Staff

Hello, there are no DNS leaks in GNU/Linux. If your system queries for example OpenDNS while the system is connected to some VPN server, the DNS queries will be anyway tunneled up to the VPN servers, before going to OpenDNS servers. Nothing to do with DNS leaks which plague systems with incomplete DNS implementation (for example WIndows). However, and obviously, if your system sends the queries to the router DNS server, then the handling of such queries becomes a matter of the router, which may "forward" them out in clear text to the DNS set in the router itself. Again, this is not a GNU/Linux DNS leak. About the bonuses you get by using VPN DNS please see https://airvpn.org/specs Kind regards

Hello! Geo-location is not based on IP address only. You must consider HTML5 geo-location and other methods, especially when you use mobile devices. Or simply correlations: for example, if your system and browser are set in German (language) and the time zone matches with Berlin CET or CEST, the final service you connect to might assume that you're from Germany (in your case, it would guess successfully). So: one issue is not showing the "real" IP address (i.e. the IP address assigned to some device of yours by your ISP); one different issue is geo-location. The IP address is a single element to be considered in geo-location but it's not the only one. Kind regards

Hello! In "AirVPN" > "Preferences" > "DNS" untick "Check AirVPN DNS", set "DNS Switch Mode" to "Disabled" and add the DNS servers of your choice in the box. Kind regards

Hello! You all forgot to include the "ifconfig file" you cite. In any case, we would recommend that one, some or all of you open a ticket (please open just one ticket in total) to receive proper support from the Air support team. Here, anyway, you will receive support from the community, which is usually excellent. Kind regards

Hello! To those who have the issue about a message like Unknown interface IDor Unexpected: NetLock WFP rule doesn't exists(andeby, internet_user, LZ1) Please edit your network interface (Control Panel\Network and Internet\Network Connections) and re-enable the "Internet Protocol Version 6 (TCP/IPv6)" checkbox. Don't worry, Eddie implements IPv6 lock. And de-check the flag "Disable IPv6 at OS level if requested" under Settings -> Advanced. It's still a bug that prevents usage with IPv6 disabled, it will be fixed soon. Kind regards

Hello! Yes, we'll do it on the next release. Kind regards

Hey wait, when one does not use profiling cookies, he/she is not obliged to ask the user for permission to install cookies. But it is good to inform the user that profiling cookies are not used at all. Kind regards

Hello! It is almost offensive to read the above when we are the only service in the world in our field that publishes a real time servers monitor that can be cross-checked to verify we are not lying about our commitment against overselling. The reality is the exact opposite of what you said. We work to squeeze up to the last bit/s on each server line. The issue is challenging even with our AES-NI supporting processors, because we are working with a software (OpenVPN) that can run only in a single core of a CPU (per daemon), and in a semi-complex environment, in which the load on the CPU does not grow linearly (or in some other predictable way, at the moment we did not find any) with the amount of clients per daemon. Just so you have an idea about the above problems (probably other services will not even tell you they exist) have a look here: https://community.openvpn.net/openvpn/wiki/Gigabit_Networks_Linux After that, consider that our cipher for the payload of both Data and Control Channel is AES-256. When you have done your homework, come back here and probably your messages will be fairer. Kind regards

Previous 2.11 was working because the old beta used Windows Firewall by default, the new beta use another new method (WFP). You have an unexpected situation, Eddie doesn't always detect TAP ID to inform WFP to allow the network in NL mode. This is the issue of @internet_user, LZ1, and andeby. We are looking for a solution, but at the moment it doesn't occur on any of our lab machines. Ok, it will be done in the next build. Eddie opens link in the default browser. Does anyone else have this issue? It's on "Automatic" by default... Sounds good. Kind regards

Hello, we don't use cookies to track / profile a user, but we do use cookies on the web site. Without cookies no logging based on username and password would be possible and additional features would not be available. It would be a watered down WWW and alternative approaches should be tried. Kind regards

Thank you both very much, our monitoring system failed to detect the problem. We will investigate soon. Kind regards

We have several frontend servers strategically deployed around the world for any occurrence. We can change airvpn.org DNS records according to needs. Kind regards

