exclusively from home and worked from home well before the current situation appeared clearly as a pandemic Each member has a landline and one or more mobile lines, when possible in different infrastructures, to maximize likelihood to stay connected to the Internet 24/7 AirVPN system is more efficiently automated and basic functioning requires no manual interventions, even for several months (if kernel upgrades hadn't been necessary, we would have had servers uptime of 4 years or more) AirVPN inner staff members have now overlapping competences. Therefore if a key member, including a founder, is forced to stop working, the other ones can carry out his/her functions Emergency funds already secured in the past in different facilities as well as banks remain unaltered and ensure AirVPN financial health for a very long time even in very harsh scenarios. However, we would like to assure you that they are not needed at all currently, quite the contrary. In the last 10 days we have experienced a substantial increase in the growth of our customer base We have been informed by our most important partners and providers of housing and hosting in Europe, America and Asia they they are, and expect to, remain fully operational Kind regards AirVPN Staff
  2. 5 points
    Please stay healthy everyone!
  3. 4 points
    Already did before, for anything but Netflix airvpn is absolutely awesome. I'm a long time customer and already got a 3 year subscription 😎 Plus I've already got a buddy to also sign up to your service. So far I'm very happy. Cheers 🤘
  4. 2 points
    Clodo

    WINTUN replacement for Windows TAP driver

    Hi to all, the latest Eddie 2.18.8 experimental released today, works with wintun, please test if interested. Go to https://openvpn.net/community-downloads/, at bottom "OpenVPN 2.5_git wintun technology preview", click the "here" link and install. If you already have the right "openvpn.exe", use it directly: Eddie will install the wintun driver when needed, and also create the adapter. Eddie -> Settings -> Advanced -> OpenVPN Custom Path -> choose your "openvpn.exe" from 2.5, if already installed probably it is "C:\Program Files\OpenVPN\bin\openvpn.exe". At this point, Eddie will use OpenVPN 2.5 (but still with standard TUN driver). Eddie -> Settings -> OVPN directives -> Custom directives, add "windows-driver wintun". At this point, Eddie will use the OpenVPN 2.5 with the newest Wintun driver.
  5. 2 points
    arteryshelby

    Canada Servers are overloaded

    i would apreachiate if servers from upsala can be moved towards stockholm. Stockholm server are always at higher (not "high" but almost always arround 400 mbit - atm its more like 700 mbit per server) load. For me and many others upsalla location seems quite slow (check the user connected from upsalla and stockholm) Server add in Stockholm would be great!
  6. 2 points
    @pfillionqc Hello! Please make sure that UFW is disabled. It is an iptables frontend installed by default in Ubuntu. It creates custom chains and modifies rules, so you don't want it to interfere. Please allow packets to an additional bootstrap server too: -A OUTPUT -d 63.33.78.166 -j ACCEPT Also consider to drop Eddie 2.16.3 and use instead Eddie 2.18.7 beta or Hummingbird 1.0.2 Keep in mind that when you enable "Network Lock" feature your iptables rules will be overwritten by Eddie or Hummingbird and restored when the application exits, but that UFW can still cause troubles. @giganerd Those are filter table INPUT, OUTPUT and FORWARD chains' policies and it's correct that they are set to DROP. Any packet handled by any chain of the filter table that has not caused any jump in any rule is finally subjected to the default policy of the chain that's competent for that packet. Kind regards
  7. 2 points
    benfitita

    Custom random server config generator

    Parse bw_max server info field as an integer New version available here: https://ellie-app.com/8jfYjngsLk3a1
  8. 2 points
    @Staff Not sure what you mean about how I use the openvpn3 library. I am using the official openvpn repo described here: https://community.openvpn.net/openvpn/wiki/OpenVPN3Linux The linked libs for my openvpn3 binary from this repo are: linux-vdso.so.1 (0x00007ffc5e1f4000) libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f08f745a000) libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f08f6f8f000) libgio-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x00007f08f6bf0000) libgobject-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x00007f08f699c000) libglib-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007f08f6685000) libjsoncpp.so.1 => /usr/lib/x86_64-linux-gnu/libjsoncpp.so.1 (0x00007f08f6453000) liblz4.so.1 => /usr/lib/x86_64-linux-gnu/liblz4.so.1 (0x00007f08f6237000) libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f08f5eae000) libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f08f5c96000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f08f5a77000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f08f5686000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f08f5482000) libgmodule-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x00007f08f527e000) libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f08f5061000) libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007f08f4e39000) libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007f08f4c1e000) libmount.so.1 => /lib/x86_64-linux-gnu/libmount.so.1 (0x00007f08f49ca000) libffi.so.6 => /usr/lib/x86_64-linux-gnu/libffi.so.6 (0x00007f08f47c2000) libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f08f4550000) libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f08f41b2000) /lib64/ld-linux-x86-64.so.2 (0x00007f08f7a62000) libblkid.so.1 => /lib/x86_64-linux-gnu/libblkid.so.1 (0x00007f08f3f65000) librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f08f3d5d000) libuuid.so.1 => /lib/x86_64-linux-gnu/libuuid.so.1 (0x00007f08f3b56000) If you need another information, pls elaborate
  9. 2 points
    @SurprisedItWorks It's a recognized bug affecting especially Sony TVs. Sony is not fixing it. You would experience the same with Eddie Android edition or any other VPN application, unfortunately. @Xianders APK for Android TV should be side loaded, as the Play Store will not make it available to Android TV because Eddie opens airvpn.org web site in some menu , while Amazon Appstore makes it available for Android TV (different evaluations). Here you can find the link to download the apk: https://airvpn.org/android Kind regards
  10. 2 points
    I would like to add another consideration, which I feel is important in the equation. My preference is VPNs (1 or 2) first, then before workspace I go to Virtual Machines wherein I connect via TOR. The virtual machines mask any host motherboard hardware which can also betray you with an adversary that can ping it with skill. The big factor overlooked in a "sandwich" approach is that TOR cannot automatically change the circuit route every 10 minutes or so. While I am surfing my original two VPN's are constant (although I rotate them when starting every single session so they are rarely the same two) and the TOR exit IP keeps changing automatically. The TOR entry guard is more constant (assuming you know how the guard works in TOR). I would not want to sacrifice that capability when I spend hours surfing around. ALWAYS close the TOR browser when leaving a site and going to another. My approach, you decide if there is merit for your needs.
  11. 2 points
    Hello! Thank you for your article. Just a correction on the quoted part. That's not possible because the Tor exit-node does not know your "real" and/or your "VPN" IP address. In general the exit-node receives all the traffic from middle-relays, which in turn receive the traffic from Tor guards (the entry-nodes). As far as it pertains to your purposes, consider the following setup, especially when high throughput is not a priority: connect the host over "OpenVPN over Tor" run a Virtual Machine attached to the host via NAT Tor-ify everything in the VM use end-to-end encryption, exclusively use only VM traffic for any sensitive task The above setup, we think, should meet all of your requirements. Furthermore, the main fault of "OpenVPN over Tor" (fixed circuit) is completely resolved by Tor in the VM. Kind regards
  12. 2 points
    Flx

