go558a83nk

As far as I know VPN fingerprinting is performed by analyzing the timing signatures of the ciphers - the only way around it is by encapsulating OpenVPN into an SSL layer.

 

Spoken in easier terms, use OpenVPN over SSL to avoid fingerprinting. The admin cannot do much about it.

As for the ports - are you asking for port closure because you suspect danger to your computer when they are open or do you just want them to be closed to let the test succeed?

re-read what I wrote above closely if you think the VPN server company can't do anything about it.

check out localbitcoins.com if you're interested in buying bitcoin.  you can find local sellers who you can pay with cash.

If both devices are connected, then it does not matter if it travels through other servers outside of Air's control as the data is very securely encrypted.

 

If the servers are in the same datacenter, then all data stays inside Air's network, however you will not gain security from this (due to the already present encryption) - just speed/latency improvements.

I hope this isn't a common belief.  The VPN is only encrypting between client and server and vice versa.  Your data after it exits Air's server or before it enters Air's server isn't encrypted by the VPN.

Even in this example above, if connected to two servers in the same datacenter, the data is decrypted/encrypted as it passes from one Air server to the next.  If not in the same datacenter then it certainly enters the "internet" decrypted.

So it's 

 

PC > Airvpn Server > Internet > Airvpn Server > Android

 

Not

 

PC > Airvpn Server > Airvpn Server > Android

 

Yeah?

if both devices are connected to the same server or 2 servers in the same datacenter then it technically doesn't go to the "internet"

Speed is a bit of an issue for me too, was trying to use Singapore 

 

No vpn I get 95mbit down and 2mbit up

With vpn I get 0.6mbit down and 0.22 up

How are you testing speed.  What server gives you 95mbit down?  Have you tried the speed test tool on AirVPN's web site?

There's also WITCH.

 

Interestingly, I ran 2ip's test with my Android phone and it detected an open web "proxy" port (80, because I run a webserver at home) and VPN port 4500/UDP, the probability of my phone using anonymization would be 70%. I ran some tests, I could not verify the VPN port being open anywhere in my network.

 

On my PC, it correctly detected usage of OpenVPN, but again it wanted to tell me 4500/UDP would be open which was clearly not the case.

Keep in mind it's probing the VPN server, not your IP address.  Air very well could have those ports open.

Thanks for sharing the site.  This probably does some of what that "witch" page does that caused some stir around here last year.

I alternate use with another VPN company and Air and the other one is not detected by this page except for the difference in browser and IP time zone.  I wish I understood why the two different VPN companies (which use the same openvpn ciphers) are detected differently.

 

 

I'm not sure about the Netgear routers but if you have an asus router flashed with Merlin and you know a little about scripting you can set up two WiFi networks of which one has vpn connection and the other not. So all you have to do is switch network on the device you don't need vpn on and all other devices are still protected.

 

Without scripting you can set-up rules in the vpn client. Which device goes directly to and wan which device will always go through vpn. This is without scripting but then again you will always need to login on the router.

 

As the router is slower with handling a vpn then a laptop or desktop I would recommend to have the laptop or desktop not connected to the vpn in the router but with the client itself.

 

Good luck

 

you don't need scripting to do this with asus merlin firmware.  he's got policy routing for openvpn built into the gui now.  in the openvpn client choose policy routing for the redirect internet traffic option.  read about how to use policy routing in the firmware documentation. 

Didn't know it was implemented for separate SSID's (one for ISP and one for VPN) now.

no need to worry about separate SSID's.  just set rules for each IP address or a rule to apply to your whole local network.

I'm not sure about the Netgear routers but if you have an asus router flashed with Merlin and you know a little about scripting you can set up two WiFi networks of which one has vpn connection and the other not. So all you have to do is switch network on the device you don't need vpn on and all other devices are still protected.

 

Without scripting you can set-up rules in the vpn client. Which device goes directly to and wan which device will always go through vpn. This is without scripting but then again you will always need to login on the router.

 

As the router is slower with handling a vpn then a laptop or desktop I would recommend to have the laptop or desktop not connected to the vpn in the router but with the client itself.

 

Good luck

you don't need scripting to do this with asus merlin firmware.  he's got policy routing for openvpn built into the gui now.  in the openvpn client choose policy routing for the redirect internet traffic option.  read about how to use policy routing in the firmware documentation. 

why not just use eddie?

was hoping the same thing but didnt see any happen.

ha!  there was most definitely a sale around Christmas.

hello?  anybody get the ffprofile site to work?  I can get through the first 2 steps then I always get 500 error.

For the speeds you're talking about, any recent model router that you can flash with dd-wrt should work fine.  When I first started with AirVPN I was picking up used dlink DIR-615 routers and flashing them.  They worked fine except they could only sustain 7-8 Mbps when connected to the vpn.  This wasn't acceptable for me, but sounds like it would be for you.  So really any flashable router made in the last few years should be fine.  I ended up building myself a pfsense box, which can easily sustain the full speed of my connection (and well beyond).

 

If you want Netflix from another locale then you must route through the vpn and the vpn is always an encrypted connection.  You can't connect to a vpn and have that link not be encrypted, simply not an option.  If you don't want Netflix to be encrypted then you must route such traffic directly through your ISP instead of the through the vpn.  But if you want access to US Netflix, for example, then you must go through the vpn and vpn traffic is always encrypted.

not 100% true.  I've seen VPN providers that had options to connect with openvpn but with no data channel cipher so that, in theory, routers could run faster for situations where encryption isn't really needed but just a "proxy".

I've tried a few different days that ffprofile site and keep getting error 500 (that means it's on their end).  how have y'all been able to get it done?

that router should be able to do about 60mbit/s running openvpn.  so, something else is wrong.  try different servers, ports and protocols.

this site does not censor legitimate content.

can your TV run openvpn?

you should be asking these questions in the asus merlin forum

http://www.snbforums.com/forums/asuswrt-merlin.42/

all in the same datacenter as some of the other Canadian servers?

it is quite odd that there is no official notice from Staff regarding this.

https://airvpn.org/topic/15566-the-nsa-sure-breaks-a-lot-of-unbreakable-crypto-this-is-probably-how-they-do-it/?hl=%2Bprimes+%2Bserver&do=findComment&comment=32953

I did one forum search and found the above post in which Staff answers your question.

I believe AirVPN use 4096-bit and unique primes on each server.

yes, the OP would know this if he/she bothered to search the forum for a minute

people, please read the original message carefully.  Staff say the severs contain no "sensitive information".  I'm sure that means certs and keys are NOT compromised. 

I'm glad that so far, at least publicly, Apple has stood firm on encryption and not allowing back doors. 

sorry for AirVPN and sorry for the corruption in Ukraine.

When I check IPLeak it shows AirVPN's DNS just like it did when I connected to it using Tunnelblick or Eddie.

sorry about that, I didn't read carefully enough your original post.

I don't know what the problem could be.