Staff

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Romania is available: Canes. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Canes supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Please note that Canes replaces Phoenicis. Phoenicis has been taken down by the provider without any prior warning. We were informed with a posthumous message which provided an unsatisfactory explanation and the steps to re-activate the server. Needless to say that we're done with anybody keeping this behavior. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

We have found a comparison chart that takes into consideration some very important technical and non-technical aspects which are missing in the quoted list. https://www.comparitech.com/blog/vpn-privacy/best-vpns-privacy-and-anonymity/ There are some minor mistakes but overall it looks just fine. The aforementioned comparison chart should compensate the embarrassingly insufficient technical knowledge and the blatant lies of the person compiling the quoted list: https://airvpn.org/topic/19586-a-review-on-another-site/?do=findComment&comment=48971 Kind regards

Hello, upgrade to Eddie 2.13.6 (latest stable version). Eddie 2.10.3 is years old and is not fully compatible with macOS Sierra and High Sierra. It was programmed when Sierra did not even exist in beta version. Kind regards

It's the same. Unfortunately the user quit Eddie, so the behavior is not only expected, but also explicitly planned to avoid big issues with "netlocked" devices of noobs. The user can blame only himself/herself for the unfortunate, reported circumstances: he/she broke the law (for his/her own admission) AND he/she didn't care to get informed about how Network Lock works, AND he/she let his/her subscription expire beyond the grace period. Kind regards

Network Lock is a set of iptables rules. When you shut down Eddie, Eddie restores the previous iptables rules. This is clearly specified in the guide and in the FAQ and it's very important that you're aware of that. Note: if Eddie crashes the iptables rules will not be changed and your system will remain under Network Lock. Apparently the only one to blame here is yourself. Kind regards

Hello, we don't monitor and/or inspect (with or without logging) the traffic of any OpenVPN client. The information that you report shows that PureVPN did. If you can't afford to trust our words please apply partition of trust. The fact that we don't block OpenVPN connections over Tor node or any socks or http proxy should say something about our honesty. Furthermore, the fact the you don't have any official statement after seven years of AirVPN activity and hundreds of thousands rotating customers about any compromised customers identity (and you have such information about HideMyAss, PureVPN and other services) should be also taken into serious consideration. Kind regards

Hello, except for this which sounds obscure to say the least: Dynamic: The algorithm learns and reacts if routing changes this is a procedure we implemented for geo-routing years ago. We strictly apply this feature only to services which would be otherwise unreachable, because this procedure adds a forced hop, so it's a good way to slow the clients performance down. Apparently that's a terrible feature: probably their users will like to keep it always off. Kind regards

Hello! What Eddie version are you running? Can you also test Eddie 2.13.6, if you haven't already done so, and report at your convenience? Kind regards

Hello! You need to activate "Network Lock". In this way you don't need to disable IPv6 manually. Network Lock will prevent "IPv6 leaks" through ip6tables rules (as well as any other possible leak through iptables). IPv6 support in our infrastructure is planned within the end of 2017. Kind regards

It's not a rule, it's a Law of Technology By connecting to the same server with the same protocol and to the same port your internal IP address is the same. There can't be two devices with the same IP address on any network. Hello! It's a quite different technical limitation in our setup, not a big deal anyway. By the way: if you don't need remote port forwarding you can connect multiple devices, from the very same account, to the same server, but on different ports. In this way you will connect to different OpenVPN daemons working on different VP subnets bypassing the limitation. There is also another finesse which will bypass this limitation and will allow multiple connections to the same server and the same port and subnet with the same account on multiple devices, but it will not be implemented in 2017 (plans for this feature, which will require an important change, have not yet a definite deadline). Important: in order to connect to different daemons for sure, consider that different daemons listen to port 53, 80 and 443. If you pick different ports like 28439, you risk to connect to the very same daemon which listens even to other ports. Kind regards

Hello! Currently not, we're sorry. We might have great news in the future, anyway. Nowadays, a good workaround is accessing our real time servers monitor in our web site "Home" > "Status" page, direct link https://airvpn.org/status Kind regards