    WINTUN replacement for Windows TAP driver

    Not to confuse anyone here: I use Native OpenVPN 2.5_git with wintun not Eddie.
  13. 2 points
    Flx

    WINTUN replacement for Windows TAP driver

    Under "custom OpenVPN directives." section in Eddie. That is where you add your desired choices: ------------------------------- windows-driver wintun rcvbuf 562144 sndbuf 562144 ------------------------------
  14. 2 points
    Flx

    WINTUN replacement for Windows TAP driver

    Add "windows-driver wintun" to .ovpn config, or Add "--windows-driver wintun" to openvpn.exe command line without the "quotes". ----------------- auth sha512 windows-driver wintun ----------------- Change the buffer like this if you want to achieve better speeds: ------------------ rcvbuf 562144 sndbuf 562144 ------------------
  15. 2 points
    Flx

    WINTUN replacement for Windows TAP driver

    This is how: Speed(TAP):https://beta.speedtest.net/result/8861045841
  16. 2 points
    Flx

    WINTUN replacement for Windows TAP driver

    OpenVPN 2.5_git version has been released.-->>https://openvpn.net/community-downloads/ Speedwise(Wintun):https://www.speedtest.net/result/8854742626 Waiting for the "official" OpenVPN 2.5 release in January.
  17. 1 point
    Interesting thing I came across. Surprised to see no talk of this in the forum yet. https://lists.zx2c4.com/pipermail/wireguard/2019-September/004580.html
  18. 1 point
    kiwi

    Eddie Desktop 2.18beta released

    Thank you very much, Clodo for your great work (especially under these shocking circumstances). All the best to you and your country kiwi
  19. 1 point
    Staff

    Network Lock eats my bandwith

    @65tiklak Hello and welcome aboard! Eddie's Network Lock enforces something like 1000 iptables rules and 1000 ip6tables rules, so in theory it might actually slow down a Raspberry. However the screenshots you report show no performance difference between Network Lock on and off, so your conclusions are incorrect according to your very own experimental data set. In the first example of yours, you even have slightly higher performance with Network Lock on. By the way it's not a big deal because the "problem" (if it was a problem) has been completely resolved by Hummingbird, which enforces only few rules, only the strictly necessary ones. It's like 30 rules, and there's no way that 30 iptables rules can measurably slow down Linux throughput in Raspberry. Your comparison with NordVPN is also not very relevant if you don't specify the cipher and the VPN protocol you have used. We allow, like NordVPN, weaker ciphers, but by default our servers propose the strongest available cipher, so you need to explicitly force the weaker cipher. Additionally we do not support insecure protocols like PPTP, which NordVPN still supports as far as we know. On top of that Hummingbird lets you connect with CHACHA20-POLY1305 cipher which will give a non AES-NI supporting system (like a Raspberry) a performance boost. Hummingbird is available both for Raspbian 32 and Ubuntu 19 for ARM 64 bit (and should be also compatible with any other ARM 64 bit Linux distribution). Hummingbird also calls OpenVPN3-AirVPN library, which is remarkably faster than OpenVPN 2 binary. Test it and let us know. Any Network Lock not enforced via firewall rules is garbage. Do not trust such kill switches because they will not prevent leaks when a process binds to the physical network interface and when the "switch killer" process halts unexpectedly. Please see here to download and install Hummingbird: https://airvpn.org/hummingbird/readme/ Kind regards
  20. 1 point
    Staff

    Canada Servers are overloaded

    @arteryshelby Thank you, we will keep your suggestion in serious consideration. Kind regards
  21. 1 point
    BlueBanana

    Canada Servers are overloaded

    Oh yes, i also noticed that sudden surge of bandwidth usage in the last couple of days, hitting almost 100000 MBit/s! Well, that speaks for the quality of your service of course, when there is such a high demand! Thanks for your reply and the clarification. I am already looking forward to some new servers in the future! 🙃😁 Regards BB
  22. 1 point
    Flx

    Canada Servers are overloaded

    They are a bit overloaded. Yup. The time is now. Necessary Yes. @StaffThank you if you can make this happen.
  23. 1 point
    Staff

    Canada Servers are overloaded

    @BlueBanana Hello! Check the stats about used bandwidth on the total infrastructure day by day: As you can see, the used peak bandwidth has increased remarkably in the last days, up to 80200 Mbit/s. On the whole infrastructure, it is still slightly more than just 1/3 of the total available bandwidth (236900 Mbit/s). We will closely monitor, on top of that, used bandwidth country by country, of course. About the countries you mention, even the last peak usage does not exceed 60% of total available bandwidth in each of those countries. We are still well within the range of the quality of service ensured by the terms of service and actually most available bandwidth has not ever been used. That said, we will not hesitate to add servers when it is really necessary, of course. We are monitoring closely, as usual, peak demands country by country. Kind regards
  24. 1 point
    Thank you, working OK now.
  25. 1 point
    Lately I've been thinking about the prospect of using VPN's in conjunction with the Tor proxy and done some research. I know there are both pros and cons to Tor-over-VPN and VPN--Over-Tor connections and played with the idea of using both connection types at once - something I like to call the "Sandwiched Connection" in that you layer your Tor connection between two separate VPN connections. Please correct me if I got any details wrong or missing. First, you have your plain naked internet connection without a VPN or proxy so your ISP and local network can see everything you're doing. Next, you connect to a VPN server. It masks your IP address and location from your ISP as well as encrypts your web traffic so they have no idea what you're doing. However, the company managing the VPN server will have access to your real IP address, location and web traffic that will be decrypted in their servers - making it important it is a trustworthy service provider that doesn't keep logs of your activities and allows you to create your account with a temporary email address, no personal details and paid with cryptocurrency (that is untraceable like Z-Cash and Monero). You connect to your Tor proxy. Ordinarily, the Tor entry node will know your IP address and location. Since you are using a VPN, it will only know the masked address provided by the VPN server. Not only that but the Tor proxy will further encrypt your web traffic so even the VPN provider won't know what you are doing, just like how it, in turn, hides it from your ISP. Even better? Your ISP won't even know you are using Tor in the first place. However, the Tor exit node decrypts your web traffic and has full access to it as if you were never using a VPN to begin with. If the exit node happens to be malicious or operated by any authority that doesn't like what you're doing, they could potentially call whoever is operating the entry node and/or follow the mask IP address to the VPN service provider and contact them for details concerning you. Again, a trustworthy VPN provider with a no-logs policy is important. Then comes the second VPN connection. After you connect to Tor, you connect to that second VPN server which should encrypt your web traffic from the tor exit node. Whatever company is managing that second server (it could be the same service as the first one or a different one) will only know the IP address and location provided by the Tor proxy and first VPN server but it will know your web traffic as it is being fed to their servers and decrypted. Not to mention that this "sandwiched connection" will deliver a big dent to your connection performance so it helps if you have a powerful router connected via ethernet. So at the end of the day, I figured, someone has to know what you're up to online which leaves the question "Who do you trust with your personal information?" Plus this is all just theory, as far I can tell. Has anyone ever tried putting this into practise? Can anyone provide any further insight into the "sandwiched connection"? I look forward to talking about it.
  26. 1 point
    dedo299

