Staff

Hello! Possible explanation (without logs, only speculation is possible): if DNS in OS X are set manually, Tunnelblick does not accept the DNS push from the VPN server. As a result, you might still be using your ISP DNS, which are poisoned according to your description. Our free and open source client Eddie has a much more advanced DNS handling, can you please test it and report back at your convenience? Eddie for OS X is available in the usual OS X page https://airvpn.org/macosx The fact that you see in the central bottom box "Not connected" when you browse to airvpn.org, though, is a symptom of a much deeper problem: the traffic might be not tunneled at all. Again, our client Eddie performs various checks to warn you if there are problems with tunneling, and also features a "Network Lock" option which will prevent any leak. Kind regards

That's not a problem with the Privacy Notice... that article deliberately reported false data for reasons that are not worth the time to be investigated, and not only about us (you can easily cross-check other false claims in that table). Note also how the table is a picture, to avoid indexing by search engines. Kind regards

Hello, www.national-lottery.co.uk for now it's works from "Dabih" UK Server. Kind regards

Hello, which IP address does your system resolve "airvpn.org" into? Both in and out of the VPN. You also say that the same happens in the VPN while the system uses the VPN DNS. This makes us suspect that your hosts file (which takes precedence over DNS, in names resolution) might include a wrong resolution for airvpn.org Can you also publish the client logs? Kind regards

Hello, we have inserted www.national-lottery.co.uk in our micro-routing system. Can you try again and confirm that it works now ? Kind regards

Hello, we have identified the problem. Can you try again and confirm that it works now from Canadian servers ? Kind regards

That's not what we reproduce. Is IPv6 disabled? Kind regards

Please enable Network Lock and test again. Kind regards

Hello! We're very glad to announce that we support the TorProject Open Observatory of Network Interference: https://ooni.torproject.org Our support includes, since July 2015 up to June 2016, monetary funding to aid project financial sustainability. See also https://airvpn.org/mission Furthermore, we are sponsoring an important OONI event, Adina15 hackathon, which will be held in Rome on October the 1st and 2nd, 2015. https://ooni.torproject.org/event/adina15 We'll be gladly providing all the awards and prizes to participants and winners of the Adina15 event. Members of the AirVPN team will attend the event. EDIT 27-SEP-15 - Only today it has been announced that the Adina15 hackathon event has been postponed to unknown date. https://lists.torproject.org/pipermail/ooni-dev/2015-September/000340.html This decision is obviously outside our control (we sponsor the event, we have no role in its organization) and we regret it very much. Kind regards and datalove AirVPN Staff

That's very risky. You have two programs with the same privileges competing to modify the kernel or OS packets filtering tables at the same time. In general you must never run two firewalls simultaneously (that's true for any system, not only Windows). Kind regards

A refreshed guide is available here: Prerequisite Install DD-WRT on router go to https://www.dd-wrt.com/ Select "router database", then enter you router model number. Follow the instructions as described and install the DD-WRT *vpn*.bin. Steps Create configuration files from our Config Generator. Select the server location and port you want to connect to, tick "Advanced Mode", tick "Separate certs/keys from .ovpn file", then generate and download the configuration files. Under the router "setup tab" locate your router's local IP address. Go to Specs page of AirVPN website and locate Air VPN DNS for the server you want to connect to, and enter it under Static DNS 1. Navigate to the "Services" tab then select the "VPN" tab. Select "Enable" under OpenVPN Client. Set the Server IP/Name and Port to the Air VPN server you selected (see here to determine VPN server entry-IP address: https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses ). Set Tunnel Device to "TUN" Set Tunnel Protocol to either "UDP" or "TCP" according to the Air VPN server you selected Set Encryption Cipher to " AES-256" Set Hash Algorithm to "SHA1" Put a check mark beside "nsCertType verification" Select "Enable" Advanced Options Select "Enable" LZO Compression Select "Enable" NAT Set Local IP Address to the router's local IP address found earlier. Set TLS Cipher to "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384" or "None" Unzip the AirVPN configuration file you downloaded. Using your favorite text editor - Open up "ca.crt" and copy all of the contents into the CA Cert window. - Open up "user.crt" and copy only and including "----- BEGIN CERTIFICATE----- to the end of ----- END CERTIFICATE----- " into Public Client Cert. - Open up "user.key" and copy all of the contents into Private Client Key. - Open up "ta.key" and copy all of the contents into TLS Auth Key Select "Save" at the bottom of the page then "Apply Setting" Select "Save" at the bottom of the page then "Apply Setting" DD-WRT firewall rules Go to "Administration" tab then select the "Commands" tab. Copy the following firewall rules into the command window (IMPORTANT: check your tun interface name and set it accordingly - some firmware builds will have tun1 and not tun0) iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE Click on "Save Firewall" Verification of VPN setup Go to https://airvpn.org and at the bottom of the screen it should show you are connected. Trouble Shooting If you're not shown as connected wait a minute then refresh the web (it could take a minute to make a connection with the VPN and log in). Go to DD-WRT configuration and navigate to the "Services" tab, then "VPN" tab. Once there go to the bottom of the page and click on "Apply Settings". Once completed wait a minute and verify your connection again. If you're still not connected verify the server status you're trying to connect to. Go to Air VPN website and log in, then navigate to "Support" and select "Server Status". If server is down reconfigure DD-WRT to connect to another server. If you are still have difficulties connecting, view the OpenVPN log file in DD-WRT. You can find the log by going to DD-WRT configuration and navigating to the "Status" tab and selecting "OpenVpn". Hopefully the log will give you some indication of why you can not connect. Still having issues Contact Air VPN support, they are quick at responding back to you and very knowledgeable. Another option is to ask on the Air VPN forums.

