Staff

That's a normal DNS query respecting the system settings. It has nothing to do with DNS leaks. A DNS leak is a totally different thing which affects only Windows (which does not have a DNS implementation, lacking the concept of global DNS). Kind regards

Hello! AirVPN is the 4th OSTIF top donor: https://ostif.org/top-ostif-donors/ We contributed specifically for the OpenVPN audit. We're glad to see that the audit completed quickly and that no serious security vulnerabilities have been found client-side. Even server-side, the only two security issues are not particularly worrying. A denial of service can be triggered by a client sending at least 196 GB in a certain way, while another denial of service can be caused by having the tls-auth key. Let's remember anyway that the bug bounty remains open. Our upgrade schedules sever-side remain unchanged, as well as Air client software release cycle. Each new release of our software is packaged with the latest OpenVPN version and keep in mind that you can configure the software to use any OpenVPN version you prefer. Kind regards

Hello! This is impossible. There are no DNS leaks on GNU/Linux. The error message seems quite explicative, you don't have the permission necessary to save the file. Please make sure to edit the file with root privileges. Kind regards

No. See also https://curia.europa.eu/jcms/upload/docs/application/pdf/2016-12/cp160145en.pdf for any doubt. No, it's false. It's not the first time that this "reviewer" posts false and potentially defamatory claims against AirVPN, and probably not in good faith as shown in the following post: https://airvpn.org/topic/19586-a-review-on-another-site/?do=findComment&comment=48971 As you can see, the "reviewer" does not hesitate to perform low level tricks (replacing a lie with another lie, stating that a fact is "an opinion of his") when he's nailed down to his lies with incontrovertible facts. The site also includes tons of mistakes about AirVPN, all of them damaging us, stating lower features than those that we really provide. Just to make a few examples, in the table it says that e-mail address is required (false), that we have 138 VPN servers (meaning that the web site has not been updated for a very long time, because we offer 205 servers currently) and some other "horrors" which hint to a bad combination of technical incompetence and lack of good faith. They are all dedicated servers with dedicated ports and IPMI etc. access restricted to VPN or a specific, limited pool of addresses. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Singapore is available: Triangulum. The AirVPN client will show automatically the new server, If you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Triangulum supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello, if you run Windows 10 "Creator" please see https://airvpn.org/topic/22650-windows-10-creator-update-airvpn-dns-slow/ Kind regards

We need to partially fix the support team statement here, we're sorry. Some of the data you enter, including the name, but NOT including the credit card number, is transmitted by the credit card processor to the Air management only (and not to employees or other persons, obviously). Kind regards

DNS leaks on GNU/Linux are impossible because they do not exist. A DNS leak is a DNS query sent in clear text (not in the tunnel) against the custom settings of the machine. It is a definition specifically created for Windows, which does not have a DNS implementation (it lacks the concept of global DNS so it sends out DNS queries to any DNS server of any network interface, even in random order in latest Windows 10 "Creator") and it makes no sense to extend it on systems with a proper DNS implementation and which respect settings. That said, we see that you already found a possible reason for the issue (which is quite a different thing than a DNS leak). Please update this thread at your convenience to report whether it solved the problem or not. Kind regards

Hello! The same base frequency is not by itself an issue provided that you use different channels that do not overlap the slice frequency. Each channel has normally a 20 MHz slice frequency. Unfortunately every channel overlaps with "near" channels, so if you experience issues you might need some trial-and-error procedure. However, the problem is treated here for a more scientific approach. Also, some useful tools are suggested. You can find additional articles facing the problem more properly for your country (the example article is specific to UK) through a web search engine. http://www.expertreviews.co.uk/networks/1401371/how-to-extend-wi-fi-range-increase-speed-and-fix-problems/page/0/1 EDIT: an additional nice article https://www.howtogeek.com/197268/how-to-find-the-best-wi-fi-channel-for-your-router-on-any-operating-system/ Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in the United States is available: Aquila. It is located in Fremont, California. The AirVPN client will show automatically the new server, If you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Aquila supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! Can you please try again now? Kind regards

Hello! Please open a ticket. from your description something went wrong apparently. Kind regards

Error in the entries of the db you're querying. Kind regards

Hello, nslookup is a little tool that queries a nameserver. To frame correctly the problem you need to know how Windows DNS implementation is faulty. Windows never had a global DNS concept (source and core reason of the "DNS leaks") and things got worse with Windows 10, which started to query all the nameservers of all network interfaces at once and resolve the name with the first which answered. Windows 10 "Creator" features an additional deterioration of the already rickety DNS implementation. Windows 10 Anniversary Update changed the way DNS works. It used to resolve a qualified name using all available adapters and IP addresses in parallel, now it still resolves names using all available adapters but in sequence, beginning with random adapter and waiting for the answer of each of them. You can easily see how the above implementation will not work correctly in a variety of situations, including a system which is connected to a VPN with internal name servers and which does not want DNS queries outside the tunnel ("DNS leaks"), for example with the "block-outside-dns" directive of OpenVPN (emulated by Eddie for Windows to prevent DNS leaks, for example). Lowering the metric of the tun adapter appears to be the correct solution at the moment. We don't know how the PIA software client deals with DNS leaks because it's a closed source software but from the description the observed behavior is just a rudimentary or clumsy DNS leak prevention which is not as effective as the one implemented in Eddie or in OpenVPN "block-outside-dns" by ValdikSS. For additional information please see also: https://airvpn.org/topic/22650-windows-10-creator-update-airvpn-dns-slow Kind regards