    Hummingbird 1.0.2 released

    Eureka! I found the sneaky little bugger that was raising wake-from-sleep havoc with Hummingbird. It was an anti-malware program--appropriately called BlockBlock--I had installed a while back and more or less forgotten about. It's supposed to throw up a notice when any software tries to make a persistent change in the system but didn't do so in this case. After removing it, Hummingbird seems to be humming right along after sleep like it should. A question, though: in my debugging process, another successful method was to run HB with the "--network-lock off" option. IPLeak gave it a clean bill of health, so I'm wondering what network lock actually does and what the ramifications/risks are of running with it off.
  27. 1 point
    @iwih2gk Hello! A few remarks to your last message. 1) MAC address is never included in IPv4 packets. Not even our VPN servers can see your network interface MAC address in IPv4. Similar safeguards are nowadays applied in modern OS for IPv6 too (IPv6 packets do have a specific allocation space for a MAC address). 2) Data passed voluntarily by a browser to a web site can be blocked or altered, either in browser configuration or through dedicated add-ons. Examples include spoofing browser user agent (which includes Operating System etc.) (**), blocking fingerprinting through canvas by generating "noise" and randomizing different fingerprints for each stream (*), and working without any previous tracking cookie by cleaning cookies at each session and working in browser "private" mode. Such safeguards should be applied even when working inside a VM, if your threat model needs them. (*) Example: Canvas Defender for Firefox. "Instead of blocking JS-API, Canvas Defender creates a unique and persistent noise that hides your real canvas fingerprint" (**) Example: User Agent Switcher and Manager for Firefox. Kind regards
  28. 1 point
    Staff

    problem with openvpn in my router!!!

    Hello! @busolof Actually according to the log OpenVPN connected successfully and remained connected for several hours. Since Asus offered to replace the device, then something wrong that's specific to your own one might be the problem. Even the fact that you say that you can't upgrade to Asus Merlin is unusual. In AsusWRT routers, upgrading to Merlin is a matter of a few clicks, literally. https://blog.usro.net/how-to-install-asus-wrt-merlin-router-firmware/ We're confident that the router replacement will solve any issue. Or maybe the AX56U has some problem that makes its behavior inconsistent with the AC56U and AC68U (which is an AsusWRT router we own and which we based our tests on). @giganerd Reviewed the guide for AsusWRT and it is up to date. Kind regards
  29. 1 point
    I could confirm with SSL and a different VPN, the limitations have been put in place by Vodafone Germany. AirVPN is awesome as expected and techsupport at Vodafone is straight up lying (or doesn't know the truth).
  30. 1 point
    Hello! No, we don't throttle/cap anything. Kind regards
  31. 1 point
    I have the same problem. Any news on this? EDIT: I installed the latest client, problems are gone. Might need to update your Eddie client. Does this work?
  32. 1 point
    Staff

    Sony Bravia

    @giganerd @Nam5000 Hello! A clarification on our previous message about problems in Sony TVs with Android 6. OpenVPN for Android and Eddie Android edition run fine and the connection to the VPN is successful and working, traffic is properly tunneled. However, the problem with such TVs is that if you put them in standby while connected to a VPN server, the TV will reboot when it wakes up. See also: https://community.sony.co.uk/t5/android-tv/bug-android-6-0-1-reboots-after-enabling-vpn-apps/td-p/2284371 It is possible to sideload Eddie Android edition on Sony Android based TVs. Kind regards
  33. 1 point
    @dbuero Hello, no, we don't throttle anything. In most cases throttling is self-inflicted, with or without awareness (strange but true). Second most common cause is traffic shaping by ISP. Kind regards
  34. 1 point
    Staff

    Hummingbird 1.0.2 released

    Yes, sorry for the incomplete answer. You need to edit it with root privileges (example "sudo nano /etc/resolv.conf") and restore your favorite nameservers. Kind regards
  35. 1 point
    Fly AirVPN

