go558a83nk

1) SSH and SSL use common ports so it's unlikely  they'll be throttled.  They are probably throttling you based on deep packet inspection (DPI), not an overall throttle of the port.  DPI is able distinguish an openvpn connection but they cannot see the encrypted payload.
 
2) SSH and SSL tunnels trick DPI becase they look like SSL or SSH, not openvpn.  Here you have an openvpn tunnel inside an SSH or SSL tunnel, so they are certainly as safe and encrypted.

1) SSH and SSL use common ports so it's unlikely  they'll be throttled.  They are probably throttling you based on deep packet inspection (DPI), not an overall throttle of the port.  DPI is able distinguish an openvpn connection but they cannot see the encrypted payload.
 
2) SSH and SSL tunnels trick DPI becase they look like SSL or SSH, not openvpn.  Here you have an openvpn tunnel inside an SSH or SSL tunnel, so they are certainly as safe and encrypted.

doesn't the network lock accomplish this?

I see Air now include the WebRTC check on ipleak.net. 

I see Air now include the WebRTC check on ipleak.net. 

How are sites likes Deepdotweb supposed to know how trustworthy any given VPN provider is?
(They can't even get their facts* straight.)
On a scale of journalistic quality I'd even rank naïve-sensationalist TorrentFreak higher than Deepdotweb. In some way, I'm even happy that AirVPN won't get a lot of traffic from these places.
 
Again, kudos to AirVPN for not participating in advertisement campaigns on such sites. Not finding any bullshit marketing or "sponsored" reviews was one of the main reasons that I ended up here.



* When judging trustworthiness of VPN providers, you don't deal with facts. This is all you have available:
- unverifiable claims by the provider
- the provider's track record, history, milieu and behavior
With this limited set of information, you draw your conclusions. Which don't quite fit into a spreadsheet.

In any case, STUN, ICE, TURN are all possible due to "leaky" router/NAT settings that allow those ALG protocols.
You can read some technical insights here:
 
 
https://webrtchacks.com/stun-helps-webrtc-traverse-nats/
 
This is how you disable it on Asus-C66:
 
http://www.junctionnetworks.com/knowledgebase/onsip/phones-routers-and-devices/router-configuration/asus/asus-rt-ac66u
 
 
 
 
There are very tricky ways to disable those ALG handlers, that are mostly used for VOIP. If you use an open-source firmware, it might be your only way to really be sure what's going on.

Before HTML5 all those potentially dangerous features were at lower risk, because the 3d party would have to run an executable file on your machine to be able to unmask you.
With the new browser "features", such as the Geolocation, RTC, bookmark sharing, peer-assisted networking, and who knows what else, only a properly configured open-source
software at the perimiter, or manual disabling of those easter-eggs can ensure maximum protection.

See https://diafygi.github.io/webrtc-ips/

without noscript this site did indeed see my real WAN IP address.
I you're using Firefox, set 'media.peerconnection.enabled' to false to prevent it.

See https://diafygi.github.io/webrtc-ips/

without noscript this site did indeed see my real WAN IP address.
I you're using Firefox, set 'media.peerconnection.enabled' to false to prevent it.

See https://diafygi.github.io/webrtc-ips/

without noscript this site did indeed see my real WAN IP address.
I you're using Firefox, set 'media.peerconnection.enabled' to false to prevent it.

See https://diafygi.github.io/webrtc-ips/

without noscript this site did indeed see my real WAN IP address.
I you're using Firefox, set 'media.peerconnection.enabled' to false to prevent it.

See https://diafygi.github.io/webrtc-ips/

without noscript this site did indeed see my real WAN IP address.
I you're using Firefox, set 'media.peerconnection.enabled' to false to prevent it.

Feedback from my side,
Only L2TP/PPTP connections, and some OpenVPN connections on port 1194 are blocked.
No issues at all with UDP/TCP port 443. Both China Telecom and China Unicom. Sorry I don't have access to other ISPs at this point, but those ones are 70% of China.
Even without SSL/SSH tunnels.
 
 
I don't want to go into assumptions here, but it seems to me this was a PR move, from some VPN providers that use default settings, just to bring some "new" features that
we already have with Air, if you can call a non-standard port a feature.
Anyway with the ability Air provides all of the users, without special "Premium" plans or other BS, the connections via SSL/SSH are simply cannot be blocked.
Not in the near few years at least, unless they do some quantum computing calculation on each outgoing connection to determine the real protocol.

Hello!

We're very glad to inform you that two new 1 Gbit/s servers located in Canada are available: Kraz and Rana.
 
The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Kraz and Rana support OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!
 
We're very glad to inform you that two new 100 Mbit/s servers located in Latvia are available: Phact and Meissa.
 