Hello! That's a very generic sentence. In general that's not necessarily possible. Just think about our service: OpenVPN works in routing mode, not in bridging mode, and ICMP is a protocol at Internet layer, not a transport layer protocol. So VPN configuration and topology should be analyzed first to avoid potentially wrong or even crazy assumptions. Anyway the scenario seems to assume that the adversary already knows your "real" IP address (we mean the IP address assigned to one of your devices by your ISP) so the discussion shifts to correlation attacks (aimed to show that some activity behind the VPN is indeed YOUR activity) which have been treated over-abundantly in our and other forums. For the purpose of this discussion: 1) make sure to keep Network Lock enabled in our software Eddie and 2) maintain a definite identity separation. In this way you can be confident to defeat even complex correlation attacks. If your friend wants to clarify, he/she is welcome. However, more accuracy is strictly necessary. Kind regards

Hello! We can't see the final DNS your system queries because it's configured in the router, can you please check? That DNS is poisoned. The correct resolution currently is: $ dig airvpn.org +short 5.196.64.52 Fix the issue and test again: if there is no further censorship at IP address level, the problem will be resolved. We would be grateful if you could tell us which DNS is hijacking airvpn.org (if you don't want to publish in public, please feel free to contact us in a ticket or via mail). If you need suggestions about publicly accessible DNS we would recommend OpenNIC servers for their commitment to privacy and neutrality: https://www.opennicproject.org Kind regards

Hello, can you please give us the output of the following command (while your system is not connected to the VPN): nslookup airvpn.org issued from a command line interface. This well let us know whether the name "airvpn.org" resolves into the correct IP address and which DNS your system queries. Kind regards

Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.13.6 Eddie 2.13 includes many important bug fixes and changes. You can see them all on the changelog. As usual, Eddie is released as free and open source software under GPLv3. 2.13.6 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments Windows 10 "Creator update" users will have a dramatic names resolution speed increase when querying the VPN DNS, because Eddie 2.13 circumvents the improper external DNS resolution method implemented by the "Creator" upgrade. Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html Due to the large amount of bug fixes and changes upgrade is strongly recommended. Just like previous versions, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux, OS X and macOS users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X/macOS, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 ) As far as we know, Eddie is the first and currently the only OpenVPN wrapper that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor We recommend that you upgrade Eddie as soon as possible. Eddie 2.13.6 for GNU Linux can be downloaded here: https://airvpn.org/linux Eddie 2.13.6 for Windows can be downloaded here: https://airvpn.org/windows Eddie 2.13.6 for OS X Mavericks, Yosemite, El Capitan and macOS Sierra and High Sierra can be downloaded here: https://airvpn.org/macosx PLEASE NOTE: Eddie 2.13 package includes an OpenVPN version re-compiled by us from OpenVPN 2.4 source code with OpenSSL 1.0.2k for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328 Eddie overview is available here: https://airvpn.org/software Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock Eddie is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client Kind regards & datalove AirVPN Staff

Hello, please consider that DNS settings of the devices behind the router take precedence over the router DNS settings. You probably don't have a DNS leak, because the DNS queries are anyway tunneled by the router after they get out of your Mac, but you might like to re-configure the devices to use VPN DNS (to do so, make sure that the devices query the router address as DNS server). Kind regards

Hello, when you have such issues put all the keywords inside a good web search engine: this is generally a good start. For example, we wrote in our message "Use the ISO country code for the country" and you don't know what it is, so a good idea is looking for "iso country code list", which returns in various search engines as a first link https://en.wikipedia.org/wiki/ISO_3166-1 - there you find definition and a table with all the country codes. Consider the two letters codes, obviously. You can use "nslookup" to resolve a name into an IP address in a command line interface. For example, enter the command: nslookup nl.vpn.airdns.org You will see something like: $ nslookup nl.vpn.airdns.org Server: 10.4.0.1 Address: 10.4.0.1#53 Non-authoritative answer: Name: nl.vpn.airdns.org Address: 213.152.162.169 and you see that, at that moment, nl.vpn.airdns.org resolved into 213.152.162.169 IPv4 address. Kind regards