    VPN Kill switch

    The bottom line for a "kill" switch is to activate Network Lock in Eddie client. Then if you want to "kill" your session, merely disconnect the AirVPN connection leaving Eddie running. DO NOT CLOSE OR EXIT the Eddie client. Network Lock will remain active as long as Eddie is running. You may if you wish also shutdown your computer with no issue while Eddie is running. To promote a smooth shutdown, uncheck "Exit confirmation prompt" in the Eddie Preferences UI section. Please note that if you want to ensure you do not accidentally exit Eddie leaving your connection visible, then leave the option to prompt on exit enabled. If you do, you may have to wait or manually force close Eddie during shutdown.
  36. 1 point
    Hi, this probably has been answered a million times, but I started a couple days ago to have an issue with AirVPN on ones of my computers. Long story short, it started to fail the DNS check. When I try to deactivate this check, the client is connected and I can perform a certain number of non-Browser action such as pinging servers with my CMD, but anything I do with an Internet Browser fails with the DNS_Probe_Bad_Config error. I'm kinda in the lost. I tried to change my Ipv4 DNS, reinstall Eddie-UI and add a bunch of free DNS addresses in the setting, but it doesn't work. So, a little help for a long-term customer, please ? EDIT: Ok ? It seems updating to v2.18 managed to fix the issue. Maybe an update made the v2.17 incompatible in some way ? I'm keeping this open for the record, it might help some. Below, the logs from what happens when the DNS check fails: I 2020.03.08 23:41:58 - Session starting. I 2020.03.08 23:41:59 - Checking authorization ... ! 2020.03.08 23:41:59 - Connecting to Muscida (Netherlands, Alblasserdam) . 2020.03.08 23:41:59 - OpenVPN > OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 27 2018 . 2020.03.08 23:41:59 - OpenVPN > Windows version 6.2 (Windows 8 or greater) 64bit . 2020.03.08 23:41:59 - OpenVPN > library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10 . 2020.03.08 23:41:59 - Connection to OpenVPN Management Interface . 2020.03.08 23:41:59 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 . 2020.03.08 23:41:59 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2020.03.08 23:41:59 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2020.03.08 23:41:59 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2020.03.08 23:41:59 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2020.03.08 23:41:59 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]213.152.162.156:443 . 2020.03.08 23:41:59 - OpenVPN > Socket Buffers: R=[65536->262144] S=[65536->262144] . 2020.03.08 23:41:59 - OpenVPN > UDP link local: (not bound) . 2020.03.08 23:41:59 - OpenVPN > UDP link remote: [AF_INET]213.152.162.156:443 . 2020.03.08 23:41:59 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.162.156:443, sid=1f3a89f9 2ee7c9c7 . 2020.03.08 23:41:59 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100 . 2020.03.08 23:41:59 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2020.03.08 23:41:59 - OpenVPN > VERIFY KU OK . 2020.03.08 23:41:59 - OpenVPN > Validating certificate extended key usage . 2020.03.08 23:41:59 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2020.03.08 23:41:59 - OpenVPN > VERIFY EKU OK . 2020.03.08 23:41:59 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Muscida, emailAddress=info@airvpn.org . 2020.03.08 23:42:00 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA . 2020.03.08 23:42:00 - OpenVPN > [Muscida] Peer Connection Initiated with [AF_INET]213.152.162.156:443 . 2020.03.08 23:42:01 - OpenVPN > SENT CONTROL [Muscida]: 'PUSH_REQUEST' (status=1) . 2020.03.08 23:42:01 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.24.130.1,dhcp-option DNS6 fde6:7a:7d20:1482::1,tun-ipv6,route-gateway 10.24.130.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:1482::104f/64 fde6:7a:7d20:1482::1,ifconfig 10.24.130.81 255.255.255.0,peer-id 9,cipher AES-256-GCM' . 2020.03.08 23:42:01 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp' . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: peer-id set . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625 . 2020.03.08 23:42:01 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified . 2020.03.08 23:42:01 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM' . 2020.03.08 23:42:01 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.03.08 23:42:01 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.03.08 23:42:01 - OpenVPN > interactive service msg_channel=0 . 2020.03.08 23:42:01 - OpenVPN > ROUTE_GATEWAY 192.168.1.254/255.255.255.0 I=13 HWADDR=20:79:18:64:ba:ae . 2020.03.08 23:42:01 - OpenVPN > GDG6: remote_host_ipv6=n/a . 2020.03.08 23:42:01 - OpenVPN > NOTE: GetBestInterfaceEx returned error: �l�ment introuvable. (code=1168) . 2020.03.08 23:42:01 - OpenVPN > ROUTE6: default_gateway=UNDEF . 2020.03.08 23:42:01 - OpenVPN > open_tun . 2020.03.08 23:42:01 - OpenVPN > TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{7FBA13E2-0BA8-403B-BD75-883F67CF455C}.tap . 2020.03.08 23:42:01 - OpenVPN > TAP-Windows Driver Version 9.21 . 2020.03.08 23:42:01 - OpenVPN > Set TAP-Windows TUN subnet mode network/local/netmask = 10.24.130.0/10.24.130.81/255.255.255.0 [SUCCEEDED] . 2020.03.08 23:42:01 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.24.130.81/255.255.255.0 on interface {7FBA13E2-0BA8-403B-BD75-883F67CF455C} [DHCP-serv: 10.24.130.254, lease-time: 31536000] . 2020.03.08 23:42:01 - OpenVPN > Successful ARP Flush on interface [18] {7FBA13E2-0BA8-403B-BD75-883F67CF455C} . 2020.03.08 23:42:01 - OpenVPN > do_ifconfig, tt->did_ifconfig_ipv6_setup=1 . 2020.03.08 23:42:02 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 set address interface=18 fde6:7a:7d20:1482::104f store=active . 2020.03.08 23:42:03 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 set dns Ethernet 2 static fde6:7a:7d20:1482::1 validate=no . 2020.03.08 23:42:03 - OpenVPN > add_route_ipv6(fde6:7a:7d20:1482::/64 -> fde6:7a:7d20:1482::104f metric 0) dev Ethernet 2 . 2020.03.08 23:42:03 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route fde6:7a:7d20:1482::/64 interface=18 fe80::8 store=active . 2020.03.08 23:42:03 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:42:09 - OpenVPN > TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\route.exe ADD 213.152.162.156 MASK 255.255.255.255 192.168.1.254 . 2020.03.08 23:42:09 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=45 and dwForwardType=4 . 2020.03.08 23:42:09 - OpenVPN > Route addition via IPAPI succeeded [adaptive] . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.24.130.1 . 2020.03.08 23:42:09 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4 . 2020.03.08 23:42:09 - OpenVPN > Route addition via IPAPI succeeded [adaptive] . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.24.130.1 . 2020.03.08 23:42:09 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=35 and dwForwardType=4 . 2020.03.08 23:42:09 - OpenVPN > Route addition via IPAPI succeeded [adaptive] . 2020.03.08 23:42:09 - OpenVPN > add_route_ipv6(::/3 -> fde6:7a:7d20:1482::1 metric -1) dev Ethernet 2 . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route ::/3 interface=18 fe80::8 store=active . 2020.03.08 23:42:09 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:42:09 - OpenVPN > add_route_ipv6(2000::/4 -> fde6:7a:7d20:1482::1 metric -1) dev Ethernet 2 . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route 2000::/4 interface=18 fe80::8 store=active . 2020.03.08 23:42:09 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:42:09 - OpenVPN > add_route_ipv6(3000::/4 -> fde6:7a:7d20:1482::1 metric -1) dev Ethernet 2 . 2020.03.08 23:42:09 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route 3000::/4 interface=18 fe80::8 store=active . 2020.03.08 23:42:09 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:42:10 - OpenVPN > add_route_ipv6(fc00::/7 -> fde6:7a:7d20:1482::1 metric -1) dev Ethernet 2 . 2020.03.08 23:42:10 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 add route fc00::/7 interface=18 fe80::8 store=active . 2020.03.08 23:42:10 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:42:10 - Interface Ethernet 2 metric changed from Automatic to 3, layer IPv4 . 2020.03.08 23:42:10 - Interface Ethernet 2 metric changed from Automatic to 3, layer IPv6 . 2020.03.08 23:42:10 - DNS leak protection with packet filtering enabled. . 2020.03.08 23:42:10 - DNS IPv4 of a network adapter forced (Ethernet 2, from manual (10.5.130.1) to 10.24.130.1) . 2020.03.08 23:42:10 - DNS IPv6 of a network adapter forced (Ethernet 2, from automatic to fde6:7a:7d20:1482::1) W 2020.03.08 23:42:10 - Routes, add 213.152.162.154 for gateway 10.24.130.1 failed: 'route' n'est pas reconnu en tant que commande interne W 2020.03.08 23:42:10 - ou externe, un programme ex‚cutable ou un fichier de commandes W 2020.03.08 23:42:10 - Routes, add 2a00:1678:2470:5:3568:e603:2b4d:aeb6 for gateway fde6:7a:7d20:1482::1 failed: 'netsh' n'est pas reconnu en tant que commande interne W 2020.03.08 23:42:10 - ou externe, un programme ex‚cutable ou un fichier de commandes . 2020.03.08 23:42:10 - Flushing DNS I 2020.03.08 23:42:10 - Checking route IPv4 I 2020.03.08 23:42:11 - Checking route IPv6 I 2020.03.08 23:42:11 - Checking DNS . 2020.03.08 23:42:23 - Checking DNS failed: . 2020.03.08 23:42:23 - Checking DNS (2° try) . 2020.03.08 23:42:37 - Checking DNS failed: . 2020.03.08 23:42:37 - Checking DNS (3° try) . 2020.03.08 23:42:51 - Checking DNS failed: E 2020.03.08 23:42:51 - Checking DNS failed. . 2020.03.08 23:42:51 - OpenVPN > Initialization Sequence Completed ! 2020.03.08 23:42:51 - Disconnecting . 2020.03.08 23:42:51 - Sending management termination signal . 2020.03.08 23:42:51 - Management - Send 'signal SIGTERM' . 2020.03.08 23:42:51 - OpenVPN > MANAGEMENT: CMD 'e7596dca56bbadcf74b75c6128267e9392cdf16e6702e795a387f4873676eb28' . 2020.03.08 23:43:00 - Sending management termination signal . 2020.03.08 23:43:00 - Management - Send 'signal SIGTERM' . 2020.03.08 23:43:00 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM' . 2020.03.08 23:43:00 - OpenVPN > SIGTERM received, sending exit notification to peer . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\route.exe DELETE 213.152.162.156 MASK 255.255.255.255 192.168.1.254 . 2020.03.08 23:43:05 - OpenVPN > Route deletion via IPAPI succeeded [adaptive] . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.24.130.1 . 2020.03.08 23:43:05 - OpenVPN > Route deletion via IPAPI succeeded [adaptive] . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.24.130.1 . 2020.03.08 23:43:05 - OpenVPN > Route deletion via IPAPI succeeded [adaptive] . 2020.03.08 23:43:05 - OpenVPN > delete_route_ipv6(::/3) . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 delete route ::/3 interface=18 fe80::8 store=active . 2020.03.08 23:43:05 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:43:05 - OpenVPN > delete_route_ipv6(2000::/4) . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 delete route 2000::/4 interface=18 fe80::8 store=active . 2020.03.08 23:43:05 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:43:05 - OpenVPN > delete_route_ipv6(3000::/4) . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 delete route 3000::/4 interface=18 fe80::8 store=active . 2020.03.08 23:43:05 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:43:05 - OpenVPN > delete_route_ipv6(fc00::/7) . 2020.03.08 23:43:05 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 delete route fc00::/7 interface=18 fe80::8 store=active . 2020.03.08 23:43:05 - OpenVPN > env_block: add PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem . 2020.03.08 23:43:06 - OpenVPN > Closing TUN/TAP interface . 2020.03.08 23:43:06 - OpenVPN > delete_route_ipv6(fde6:7a:7d20:1482::/64) . 2020.03.08 23:43:06 - OpenVPN > C:\WINDOWS\system32\netsh.exe interface ipv6 delete route fde6:7a:7d20:1482::/64 interface=18 fe80::8 store=active . 2020.03.08 23:43:06 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 delete address Ethernet 2 fde6:7a:7d20:1482::104f store=active . 2020.03.08 23:43:06 - OpenVPN > NETSH: C:\WINDOWS\system32\netsh.exe interface ipv6 delete dns Ethernet 2 all . 2020.03.08 23:43:07 - OpenVPN > TAP: DHCP address released . 2020.03.08 23:43:07 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting . 2020.03.08 23:43:07 - Connection terminated. . 2020.03.08 23:43:07 - DNS IPv4 of a network adapter restored to original settings (Ethernet 2, to 10.5.130.1) . 2020.03.08 23:43:07 - DNS IPv6 of a network adapter restored to original settings (Ethernet 2, to automatic) . 2020.03.08 23:43:07 - DNS leak protection with packet filtering disabled. . 2020.03.08 23:43:07 - Interface Ethernet 2 metric restored from 3 to Automatic, layer IPv4 . 2020.03.08 23:43:07 - Interface Ethernet 2 metric restored from 3 to Automatic, layer IPv6 I 2020.03.08 23:43:09 - Cancel requested. ! 2020.03.08 23:43:09 - Session terminated. . 2020.03.08 23:43:44 - Updating systems & servers data ... . 2020.03.08 23:43:44 - Systems & servers data update completed
  37. 1 point
    ctri