The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Phact and Meissa support OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Kind regards and datalove
AirVPN Team
 

VPN between you and your buddy with just the routers.  Don't need Air for that.  One of you create a server, the other be the client.
 
To remote access while connected to Air: 1) setup port forwarding in your client area; 2) configure your server to listen on the port that Air assigns you; 3) access via the exit IP of the Air gateway.

Hello!
 
We will not disclose any data. We are anyway working on an effective solution which will make everybody happy, including protocol discriminators and Net Neutrality purists. If everything goes well, we will be able to apply the solution in a matter of few days.
 
Kind regards

Hello!
 
We're very glad to inform you that a new 100 Mbit/s server located in Latvia is available: Schedir.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Schedir supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Kind regards and datalove
AirVPN Team
 

Hello!
 
@epsilon
 
We're sorry, we have already explained our position and we don't wish to allocate more resources to answer in the same way: your requests can not be accepted, unless for very important reasons. We appreciate your dedication and ongoing support and thank you for your time for the review.
 
A couple of words about servers speed. Since the end of November, the point in time around which you claim the performance problem, the performance per client has increased, due to the addition of new servers and more awareness by our customers about ISP traffic shaping (especially on high bandwidth lines) and methods to mitigate it. You can easily verify that on the servers monitor page. We are keeping this trend since years: quarterly, with a couple of sporadic exceptions, we have always been able to provide an average per client bandwidth slightly higher than the previous period.
 
@leno wtf
 
At the moment a live chat support is not planned. From the experience of part of our staff, in most cases it makes the support service quality decay dramatically. The advantages it can provide for a strict minority of cases do not seem to justify the overall disadvantages. Each customer's problem needs to be tested thoroughly, requiring in most cases simulations and emulations, problem reproducibility on different systems etc., because our service has some very unique features. There's no way to provide such a support in a live chat. A live chat can be an enormous advantage for different services, but for how our service is, a live chat would be just a marketing tool and we're not interested in such deceptive practices.
 
Kind regards
AirVPN Staff

in my experience this happens when my MTU settings are incorrect.  When I just leave it alone, no problem.
 
I run VPN from router, BTW.

​https://www.youtube.com/watch?v=dNZrq2iK87k
 
If you haven't seen this yet - this is a 2+ hour, must-watch presentation about the current state of data collection / analysis / surveillance / targeting, held by (right-wing, anti-Snowden!) private investigator Steven Rambam at the HOPE X conference.


Money quotes:

"If this stuff had existed during the American Revolution, all of the leaders of the revolution would have been identified and arrested."

"It's a double-edged sword. Undercover agents, people risking their lives assuming identities, what do they do about this? (..) It's a nightmare now. (..) Motorcycle gangs now have membership applications. And they hire private investigators to check them out."

"All of this stuff is being done to catalog us, pigeonhole us - is it actually translating (..) to a reduction in crime rates, catching of terrorists, finding missing persons? No. Not at all."


This presentation is a great reminder that yes, we need technological solutions like VPNs and Tor but the real problem lies so much deeper. It doesn't matter how hard we try, we can't escape or avoid "the system". We have to change it and it's not just some crooked governments or a few misguided corporations: it's the current, global mindset that enables these violations and this wrong way of thinking.

Mmmmm bought a new router a Asus RT-AC87u it's a very fast router, but still i'm getting like 9mbit. I don't know what's wrong but this router should be abble to handle much more. 
 
PS: Fixed it it had something to do with the router it's doing 40mbit on the moment on stock 1000mhz if you want faster speeds you'll need a bigger router (and those are very expensive)

Hi, 
 
Just to put your mind at rest (though I understand it doesn't actually help you), I have a 152Mbps cable connection and all AirVPN servers are able to max my bandwidth. So the problem is definitely not with AirVPN's servers or capacity.
 
Your laptop is running an outdated, insecure and unsupported OS and as such I assume comprises older hardware. AES and openvpn can be fairly taxing on hardware as the VPN requires constant real-time encryption and decryption. This may be a factor in your speed issues. Also your ISP might throttle VPN traffic (it happens), so try installing the Eddie client (links in the forum) and then set the protocol to SSL tunnel and see if that helps. 
 
Is your speedtest result from Air's own site? Their test tends to be inaccurate in my experience. I get poor results from their speedtest yet can fire up an Ubuntu torrent a few seconds later and get 152Mbps download no problems! So maybe try that for a better idea of speed.
 
Also be aware antivirus software can impact on speeds and you may wish to whitelist the openvpn/Eddie executables to avoid issues. For testing purposes you might wish to run a Linux live USB and do some speed testing with a torrent app (set the download directory as a folder on your hard disk not the local USB!). 
 
Good luck.

If you use NoScript, your problem has been resolved a few posts before.