Staff

News about IPLeak.net: - Now reachable with IPv6 - Domains to switch between IPv4 and IPv6 - Experimental IP/WebRTC IPv6 detection - Users can query any IP address or domain - Updated JSON/XML/PHP API - Opened a new airvpn.org forum: https://airvpn.org/forum/38-ip-leak/ - Some bug fixes and improvements.

Hello! Please see: https://airvpn.org/topic/12088-hackforumsnet-blocked/?do=findComment&comment=19820 Kind regards

Hello! In Ubuntu 16 make sure to install Eddie 2.11.x beta because the current stable release (2.10.3) is not compatible with Mono 4 (i.e. the default Mono package for Ubuntu 16 in the repos). Please see here: https://airvpn.org/topic/18625-eddie-211beta-available/ Also, a new Eddie beta build will be available very soon, and it will be followed shortly by 2.11 stable. Kind regards

Hello, it is a bug in Eddie 2.11.1 .2 .3 beta. It will be fixed in the next build which will be released very soon. Kind regards

@ThatOnePrivacyGuy Scope of the directive 2006/114/EC does not cover the cases you cite, because any essential requisite is missing: the subject is not an AirVPN employee or a person that is paid to write a review or anything else about AirVPN. On top of that, the reviews are not misleading, at least in our opinion. We would like to know which points in your opinion are misleading in some review because you keep failing to show them. More relevant would be the totally different case of hidden advertisement, which is NOT covered by the Directive you cite (it is covered by 2005/29/EC). For this very reason you can warn about reviews with a referral link but missing a disclaimer. As we said, we already check that, but for practical reasons we check only those referrals which effectively send users (anyway, the source of income from referrals is irrelevant, we're talking about negligible percentages). Therefore: you admitted that your review contained a misleading sentence (false and defamatory in our opinion) and you replace that sentence with another false sentence, as we have proved to you (for clarity: we refer to the first page of Google Search engine, no country redirect, where the majority of reviews do NOT contain any referral link: exactly the opposite of what suggested by your new sentence)you cite a Directive pertaining to misleading, comparative advertisement, while you fail to provide where the review is misleadingthen you change context and insinuate hidden advertisement, which is totally different and covered by a different DirectiveWe assume that you are in good faith, but you can see that some doubts may legitimately arise. For some people, it is somehow difficult to assume that you are able to commit so many mistakes for lack of information, when all of those mistakes are against us. When you agree with yourself and you can follow a coherent line based on correct, accurate information, we will surely be able to have a more constructive dialogue. Kind regards

@ThatOnePrivacyGuy Thank you for your extensive reply. Unfortunately, we think that it does not address our corrections at all. First of all, this is not the original sentence of your article, The original sentence is: "Do a search for “AirVPN review” and just try to find one that isn’t written by someone paid to do so." which clearly suggests that an overwhelming majority of reviews are paid by us. This is false and defamatory because we don't pay for any review. Additionally, at the moment of this writing and at the moment of the publication of your article, most of the reviews did/do not even contain a referral link. Tom's Hardware, Torrentfreak, vpnMentor, your own and even other reviews you can find on the first Google Search page are all reviews which not only have not been paid, but do not even include a referral link. Therefore, if the aim of this thread is having a fair exchange of opinions to improve both sides, we would recommend that you do not apply old rhetoric tricks (admitting that a sentence is wrong to replace it with a different but equally false sentence) to twist your sentences in the mind of the readers, according to your own requirements of trust and transparency and your calls for "ethical" behaviors. This is your opinion. We can respect it but we can't share it. The requirement of a disclaimer for a review including a referral link is in our opinion correct and we already ask for it to our few, major referrals (who have of course the right to refuse if the applicable law for their web site does not require that). Of course we can't check all the referrals, it's humanly impossible, but we check all the referrals that refer to us more than 5-6 users per week. The referrals who don't refer any user to us can be checked randomly, but of course have a lower priority since they don't harm anybody. About copyright enforcement we are in total disagreement. In the first place we are not copyright enforcers. It is not our duty, not our competence and not our will. Under this respect, your requirement is in our opinion unreasonable and legally unsustainable . And since you stress a lot on "ethics" throughout your whole message, we think that your requirement is contradictory. Copyright is one sector of the wide set of different laws and international trade agreements pertaining to intellectual monopolies, which in the last century have been severely damaging innovation, harming and limiting freedom of expression, imposing barriers to seek and impart information and access to culture, science and art, and above all have been causing and are causing millions of deaths and dreadful suffering to hundreds of millions of people. We can discuss endlessly about the horrors and the good of intellectual monopolies, but asking us to act as a copyright enforcer against some third-party web site is not only unreasonable under a legal point of view, but also unethical, because we would become a small part of that huge "machinery" that promotes one of the set of laws and one of those "mind attitudes" which are one of the causes (and not a negligible one, for what you can see in the last decades) of humankind pain especially in developing countries. Let's leave this task to the "competent authorities". That's correct. If you have time, please feel free to inform us if some review containing a referral link infringes the legal framework of the European Union on this subject. While we check all the referrals which bring to us customers, it's impossible for us to check all of those that don't send referred persons, so we leave the task to the public authorities who have the competence and duty to do so. Last but not least, feel free to cite the reviews that in your opinion talk about our service with undeserved terms. We ask because we usually see that the reviews, even those that contain referral links, miss the strong points of our service, in our opinion - but of course we underline that it's impossible to read them all. Kind regards