    Hummingbird 1.0.2 released

    I've just realized I haven't praised Humminbirg yet. I'm loving it so far. Thanks!
  38. 1 point
    bm9vbmUK

    Hummingbird 1.0.2 released

    nftables fails with a "Segmentation fault", but disabling it entirely as you've mentioned allows hummingbird to connect. Thanks for the help! That said, I would imagine I would want some sort of network lock? It may not be necessary with the container setup I have. I'll have to do some testing.
  39. 1 point
    ctri

    Hummingbird 1.0.2 released

    Thanks! deleting everything in /etc/airvpn worked. Cheers
  40. 1 point
    Staff

    VPN Kill switch

    Hello! Network Lock, which has been implemented for the first time "in history" of software for VPN by AirVPN in 2011/2012, covers all the limited cases foreseen by a kill switch and many more for which a kill switch is impotent. A kill switch features a very modest subset of Network Lock abilities to prevent traffic leaks outside the tunnel which are covered in any case by Network Lock with a more effective method (firewall rules). In other words, a kill switch is a totally wrong approach to prevent traffic leaks outside the tunnel, and anyway its limited abilities to fulfill leak prevention are fully covered by Network Lock. Kind regards
  41. 1 point
    @dbuero Outstanding throughput for Windows, congratulations! You did not mention in this thread that you were running Windows, so we assumed that you ran a different system, sorry, we could have made you save a lot of time. Finally Windows should have a driver for a virtual network interface that allows throughput more in line to what you can get with other systems. Eddie 2.18 beta 8 has been planned to support Wintun. We are also following OpenVPN Linux kernel module (currently closed source, but they could decide to release it under some open source license during 2020). Although our servers can already reach line capacity, higher than 1 Gbit/s throughput is achieved only via multiple OpenVPN daemons, one per core. Spread the word about the performance you can get now with AirVPN and Windows! Kind regards
  42. 1 point
    Mad_Max

    Is AirVPN suitable for gaming?

    Hello I have been using Airvpn for gaming (unlock voice-chat) for almost 2 years now. It works great. it adds around 5 to 10 latency only, and the best thing is. There are no ping spikes at all. Nevertheless, you can get the free trail for 3 days and try the vpn with your game.
  43. 1 point
    m1ster

    Eddie not working on Android TV

    Here is logcat. tun.txt
  44. 1 point
    No. That's not how airvpn works. And tor either. You could run 5 open airvpn on your home WiFi free to public and it would be same thing. Airvpn has account based speeds.
  45. 1 point
    It's not a Denial of Service per sé, it's just a nuisance for the users.
  46. 1 point
    Try unsetting System > Pause VPN when screen is off in the settings.
  47. 1 point
    For those running Windows 10 and don't want to run the persistent command but still want the IPV6 by default, you can do so via Eddie. Open up Preferences, Go To Events, open the VPN Up (or anything above it, I don't know if it matters) option. For file name navigate to C:/Windows/System32/netsh.exe For argument type: interface ipv6 set prefixpolicy fc00::/7 37 1 store=active I have "Wait end of process" disabled, but I don't know if that matters. Click Save. Reconnect to an AirVPN server. You should now have IPV6 by default any time you connect to a server, and upon reboot, it will reset back to normal. It would probably be idea if the VPN Down option had something resetting the Netsh settings, but I don't know how to do that. Also Microsoft apparently says Netsh might be removed in the future for a powershell option so... ¯\_(ツ)_/¯
  48. 1 point
    Staff