About Tomato Firmware Tomato is a small, lean and simple replacement firmware for Linksys' WRT54G/GL/GS, Buffalo WHR-G54S/WHR-HP-G54 and other Broadcom-based routers. Official website: http://www.polarcloud.com/tomato. PrerequisiteMake sure you triple-check that your version of Tomato supports OpenVPN or you'll be sorry. I strongly recommend Toastman's build of Tomato because of its widespread feature support and stability. StepsUnder Basic->Network, configure your 3 static DNS servers. If you wish to use the AirVPN DNS set 10.4.0.1 as first DNS IP address. The Air DNS will enable you to access internal Air services, geo-routing services and bypass ICE/ICANN USA censorship (more information here). About the others, I recommend picking ones from the OpenNIC Project because many of the servers don't keep any logs, which is consistent with the Air service, plus they would allow your internet service to continue functioning in the event of a government-ordered root DNS server shutdown- https://servers.opennic.org/Under Basic->Time, make sure that the correct time zone and server is configured.Download the OpenVPN (.ovpn) file of your choosing under "Client Area -> Config Generator" after you log in the AirVPN site. In the Configuration Generator make sure to tick "Advanced Mode" and "Separate certs/keys from .ovpn files". In order to determine the IP address of the server you wish to connect to, please resolve "servername.airservers.org". For example, for Acrux resolve "acrux.airservers.org". Find the server names by looking at Status page.For the actual configuration, please see the following two screenshots of the Basic and Advanced OpenVPN Client Configuration: Under Basic, sub in your own correct protocol, IP and port in place of what I have in my own config. In the Advanced Custom Configuration text box, the options are as follows: resolv-retry infinite remote-cert-tls server comp-lzo verb 3 Under Keys, you'll need to again text edit your user.key, user.crt, ca.crt and ta.key files, copy the matching keys and certificates and paste them into the text boxes in your router config. - ta.key is the Static Key - ca.crt is the Certificate Authority certificate (in some older builds, "Server certificate") - user.crt is the Client Certificate - user.key is the Client KeyAbout certificates files (user.crt and ca.crt) content, just copy and paste from "-----BEGIN CERTIFICATE-----" (included) up to "-----END CERTIFICATE-----" (included).Save all settings.Under Status, click Start Now and count for 30 seconds. Go to https://airvpn.org and at the bottom of the screen it should show you are connected or visit https://ipleak.net for check. Tested withToastman's build of Tomato [v1.28.7500 MIPSR2Toastman-RT K26 VPN] on Asus RT-N16 router.Tomato-ND-1.28.7633-Toastman-IPT-ND-SmallVPN on Buffalo WHR-G54S Feedback For any comment or feedback, you can find the discussion here. Thanks to Baraka for this article.

Hello, thank you for your subscription! In spite of what you claim here, we replied to your ticket a few minutes after you opened it, but we never received any feedback. Please proceed to reply at your convenience. Kind regards

Hello, can you reach 10.4.0.1 in the VPN? Are you running OpenVPN directly in your server? If so have a look here: https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf If resolvconf is not a viable option for you, just take care about the DNS yourself, in /etc/resolv.conf By the way, OpenVPN logs are essential to try to understand the source of the problem, feel free to post them. Kind regards

Hello! We do not log, inspect or monitor OpenVPN clients traffic. Other software procedures in our web site acquire and store (in backend servers) username and password (salted and encrypted) when a user registers in our web site. E-mail address can be stored as well, but that's optional: it's a customer's decision whether to enter a real e-mail address or not. We do not check if an e-mail address works or not. These data are stored in backend servers (never in VPN servers and/or in frontend servers) and retrieved when a customer wishes to log an account in our web site. If a user pays for a subscription, additional data are stored and linked to the account in our backend servers (again, not in VPN servers and not in frontend servers): - the start date of the subscription - the expiration date of the subscription - the generated OpenVPN client key and certificate - the payment method used for the subscription and its transaction ID Kind regards