Hello! No, we have never paid and we will never pay for a review. We receive an offer for paid reviews almost every week but we decline every time. Note that the article you linked adds something more, i.e. it is even against our referral program which would aid misleading/hidden ads according to the author, and against us when we don't intervene to exercise pressure to prevent alleged copyright infringements on third party web sites that also use referral links. We wish to add that the sentence "Do a search for “AirVPN review” and just try to find one that isn’t written by someone paid to do so." is misleading and potentially defamatory (although the article might be quite irrelevant, we anyway reserve the right to sue for libel/defamation if our lawyers will recommend to do so). If you use Google for example, you find a lot of reviews, on the top positions, which do not even have a referral link. And of course all of them have not been paid, once again we confirm that we have never paid for any review. Kind regards

Eddie 2.11.x beta uses WFP (Windows Filtering Platform) by default (Windows Firewall remains available as an alternative method for Network Lock). You can test it with BitDefender: if BitDefender does not set higher priority WFP rules, chances of compatibility do exist. Kind regards

Wrong. The username in IPB is just a cosmetic setting, also called a display name and this is what the community sees. What is important is the numeric uid that binds to a unique username (string, Unicode allowed). Anyone can change the username from this menu: Hi, no wait: username and Display Name are two different records. Display Name is the name used to display the account on the forums and tickets. Username is used to log the account in the web site. When an account is created, Display Name is filled with the value of the username. A user can change the Display Name arbitrarily, but the username can NOT be changed by the user. Kind regards

The problem is resolved now. Sorry for the delay.

Hello htpc! 255.255.255.255 is already allowed by default (to let DHCP work). there must be something else needed by the protocol. Kind regards

Hello! Support to a system that's been abandoned by its own creator on 2009 and whose extended support ended on 2014 is a courtesy. It is not advertised anywhere that we support abandoned systems. "Support to Windows" means support to Windows x86 active systems, it can't be in any way meant as support to Windows 1, 2, 3, 3.1, 95, 98, ME, XP and any other bunch of Windows abandoned system. Additionally our free and open source software is not mandatory to connect to our service: you can connect with OpenVPN. Our software for example can not support Network Lock in XP, because of WIndows XP Firewall limitations. Route check and DNS check are an additional feature that we are trying to keep up even with the archaic XP system, but if it's not possible we will not compromise security and you will need to disable route check and DNS check in the software (or just use another software to connect). An abandoned system can't be updated to patch vulnerabilities and keep up with the normal development of security, encryption and a wide variety of subjects. Windows XP was already a security nightmare when it was regularly updated. Keeping using it in 2016 is unreasonable if security is a priority. And you can see one of the reasons right now, see our post about lack of AES cipher suites support at system level. You can't pretend that we solve problems that you create to yourself, but we'll try in any case. As we said, keeping RC4, even for checking route only, is no more acceptable. We will not sacrifice this in the name of an abandoned system. We can't and we must not be interested in what you assume most people think they need. We provide a state of the art service in its field and we will continue to do so. We will not compromise anything for the alleged needs of people who can't even realize the dangers of running an abandoned system. There are a lot of other services out there run by incompetent people who do not hesitate to compromise security just to target gullible people and earn a few more subscriptions and pretend to agree with you about how using XP nowadays does not pose any problem. Air is not and will not be one of such slimy services. Kind regards