    Netflix

    https://netflix.com Watch Movies & TV Shows Online or Streaming right to your TV via Xbox, Wii, PS3 & many other devices. Only $7.99/mo. Status: NOT ACCESSIBLE Native: none. Routing: All servers Last update: February the 1st, 2020
  49. 1 point
    --------------------------------------------------------- SECURE YOUR WINDOWS VPN CONNECTION This script will allow your Windows OS to flip between secure VPN traffic and normal traffic mode. -Secure VPN mode: Allows 'only' secure VPN traffic, this script also prevents the 'DNS leak' problem you might have read about. -Normal traffic mode: Your normal internet I wrote this for people with little know-how of computers but need security without complication. This is a simple script that you double-click to flip between 'normal internet' mode and 'Secure VPN Mode'. When in 'Secure VPN Mode' your computer completely prevents DNS leaks and will deny ALL internet traffic that is not VPN. It still allows LAN access so your servers/network's existing setup won't be affected by it. Requirements: -My windows batch script -Your VPN's .ovpn files -You need to the DNS servers of your VPN (Note: Not all VPN's provide them, but all the good ones do) -Windows Vista/7/8/10 (These are the OS' that come default installed/enabled with Windows Firewall) --------------------------------------------------------- STEP 1 - Download your .ovpn file(s) from your VPN provider STEP 2 - Place those .ovpn files into your OpenVPN config directory This folder is usually: C:\Program Files\OpenVPN\config STEP 3 - Creating the .bat file -Create an empty .txt file and open it up -Copy and paste everything in the code box below into the empty .txt file -Edit the line near the top that says SET YOUR_VPN_PRIMARY_DNS= <- Put YOUR VPN's DNS address after the equal sign (AirVPN is 10.4.0.1 - this is what I use, so I left it as the default) -Save the file -Rename the .txt file extension to .bat (e.g. FirewallFlip.txt -> FirewallFlip.bat) BATCH FILE - FIREWALL FLIPPER @ECHO OFF SETLOCAL ENABLEDELAYEDEXPANSION SETLOCAL ENABLEEXTENSIONS REM ------------------- REM MANDATORY VARIABLES REM ------------------- REM This section is required to prevent DNS leaks REM Example VPN DNS servers: AirVPN's are 10.4.0.1 and 10.5.0.1 REM THIS VARIABLE CANNOT BE BLANK AND MUST BE CHANGED TO YOUR VPN'S DNS SERVER SET YOUR_VPN_PRIMARY_DNS=10.4.0.1 REM ------------------ REM OPTIONAL VARIABLES REM ------------------ REM Put the filename of your preferred OVPN server here REM Leave blank to let this script select one at random for you REM Example filename you would enter here: AirVPN_America_UDP-443.ovpn SET YOUR_PREFERRED_OVPN= REM Enter your backup/secondary DNS here SET YOUR_VPN_SECONDARY_DNS=10.5.0.1 REM Your preferred public DNS servers (e.g. Google is 8.8.8.8 and OpenDNS is 10.5.0.1) REM These are usually superior to the ones your ISP provides you with REM If you clear these values then your ISP DNS will be used SET YOUR_PUBLIC_PRIMARY_DNS=8.8.8.8 SET YOUR_PUBLIC_SECONDARY_DNS=208.67.220.220 REM Basic error check IF NOT DEFINED YOUR_VPN_PRIMARY_DNS ( ECHO WARNING ECHO ------- ECHO You have not set the YOUR_VPN_PRIMARY_DNS variable in this script ECHO. ECHO Open %~nx0 and edit the necessary line ECHO. ECHO This script CANNOT continue until you do so ECHO. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) REM Finding your OpenVPN Installation IF EXIST "C:\Program Files (x86)\OpenVPN" SET OpenVPN=C:\Program Files (x86)\OpenVPN IF EXIST "C:\Program Files\OpenVPN" SET OpenVPN=C:\Program Files\OpenVPN IF NOT DEFINED OpenVPN ( ECHO Your OpenVPN installation was not found, press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) REM Basic error check IF NOT EXIST "%OpenVPN%\config\*.ovpn" ( ECHO ****************************************************************** ECHO This script cannot continue because it could not find the .ovpn ECHO files required in: "%OpenVPN%\config" ECHO. ECHO Please copy your .ovpn files into the above directory for this ECHO script to work. ECHO ****************************************************************** PAUSE GOTO :EOF ) SET "FIREWALL_FLIP_BACKUP_FOLDER=%OpenVPN%\FIREWALL_FLIP_BACKUP" IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%" MD "%FIREWALL_FLIP_BACKUP_FOLDER%" REM Finding the network adapter used by OpenVPN FOR /F "tokens=1-3 delims='{" %%a IN ('"%OpenVPN%\bin\openvpn.exe" --show-adapters ^| findstr {') DO ( SET VPN_ADAPTER=%%a SET VPN_ADAPTER_GUID={%%c ) REM Checking config file limit FOR /F "tokens=1 delims= " %%a IN ('DIR "%OpenVPN%\config\*.ovpn" ^| findstr File^(s^)') DO ( IF %%a GTR 50 ( ECHO You have %%a config files in your OpenVPN config folder ECHO. ECHO OpenVPN only supports a maximum of 50, so you will need to delete some ECHO. ECHO This script has made no modifications to the system ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM Checking if any of the addresses aren't full resolved FOR %%a IN ("%OpenVPN%\config\*.ovpn") DO ( FOR /F "tokens=2-3 delims= " %%b IN ('findstr "remote " "%%a" ^| findstr \.') DO ( ECHO %%b | findstr [a-z] && SET OVPN_FORMATTED=NO ) ) IF "!OVPN_FORMATTED!" EQU "NO" ( ECHO ******************************************************************** ECHO Could not find IP addresses for some, or all, of your .ovpn file^(s^) ECHO. ECHO Would you like this script to automatically format your .ovpn files? ECHO. ECHO REQUIRES INTERNET CONNECTION ECHO ******************************************************************** CHOICE IF !ERRORLEVEL! EQU 1 ( FOR %%f IN ("%OpenVPN%\config\*.ovpn") DO ( SET "OVPN_BACKUP_FILE=%OpenVPN%\FIREWALL_FLIP_BACKUP\Backup_%%~nxf" REM Create backup of your .ovpn file IF NOT EXIST "!FIREWALL_FLIP_BACKUP_FOLDER!" MD "!FIREWALL_FLIP_BACKUP_FOLDER!" >NUL 2>NUL IF NOT EXIST "!OVPN_BACKUP_FILE!" ( COPY /Y "%%f" "!OVPN_BACKUP_FILE!" >NUL 2>NUL ) ELSE ( ECHO A backup of "%%f" already exists, do you wish to overwrite it? CHOICE IF !ERRORLEVEL! EQU 1 ( COPY /Y "%%f" "!OVPN_BACKUP_FILE!" >NUL 2>NUL ) ) REM Get your VPN server name and port FOR /F "tokens=2-3 delims= " %%a IN ('findstr "remote " "%%f" ^| findstr \.') DO ( SET VPN_SERVER_NAME=%%a SET VPN_SERVER_PORT=%%b ) ECHO !VPN_SERVER_NAME! | findstr [a-z] >NUL 2>NUL && ( REM Resolve the server name to an IP FOR /F "tokens=2 delims=[]" %%a IN ('ping -n 1 !VPN_SERVER_NAME! ^| findstr [') DO ( SET VPN_SERVER_IP=%%a ) REM Replace the VPN server name with its direct