Good, so it should be some other problem, not a specific regression of 2.11.2 (good for 2.11.2 we mean!). Maybe it's just a DNS issue, unrelated to Network Lock, that you have since you used Eddie 2.10.3 (it had a bug for which under peculiar circumstances it did not restore properly previous DNS settings in Windows interfaces). So a plausible explanation is that you have the impression you have no connectivity, but in reality you have it. It's only that the system can't resolve names. Kind regards

Hello! Understood and we repeat that it's not how Network Lock is expected to work. Is this happening with Eddie 2.11.2, or did you have this behavior on Eddie 2.10.3 as well? Kind regards

Hello, no, we're sorry, the remote-random directive will have no effect on the Air client, because the client picks a single server anyway. It picks the highest rated server (in the white list, if one is defined). You can anyway define your own white lists and of course pick manually a VPN server. Yes, that's already implemented since a long ago. You have score, latency, load and number of users. You can re-order your list (or white list) per each of these column, by clicking on the column labels. Kind regards

@LZ1 Network Lock is "not active" if Eddie is not running, unless it crashed. When you shut down the software, previous firewall rules (or WFP settings) are restored. This is precisely consistent on all system and with all previous Eddie versions, nothing has changed. Sockets buffers size are set on system defaults on all OS, except in Windows, where the size picked by the system is not acceptable (too small). See the changelog. The menu button is lighted off. When the mouse pointer slides over it turns on. Kind regards

Hello! New version 2.11.2beta is now available. Version 2.11.0beta is no more available and RC. Changelog from 2.11.0beta: [bugfix] OS X - Application Signature[change] Windows - Bundled with TAP version 9.21.2[bugfix] Countries list bugfixes.[change] Windows - Message about upgrading TAP driver[bugfix] Routes -> Outside the VPN tunnel now works[bugfix] Windows/Linux - UI glitch on Network Lock settings with the "Outside the VPN tunnel" settings.[bugfix] Windows/Linux - Minimal UI fixes[bugfix] Linux - Privileges detection on some platform (ArchLinux for example)[bugfix] Windows - WFP mode fixes about Win7/Vista compatibility issues[bugfix] Windows - WFP mode now set by default.[new] Windows/Linux - Column reorder / saving position, width, sorting for servers/areas/logs listKind regards

Hello, the domain name of this "kat" has been seized (before any due process in any jurisdiction, as far as we understand), but were the servers seized as well? Does anyone have the correct, old IP address or addresses? Kind regards

Right. Of course: making clients reachable from the Internet is the very purpose of remote port forwarding. As a side note, what you say can not be done by a client of the VPN server (because you can't communicate with nodes in a VPN if you are connected to the same VPN) but can be done by anybody else on the Internet. Also, it must be assumed that the clients that forwarded ports are in that moment connected to that VPN server, obviously. Kind regards

Hello, the higher the score the better. The lower the latency the better. Kind regards

This is and has been routinely done for years through the proper forum and the Twitter and Facebook accounts (although, as you say, luckily it was rarely necessary) but today something went wrong for a series of unfortunate events. Anyway, downtime for Eddie client did not exceed 10 hours, and there was no infrastructure inherent problem (this was the main cause of the unusual reaction delay). Kind regards

Hello! Yes, it's normal, even with Network Lock enabled. That's the VPN IP address (therefore a private address), assigned to your tun/tap interface (the virtual network interface used by OpenVPN). Please see also here: https://airvpn.org/specs It does not affect your privacy or the anonymity layer in any way. Kind regard

Hello! Only Eddie, yes. The failure was in the routes check because the certificates deployment failure caused a TLS trust relationship failure. If you didn't perform this additional check (because you disabled this option in Eddie, or used OpenVPN or any other OpenVPN wrapper/frontend) you couldn't see the problem. Kind regards

The funny thing is that you wrote this message while you are connected to a Netherlands server. Kind regards

Hello! We're glad to know it. However both the Air client and OpenVPN GUI use OpenVPN to tunnel traffic etc. Please check whether they are both using the same OpenVPN version and the sockets buffers sizes (set them to 256 KB in the Air client menu "AirVPN" > "Preferences" > "Advanced" > "General"). Kind regards