Traffic shaping devices have reached a remarkable flexibility. They can shape traffic on a wide variety of factors and conditions. They can decide when shaping traffic on protocols, ports, patterns, times and according to pre-defined conditions when they are met. Traffic shaping on a user basis is also perfectly possible. What appears random to you could hide a very precise underlying pattern, for example reacting to congestions, demands etc. on some segments (this is just an example). Alternatively, it's only congestion, without shaping, which apparently occurs randomly. Of course all of the above can't rule out your legitimate suspect. Some specific occurrence in your system might make the behavior apparently erratic, in this case it's mainly up to you to try to find what's wrong in your system. A useful comparison could be testing a different computer with a different system on the same line, with the same router and the same conditions; and then testing with a different router. That's very interesting, so the old limit has been bypassed. Kind regards

Hello! The problem arose when RC4-SHA cipher was disabled for the route check. It comes out that Windows XP does not support any AES cipher suite in TLS: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380512%28v=vs.85%29.aspx At the moment we fixed the problem by allowing RSA-3DES-EDE-CBC-SHA (we deemed RC4 not acceptable): TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA However this event once more shows that Windows XP should no more be used when security is a priority. It is an abandoned system. It seems somehow contradictory to use AirVPN services while at the same time running Windows XP... Kind regards EDIT: the problem does not seem resolved. We are investigating. Problem solved.

Hello! We're sorry, it appears that it is currently not possible to connect to our service with Eddie and Windows XP SP3. We are investigating. Kind regards

Strong clues hinting to congestion or traffic shaping. OpenVPN over SSL, in a totally agnostic network and on equal terms, must be slower, it can't provide same or better performance. Performance fluctuation hints to traffic shaping and/or congestion as well. We once again underline that we are not informed about a precise limit of the tun interface on Windows with the driver 9.21.2. Kind regards

Download the experimental, it does not require Mono. It does require Mono. However, unlike Eddie 2.10 and older versions, it is compatible with Mono 4. Kind regards

Just allow the IP addresses required by a particular protocol you need in Eddie. Also consider that sometimes the problem comes from the inability to resolve local names when local DNS is no more used (when you are in the VPN, your system queries the VPN DNS by default), so act accordingly. Kind regards

Amazingly good for a TCP connection from a Windows machine. Test OpenVPN over SSL as well. Kind regards

Hello! Please make sure to run Eddie 2.11.x beta, because Eddie 2.10.3 is not compatible with Mono 4 and will pose a variety of issues on Ubuntu 16.04. https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Connection modes with destination port 1194 are available only in 2.11.x, not in 2.10.3 or older versions. Re-upgrade to 2.11.3 and anyway keep driver 9.21.2. Maybe a combination of bad peering, congestion and traffic shaping enforced only on certain peak times. Of all the modes you tested, you missed the "OpenVPN over SSL/TLS", test it as well. The fact that you don't see any difference between UDP and TCP, however, hints to traffic shaping. because if the network was really agnostic, and any other condition is the same, there would be no way to reach the same performance of UDP with TCP. Note: it remains to be seen what performance the new tun/tap drivers can handle with the tun interface. The old 9.9 ones could not beat 100-110 Mbit/s on Windows (this peculiar limitation affected only Windows, of course), while 9.21.0 and 9.21.1 are bugged, so we recommend that you rely only on 9.21.2. Anyway 170 Mbit/s on the tun/tap interface looks like a very good performance in Windows. Kind regards

"Allowing" does not mean "no shaping". Anyway please test port 1194 (the "officially reserved to" OpenVPN port) to check whether there's any performance improvement. Also test with sockets buffers forced to 256 KB and 512 KB (verify on the client logs what your system currently sets). In Windows, the sockets buffers sizes should not be set to "Automatic" by default: which Eddie beta version are you running? Did you manually set them to "Automatic" (even in some past version of Eddie)? Finally post all the logs of a single connection, just in case there's some useful clue. Kind regards

What MTU do you refer to? tun MTU is 1500 bytes and can't be modified unilaterally, of course. Ethernet MTU is 1500 bytes as well, are you in a jumbo-frames supporting network? See also https://en.wikipedia.org/wiki/Maximum_transmission_unit Kind regards

Hello! For practical purposes, Windows tun/tap driver versions "9.0.0.x.y" are defined as "9.x.y" (i.e. the ".0.0" is stripped out). Driver 9.21.0 and 9.21.1 are problematic and should not be used anymore. However, driver 9.21.1 is still included in Eddie 2.10.3 package. Driver 9.21.2 fixes a lot of issues and is included in Eddie 2.11.x package (currently in public beta testing). Driver 9.9.2_3 appears to perform very well on every Windows version, except Windows 10, for which we have reports of compatibility problems. Kind regards

Hello! In your case the problem appears different: route check and DNS check do not even start because the connection can not be established. Something is blocking UDP and/or OpenVPN packets, according to the logs. Before anything else please check any packet filtering tool, both on your system and router. Kind regards