IP >"%%f" ( FOR /F "usebackq tokens=*" %%a IN ("!OVPN_BACKUP_FILE!") DO ( IF "%%a" EQU "remote !VPN_SERVER_NAME! !VPN_SERVER_PORT!" ( ECHO remote !VPN_SERVER_IP! !VPN_SERVER_PORT! ) ELSE ( ECHO %%a ) ) ) ) ) ) ELSE ( ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM If you haven't set the variable YOUR_PREFERRED_OVPN this bit of code will select one at random from the OpenVPN config folder where all your .ovpn files are stored. IF DEFINED YOUR_PREFERRED_OVPN GOTO :CURRENT_STATE IF "!YOUR_PREFERRED_OVPN!" EQU "" ( FOR /F "tokens=1 delims= " %%a IN ('DIR "%OpenVPN%\config\*.ovpn" ^| findstr /C:" File(s)"') DO SET /A "rand=%RANDOM% %% %%a+1" FOR %%f IN ("%OpenVPN%\config\*.ovpn") DO ( SET /A num+=1 IF !num! EQU !rand! SET "YOUR_PREFERRED_OVPN=%%~nxf" ) ) :CURRENT_STATE REM Check what state the firewall is in (VPN ONLY or ALLOW ALL) CLS FOR /F "tokens=2 delims=," %%a IN ('netsh advfirewall show allprofiles firewallpolicy') DO SET state=%%a IF "%state%" EQU "BlockOutbound" GOTO :VPN_TO_ALL IF "%state%" EQU "Ausgehend blockieren" GOTO :VPN_TO_ALL IF "%state%" EQU "AllowOutbound" GOTO :ALL_TO_VPN IF "%state%" EQU "Ausgehend zulassen" GOTO :ALL_TO_VPN ECHO Your firewall state cannot be determined... ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :VPN_TO_ALL ECHO. ECHO -------------------------------------------------- ECHO ^|The firewall currently allows "ONLY VPN" traffic^| ECHO -------------------------------------------------- ECHO. ECHO Do you wish to allow "ALL" traffic? CHOICE IF !ERRORLEVEL! EQU 1 ( CLS ECHO ------------------------------------------------ ECHO Configuring your computer to allow "ALL" traffic ECHO ------------------------------------------------ ECHO. REM Firewall .wfw backup file IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ( ECHO. ECHO. ECHO ******************************************************************************* ECHO The firewall rules backup this script made could not be found... ECHO. ECHO Something has happened to the file: ECHO "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ECHO ******************************************************************************* ECHO. ECHO Would you like to automatically reset your windows firewall to default rules? ECHO This is perfectly safe to do, but it will reset your firewall prompts. REM Reset windows firewall if rules backup not found CHOICE IF !ERRORLEVEL! EQU 1 ( netsh advfirewall reset >NUL 2>NUL ) ELSE ( ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM Delete all current firewall rules netsh advfirewall firewall delete rule name=all >NUL 2>NUL ECHO All firewall rules cleared ECHO. REM Terminate OpenVPN taskkill /f /im openvpn* >NUL 2>NUL ECHO OpenVPN Terminated ECHO. REM Identify all NIC's and set their DNS ECHO. ECHO. ECHO Sanitizing and configuring your network adaptors ECHO ------------------------------------------------ ECHO. FOR /F "tokens=2 delims=, skip=2" %%a IN ('"wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv"') DO ( SET "adapter=%%a" SET dnsprimary=!YOUR_PUBLIC_PRIMARY_DNS! SET dnssecondary=!YOUR_PUBLIC_SECONDARY_DNS! CALL :ADAPTER_CONFIG ) REM Import your backup firewall rules IF EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" netsh advfirewall import "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" >NUL 2>NUL REM Re-enable program firewall access request notifications netsh advfirewall set allprofiles settings inboundusernotification enable >NUL 2>NUL REM Register with the network properly ipconfig /registerdns >NUL 2>NUL netsh winsock reset >NUL 2>NUL ipconfig /renew >NUL 2>NUL REM Enable ALL traffic firewall rules netsh advfirewall set allprofiles firewallpolicy BlockInbound,AllowOutbound >NUL 2>NUL CLS ECHO ------------------------------------------- ECHO Your computer should now allow "ALL" traffic ECHO ------------------------------------------- GOTO :VERIFICATION ) ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :ALL_TO_VPN ECHO. ECHO -------------------------------------------------- ECHO ^|The firewall currently allows "ALL" traffic^| ECHO -------------------------------------------------- ECHO. ECHO Do you wish to allow "ONLY VPN" traffic? CHOICE IF !ERRORLEVEL! EQU 1 ( CLS ECHO ----------------------------------------------------- ECHO Configuring your computer to allow "ONLY VPN" traffic ECHO ----------------------------------------------------- ECHO. REM Creating VPN_SERVER_IP SET /P 1=Generating list of VPN server IP's... <NUL FOR /F "tokens=*" %%a IN ('DIR /b "%OpenVPN%\config\*.ovpn"') DO ( FOR /F "tokens=1-3 delims= " %%b IN ('findstr "remote " "%OpenVPN%\config\%%a" ^| findstr \.') DO ( IF DEFINED VPN_SERVER_IP ( IF %%c NEQ !lastip! SET VPN_SERVER_IP=!VPN_SERVER_IP!,%%c ) ELSE ( SET VPN_SERVER_IP=%%c ) SET lastip=%%c ) ) ECHO Done REM Backup all firewall rules SET /P 1=Backing up current firewall rules... <NUL netsh advfirewall export "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" >NUL 2>NUL IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ( ECHO ERROR ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ECHO Done REM Enable VPN traffic firewall rules SET /P 1=Configuring new firewall rules... <NUL netsh advfirewall set allprofiles firewallpolicy BlockInbound,BlockOutbound >NUL 2>NUL REM Delete all current firewall rules (filtering method used to retain file/network sharing functionality) netsh advfirewall firewall delete rule name=all >NUL 2>NUL REM FOR /F "tokens=2 delims=:" %%a IN ('netsh advfirewall firewall show rule name^=all ^| findstr /C:"Rule Name:" ^| findstr /v "@"') DO ( REM REM Trim all extra spaces REM FOR /F "tokens=* delims= " %%b IN ("%%a") DO SET "RULE_NAME=%%b" REM REM Filter out all firewall rules that aren't the microsoft local subnet ones REM FOR /F "tokens=* delims= " %%b IN ('@ECHO !RULE_NAME! ^| findstr /v /b /L "File and Printer Sharing" ^| findstr /v /b /L "Network Discovery"') DO netsh advfirewall firewall delete rule name="!RULE_NAME!" >NUL 2>NUL REM ) REM Create VPN only rules netsh advfirewall firewall add rule name="VPN_LOCALNETWORK_INBOUND" dir=in action=allow remoteip=LocalSubnet >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_LOCALNETWORK_OUTBOUND" dir=out action=allow remoteip=LocalSubnet >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_RESOLUTION_OUTBOUND" dir=out action=allow remoteip=!VPN_SERVER_IP! >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_DHCP" dir=out action=allow