Hello! It may have some different meanings, which anyway do not change the outcome (server not accessible). A line might be saturated by a flood attack exceeding the upstream port(s) capacity, an IP address could be unreachable, etc. In this specific case our 1 Gbit/s port has been suddenly capped without explanation to 100 Mbit/s and we put the server down with the mentioned reason while we wait for a resolution of the problem by the datacenter (which has been of course timely warned about the issue). Kind regards

Absolutely not, we confirm once again that the problem was never on our side. Not only for logical inferences, because such a gigantic problem would have caused a massive amount of complaints by the 15000 users that at any given time are connected to our servers, but because your own description clearly shows that the problem is in your local network segment or local equipment. Kind regards

Hello! We're very glad to inform you that five new 1 Gbit/s servers located in the United States are available: Antlia, Octans, Pavo, Sagittarius and Scorpius. They are all in Atlanta, Georgia. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, these new servers support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! DNS leaks do not exist in GNU/Linux. In Ubuntu 17, NetworkManager might be configured to modify frequently resolv.conf and overwrites changes made by Eddie. Make sure to disable this feature by adding in /etc/NetworkManager/NetworkManager.conf the following line in the [main] section: dns=none The above should solve the problem. Kind regards

That's the problem. Please do not specify such route outside the VPN. Local addresses traffic is already not tunneled, obviously, and adding those exclusions on Eddie "Routes" window will create an inconsistent route which will actually make traffic "looping" to your local devices. Kind regards

DNS leaks do not exist in GNU/Linux. In Ubuntu 17, NetworkManager might be configured to modify frequently resolv.conf and overwrites changes made by Eddie. Make sure to disable this feature by adding in /etc/NetworkManager/NetworkManager.conf the following line in the [main] section: dns=noneKind regards

Hello! If the problem persists please try the following setup in Eddie (preferably 2.12.4): - untick "Check if the tunnel works" in "AirVPN" > "Preferences" > "Advanced" - untick "Check Air VPN DNS" in "AirVPN" > "Preferences" > "DNS" - untick "Enable Pinger / Latency tests" in "AirVPN" > "Preferences" > "Advanced" - enable Network Lock Please feel free to keep us posted. Kind regards

Hello! EDIT: Eddie 2.13.2beta automatically lowers the tun/tap interface metric to fix the problems caused by the wrong DNS implementation by Microsoft. If you run Windows Creator please upgrade to Eddie 2.13. to solve the problem. https://airvpn.org/topic/13002-experimentalbeta-release/ === EDIT: After a deeper investigation the workaround published in this post might be not proper. If it does not work successfully for you, please consider to lower the metric of the tap adapter: https://airvpn.org/topic/22650-windows-10-creator-update-airvpn-dns-slow/page-3?do=findComment&comment=61332 Temporary workaround, until we release an update of Eddie 1. Disable IPv6 Control Panel\Network and Internet\Network Connections, Properties of your real (not TAP) network interface, uncheck Ipv6. 2. Disable SmartNameResolution Run this .reg file: https://airvpn.org/repository/DisableSmartNameResolution.zip Explanation The same issue occurs also on plain OpenVPN 2.4 with directive block-outside-dns From https://sourceforge.net/p/openvpn/mailman/message/35789733/ Windows 10 Anniversary Update changed the way DNS works. It used to resolve qualified names using all available adapters and IP addresses in parallel, now it still resolves addresses using all available adapters but in sequence, beginning with random adapter. This interferes with how --block-outside-dns currently works. Sometimes OS chooses VPN TAP adapter and things work as intended, sometimes the other adapter and user have to wait until DNS request times out and name resolution goes via VPN DNS. This behavior introduces significant lag for web browsing. Eddie uses the same approach than ValdikSS "block-outside-dns" directive of OpenVPN: it blocks DNS query with WFP filters. With Windows 10 Creator build (1703) DNS resolution waits for the timeout of IPv6 resolutions (blocked by Eddie) and non-tunneled resolutions (also blocked by Eddie to prevent DNS leaks). This issue will be addressed shortly by a new Eddie release. Kind regards

In this case you're probably right, we will re-check. It is possible that Air privacy and data protection legally responsible person has deliberately forced non-persistent cookies to remain in full compliance with the privacy mission and the "cookie Directive" of the EU. If so, this setting will not be changed. Kind regards

Hello, it's expected and intended if you have set your browser to delete cookies at the end of a session (which is a good idea). Kind regards

https://airvpn.org/topic/22665-kaspersky-2017-patch-e-released/ This should definitely fix any Kaspersky problem with OpenVPN usage. Kind regards