Hello! Eddie acts correctly, it sends the proper signal to OpenVPN Management and wait for OpenVPN to comply. What you suggest would imply that Eddie forcefully kills OpenVPN, re-launches it etc. This would not be correct and could potentially cause various problems. Kind regards

we have made a topic for How-To configure Asus Router with native OpenVPN support. Model tested: RT-AC68U but it should work for all Asus routers that have OpenVPN support, for example model RT-AC87U. Kind regards

About AsusWRT AsusWRT is a unified firmware developed by Asus for use in their recent routers. The firmware was originally based on Tomato-RT/Tomato-USB, but has since seen many changes. Asus started using this new firmware with their recent routers (RT-AC68U, RT-AC87U), but they also started moving other routers to this new firmware. Prerequisite Asus Router with AsusWRT (native OpenVPN support). Model tested: RT-AC68U but it should work for all Asus routers that have AsusWRT. see Official website for AsusWRT model support list. [Firmware Notes]: Please upgrade the router Firmware to the latest version. "New Asus Firmware supports 4096 bits key and will work with AirVPN." Steps 1. Create configuration files from our Config Generator. Select [Router or others] and choose a server you like. Tick on [Direct, protocol UDP, port 443] and click on [Generate]. Save the openvpn config file .ovpn (Ex: AirVPN__UDP-443.ovpn) anywhere on your computer. 2. Open the Asus router webinterface and click on [VPN]. Click on [Add profile], choose [OpenVPN] tab. Enter a "description", leave username and password EMPTY. Click on [browse] and select the downloaded openvpn config file (.ovpn). Click on [upload]. Click on [OK]. That's it now you can click on [Activate] to connect to AirVPN server. 3. Make sure to setup the AirVPN DNS this way: Click on [WAN] tab. Turn [DNS server] "off" (No) and enter AirVPN's DNS 10.4.0.1 as first DNS IP address (it's DNS for Protocol UDP, Port 443 - see Specs for more details). About the secondary DNS entry, we recommend picking ones from the OpenNIC Project. The AirVPN DNS will enable you to access AirVPN geo-routing services to bypass discriminations based on IP address geo-location. 4. Visit https://ipleak.net and check whether it works. Every client (PC, Smartphone, Console, Smart TV ..) which is connected to the router now is secured by VPN and also has full access to the anti-geo-blocking service. Useful Info A custom firmware for Asus routers based on official AsusWRT called Asuswrt-Merlin is available. AsusWRT-Merlin retains all the features of the original stock AsusWRT firmware with added/enhanced features. More info on AsusWRT-Merlin website http://asuswrt.lostrealm.ca/features

Hello, what is your OS and which software do you run to connect to our service? When your system is allegedly connected to the VPN, browse to: http://ipleak.net and verify carefully all the data. Feel free to open a ticket to get proper support. In the ticket please include the connection logs of the software you use to connect. If you run our client please click "Logs" -> "Copy to clipboard" and paste everything into your message. Kind regards

Hello! It appears that OpenVPN is already running (and running fine, connected to a VPN server and tunneling traffic). Since the Air client Eddie is an OpenVPN wrapper (i.e. it "drives" OpenVPN, consider it as a layer above OpenVPN with a lot of additional commodities, which also translates your commands to OpenVPN), it will refuse to start a new OpenVPN instance if it finds that another OpenVPN instance is already running, warning you with the message "OpenVPN is already running". While the Air client is not running, open up again the task manager and terminate the process "openvpn.exe" (note: this will disconnect your system from the VPN). Then re-run Eddie. Kind regards

Website: http://www.rsi.ch/ Website: http://www.srf.ch/ Swiss public television channels (RSI, SRF). Status: OK Native: CH servers. Routing: All other servers.

@2Girls1CPU Hello, we provide a DDNS which is already included in any AirVPN account subscription and that does exactly what you're asking for: https://airvpn.org/topic/9314-what-is-dynamic-dns Kind regards I was tentative to mention AirVPN's DynDNS feature because of the prominent "Warning: DDNS doesn't work correctly with two o more connections." I suspect most users will be using two or more connections. Hello! That's very true, thanks for the clarification. Kind regards Disclaimer: DynDns is a registered trademark by Dynamic Network Services, Inc. AirVPN does not use anywhere in its service, web site, forums and support tickets the term "DynDns" to indicate or describe AirVPN DDNS.

@2Girls1CPU Hello, we provide a DDNS which is already included in any AirVPN account subscription and that does exactly what you're asking for: https://airvpn.org/topic/9314-what-is-dynamic-dns Kind regards

That's correct, when Network Lock is enabled outgoing IPv6 packets are blocked. Additionally Eddie has an option to disable IPv6 completely in Windows, it seems that it's this option that in hugomueller's system does not work as well, on top of firewall malfunction in the same system. Since the problem can't be reproduced in our testing systems and is not a problem for thousands and thousands of other systems based on Windows, we think that it's a very peculiar problem in the hugomueller's system which also seems to have additional, various internal problems. Kind regards

Hello, we have insert swiss tv (rsi.ch, srf.ch) in our anti-geo-blocking service. Can you try again and confirm that it works now ? Kind regards