program="%%SystemRoot%%\system32\svchost.exe" localip=0.0.0.0 localport=68 remoteip=255.255.255.255 remoteport=67 protocol=UDP >NUL 2>NUL REM Disable program requesting firewall access notifications (just in case you aren't connected to the VPN and you are asked by something and accidentally allow it) netsh advfirewall set allprofiles settings inboundusernotification disable >NUL 2>NUL ECHO Done REM Identify all NIC's and set their DNS to the secure VPN DNS ECHO. ECHO. ECHO Sanitizing and configuring your network adaptors ECHO ------------------------------------------------ ECHO. FOR /F "tokens=2 delims=, skip=2" %%a IN ('"wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv"') DO ( SET "adapter=%%a" SET dnsprimary=!YOUR_VPN_PRIMARY_DNS! SET dnssecondary=!YOUR_VPN_SECONDARY_DNS! CALL :ADAPTER_CONFIG ) REM Register with the network properly ipconfig /registerdns >NUL 2>NUL netsh winsock reset >NUL 2>NUL ipconfig /renew >NUL 2>NUL CLS ECHO ------------------------------------------------ ECHO Your computer should now allow "ONLY VPN" traffic ECHO ------------------------------------------------ GOTO :VERIFICATION ) ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :VERIFICATION ECHO. ECHO. ECHO VERIFICATION STEPS ECHO ------------------ REM Automatic firewall verification FOR /F "tokens=2 delims=," %%a IN ('netsh advfirewall show allprofiles firewallpolicy') DO IF "%%a" EQU "%state%" ( ECHO Your firewall state did not successfully switch over, do you want to run this script again? CHOICE IF !ERRORLEVEL! EQU 1 ( GOTO :CURRENT_STATE ) ELSE ( GOTO :EOF ) ) ECHO Firewall - passed automatic verification REM Automatic DNS verification netsh interface ipv4 show dns | findstr \. | findstr !dnsprimary! >NUL 2>NUL || GOTO :VERIFICATION_FAILURE IF DEFINED dnssecondary netsh interface ipv4 show dns | findstr \. | findstr !dnssecondary! >NUL 2>NUL || GOTO :VERIFICATION_FAILURE ECHO DNS - passed automatic verification ECHO ------------------ ECHO. IF !dnsprimary! EQU !YOUR_VPN_PRIMARY_DNS! ( SET ovpnlog=!YOUR_PREFERRED_OVPN:ovpn=log! taskkill /f /im openvpn* >NUL 2>NUL DEL /F /Q "%OpenVPN%\log\!ovpnlog!" >NUL 2>NUL ECHO. SET /P 1=Connecting to your VPN and waiting for IP to be assigned: <NUL START "" "%OpenVPN%\bin\openvpn-gui.exe" --connect !YOUR_PREFERRED_OVPN! >NUL 2>NUL :VPN_IP_LOOP findstr "CONNECTED,SUCCESS" "%OpenVPN%\log\!ovpnlog!" >NUL 2>NUL || GOTO :VPN_IP_LOOP FOR /F "tokens=4 delims=," %%a IN ('findstr "CONNECTED,SUCCESS" "%OpenVPN%\log\!ovpnlog!"') DO ( SET VPN_ASSIGNED_IP=%%a ) ECHO !VPN_ASSIGNED_IP! ECHO. SET /P 1=Granting your assigned VPN IP access to the internet... <NUL FOR /F "tokens=2-4 delims=,." %%a IN ('wmic nicconfig get DHCPServer^,SettingID /format:csv ^| findstr "!VPN_ADAPTER_GUID!"') DO ( SET VPN_IP_POOL_RANGE=%%a.%%b.0.0-%%a.%%b.255.254 ) netsh advfirewall firewall add rule name="VPN_INTERNET_OUTBOUND" dir=out action=allow localip=!VPN_IP_POOL_RANGE! >NUL 2>NUL ECHO Done ECHO. ECHO. ECHO ------------------------------------------------------------------- ECHO ^|Visit www.ipleak.net to verify that you are connected to your VPN^| ECHO ------------------------------------------------------------------- ECHO. PAUSE GOTO :EOF ) ELSE ( PAUSE ) GOTO :EOF :VERIFICATION_FAILURE ECHO There was an error setting your DNS, press any key to see your current DNS servers... PAUSE >NUL 2>NUL netsh interface ipv4 show dns ECHO ------------------------------------------------------------ ECHO The DNS listed should be: !dnsprimary! -OR- !dnssecondary! ECHO ------------------------------------------------------------ ECHO. ECHO IF THE DNS SERVERS DO NOT MATCH WHAT THEY SHOULD BE, CHANGE THEM MANUALLY ECHO IF YOU DON'T DO THIS: ECHO --------------------- ECHO YOUR VPN CONNECTION WILL NOT BE SECURE ECHO -AND/OR- ECHO YOUR REGULAR INTERNET MODE WILL NOT WORK ECHO. PAUSE GOTO :EOF :ADAPTER_CONFIG REM This section resets and configures your network adapters as necessary SET /P 1=­apter%... <NUL ipconfig /release >NUL 2>NUL ipconfig /flushdns >NUL 2>NUL netsh interface ipv4 set dns "­apter%" static %dnsprimary% primary validate=no >NUL 2>NUL IF DEFINED dnssecondary netsh interface ipv4 add dns "­apter%" !dnssecondary! index=2 validate=no >NUL 2>NUL ECHO DoneSTEP 4Now you just double click the .bat file whenever you want to switch between VPN secure or normal internet mode. If double-clicking doesn't start the script you can right click it and select 'open'. SPECIAL NOTES -This script creates a backup of your original .ovpn files under the folder FIREWALL_FLIP_BACKUP in your OpenVPN Installation directory. This script resolves the IP's of the hostnames in the VPN files so if you feel there is something wrong with this script you can still just go back to your originals. -The changes made by this script are permanent, until you run it again. This means that reboots or any sort of system hiccup will not affect it. WARNING If you start fiddling with your network adapters or windows firewall yourself you will most likely compromise what this script has set out to do. Only do so if you know what you're doing.
  50. 1 point
    Install from Google Play Store OpenVPN Connect, the official OpenVPN client for Android developed by OpenVPN Technologies, Inc. Launch your internet browser. NOTE: don't use the default Android browser because it has an unresolved bug. Chrome and Opera have been tested by us and work. Log in the AirVPN website and create the configuration files from our Config Generator. Choose Linux as platform (only direct TCP and UDP connections are supported) and finally click then "Generate" button to download it. Downloaded .ovpn files may be imported directly into the application but the behavior depends on many factors (employed browser, files manager, Android version, etc). For simplicity's sake, we assume in this guide that you saved .ovpn generated files under the Download's directory in the Android filesystem. Launch OpenVPN Connect and click on the top right menu button: Click on the "Import" button: Click on "Import Profile from SD card": Browse your *.ovpn files: Select your configuration of choice: Confirm the import by clicking the "Select" button: Click on the "Connect" button to connect: Confirm Android security prompt dialog: Wait for the connection's bootstrap process: The VPN tunnel is now established: When you need to disconnect from the VPN click on the "Disconnect" button:
×
×
  • Create New...