Android is Android, Linux is Linux. The Android kernel might be based on Linux, they share similarities, but they differ in functionality. Just for completeness sake: https://en.wikipedia.org/wiki/Android_(operating_system) The Linux kernel is almost identical between various GNU/Linux distributions and Android (which is considered a Linux distribution by the Linux Foundation). The upper layers differ significantly from most GNU/Linux distributions (in addition to the changes by Google in the Linux kernel: only some of them have been ported to the Linux kernel main branch) - as noted in the above linked article, a major difference is that the C library is different. The reason for which in our "Configuration Generator "Linux" version is recommended for "OpenVPN for Android" application was due to text formatting. Kind regards

Please test with the latest version and leave us a feedback. Please test with the latest version and leave us a feedback. Please test with the latest version and leave us a feedback. This has been resolved in 2.13.6. Kind regards

Hello! Please try the 'portable' edition of the latest experimental release: https://airvpn.org/topic/13002-experimentalbeta-release/ We just installed KaOS in our labs and we're glad to inform you that Eddie works fine. Kind regards

Hello, please make sure to check the pinned thread in this very same forum. Direct link https://airvpn.org/topic/22715-dns-issues-with-ubuntu-1704/ The problem you report might be directly or indirectly related. Kind regards

About ChromeOS / ChromiumOS Chromium OS (or Chrome OS) is an operating system designed by Google that is based on the GNU/Linux kernel and uses Google Chrome web browser as its main user interface. CloudReady is the free, easy way to convert your computer to Chrome. Steps Go to Client Area > Config Generator in our web site, choose ChromeOS and other options. Download files: you need user certificate "user.p12" file and Openvpn connection "<filename>.onc" file. (If you download the ".zip" archive format that contains "user.p12" and "<filename>.onc" you must extract the archive to have the two files outside the archive as two single files on the system. See How to Unzip Files on ChromeOS.) Click your bottom-right panel, and then the gear to open the control panel. Type "certificates" in the search box and select Manage Certificates. In some version of ChromeOS the certificates menu entry is accessible only in the browser: open chrome://settings/certificates in the browser On "Your Certificates" tab, click "IMPORT AND BIND", and select the "user.p12" file. If asked, leave password empty. You should now see your certificate and “(hardware-backed)” if done correctly. Note: if "IMPORT AND BIND" is not available it's because in your device TPM chip is disabled or not available, see here. With no Bind ("hardware-backed") certificates the VPN connection cannot work. In the browser, open chrome://net-internals , and click ChromeOS at the bottom Choose File. Select the .onc file. It will look like it did nothing. Now in your bottom-right panel, you will have a VPN connection. Click to connect. If you are forced to enter a password, type anything, it doesn't matter what. Check whether connection is ok in the bottom-right panel. Many thanks to @nopcode85 for his help.

If I used Eddie then all would be good, however I use my router as a VPN client and its up to me to choose a server and enter the address into router. Hello, not necessarily: you can use names of the type .vpn.airdns.org to have some automation. Such addresses resolve into the entry-IP address of the highest rated server in a country. Use the ISO country code for the country, for example "nl.vpn.airdns.org" resolves into the IP address of the highest rated server in the Netherlands. Of course in this case you still need the mental effort to pick a country. The rating of each server is computed every 5 minutes through a formula which takes into account a variety of parameters which include those which you don't understand in the real time servers monitor. The stats are so simple to decipher and based on such basic concepts that it's worth that you spend some time to understand them: they will be useful not only to understand our servers monitor, but in an enormous variety of situations. Start with "bandwidth", "throughput" and "round trip time". Wikipedia features good articles. https://en.wikipedia.org/wiki/Throughput https://en.wikipedia.org/wiki/Round-trip_delay_time Kind regards

Hello! Added. please test now. Kind regards

Hello, we do not force anything (not even using our software) and your multiple tickets have been promptly answered. Please check. We also remind you that Eddie has nothing to do with performance you mention since it is an OpenVPN frontend. Kind regards