Staff

Hello! Problem fixed, can you try again at your convenience? Kind regards

Yes. We had an agreement for a network neutral datacenter but clearly it's not the case. Staff members will have a meeting very soon to decide what to do. Kind regards

Hello, thank you for your question which provides us with an additional opportunity to clarify our rules and, once again, our mission. We confirm that we do not monitor online activities of our OpenVPN clients and that we do not inspect traffic. However, it's perfectly possible to verify some infringements of our ToS without monitoring activities and without inspecting traffic. Just two trivial examples to make it clear. 1) A customer runs a web site or an FTP server behind one of our VPN servers which infringes, or aids or abets infringement of, human rights as enshrined in the ECHR. A human rights defending organization or a jurisdictionally competent authority warns us or one of our providers about the infringement. We proceed, on the Internet (no connection to VPN servers required), to verify the claim and if we see that the claim of the infringement is correct, at our sole discretion, we start a procedure for violation of our ToS. 2) A customer runs a web site behind one of our VPN servers which surreptitiously tries to inject malware. We receive a complaint for that and we proceed as above. It must be clear that we are configured as a mere conduit of information as providers of a service in the Information Society according to Directive 2000/31/EC (see below articles 12, 14 and 15). When our service can be assimilated to "hosting" (this is possible due to remote port forwarding), an essential requisite to have exemption of liability for infringements perpetrated by users of our service, is acting "expeditiously" to put an end to an infringement when we are notified about it. While a "notification" can be interpreted as an official notification by a jurisdictionally competent authority only, in cases of alleged infringements of human rights, malware injections, phishing services aimed to catch fraudulently personal data,, and services aiding or abetting infringements of human rights (including the fundamental right to privacy), we proceed to check claims even if they come from private entities, when such entities have (at our sole discretion) a good reputation and/or can provide (at our sole discretion) substantial proof. The general reasons for which we are willing to extend scope of article 14.3, even when we are not legally bound to do so: a quick intervention can be essential when human rights are at stake and other critical activities are being performeda lack of intervention and/or a delayed intervention may imply a betrayal of our mission and/or cause substantial damage to human beings and/or harm safety of a human being Article 12 "Mere conduit" 1. Where an information society service is provided that consists of the transmission in a communication network of information provided by a recipient of the service, or the provision of access to a communication network, Member States shall ensure that the service provider is not liable for the information transmitted, on condition that the provider: (a) does not initiate the transmission; ( does not select the receiver of the transmission; and © does not select or modify the information contained in the transmission. 2. The acts of transmission and of provision of access referred to in paragraph 1 include the automatic, intermediate and transient storage of the information transmitted in so far as this takes place for the sole purpose of carrying out the transmission in the communication network, and provided that the information is not stored for any period longer than is reasonably necessary for the transmission. 3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States' legal systems, of requiring the service provider to terminate or prevent an infringement. Article 14 Hosting 1. Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the information stored at the request of a recipient of the service, on condition that: (a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or ( the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information. 2. Paragraph 1 shall not apply when the recipient of the service is acting under the authority or the control of the provider. 3. This Article shall not affect the possibility for a court or administrative authority, in accordance with Member States' legal systems, of requiring the service provider to terminate or prevent an infringement, nor does it affect the possibility for Member States of establishing procedures governing the removal or disabling of access to information. Article 15 No general obligation to monitor 1. Member States shall not impose a general obligation on providers, when providing the services covered by Articles 12, 13 and 14, to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity. 2. Member States may establish obligations for information society service providers promptly to inform the competent public authorities of alleged illegal activities undertaken or information provided by recipients of their service or obligations to communicate to the competent authorities, at their request, information enabling the identification of recipients of their service with whom they have storage agreements. Kind regards

UPDATE 24-JUL-15: SERVER WILL BE WITHDRAWN Hello! We're very glad to inform you that a new 200 Mbit/s server located in the Republic of Korea (South Korea) is available: Dsiban. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Dsiban supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

How long usually a trial request will be granted? I submitted the request yesterday and now got only an automatic reply. Hello, it takes 0-72 hours and you will get in most cases only replies from a bot. If you need to ask questions to the support team you must not select "Trial request", but you must send your ticket either to "Support" or to "Sales" department. Kind regards

Hello, since Latvia, Lithuania and Sweden are Member States of the European Union, their laws must comply to EU Directives and Regulations. The national governments must transpose approved by the Council and the Parliament Directives into national law within the usual term of 18 months, however a Directive is binding even if it has been wrongly implemented or not implemented at all. See also doctrine of direct effect: https://en.wikipedia.org/wiki/Directive_%28European_Union%29 and Supremacy of European Union Law: https://en.wikipedia.org/wiki/Supremacy_of_EU_law Of course, this says nothing about illegal or secret actions of a State body (usually while many other bodies of the very same State are not aware of such actions) but that's true for every and each country in the world. Kind regards

Hello, we do not detect any problem. Your data are not sufficient to say anything more specific. The only sure thing is that the problem is on your side simply because it's impossible that 6 different datacenters with more than a dozen different transit providers have all the same identical problem at the same time. We recommend that you open a ticket if you want support and send the logs pertaining to the problem. Kind regards

Hello, this looks like your problem, not ipleak problem. Maybe your browser, it's hard to tell. Remember to wait enough (even 30-40 seconds) to complete the DNS test. If it still fails, try some other service. That happens only when necessary and it's perfectly fine. Kind regards

Hello, this is correct, it's just a MaxMind database error (MaxMind database is queried by ipleak.net). This is again correct, we have a DNS server in Ireland that's queried (only when necessary) by VPN servers. It's still working just fine. The important problem we had on July 14 was with authoritative DNS servers for airdns.org. The problem lasted three hours and was solved (see previous post in this thread). Kind regards

Hello, we have had problems affecting *.airdns.org names with our authoritative DNS servers for approximately 3 hours. The problem has been fixed. at 14-Jul-15 6.30 PM UTC Kind regards

Hello, we confirm that the problem has been fixed. Kind regards

Hello! The problem has been fixed. Kind regards

Hello! Currently we have a problem with authoritative DNS servers and we're investigating. Use IP addresses (or our free and open source client Eddie) in the meantime, please. In our Configuration Generator tick "Advanced Mode", then tick "Resolved hosts in .ovpn file". Kind regards

Hello! Currently we have a problem with authoritative DNS servers and we're investigating: 2015-07-14 08:37:17 RESOLVE: Cannot resolve host address: us.vpn.airdns.org:443 (No address associated with hostname) Use IP addresses (or our free and open source client Eddie) in the meantime, please. In our Configuration Generator tick "Advanced Mode", then tick "Resolved hosts in .ovpn file". Kind regards

ipleak.net shows any kind of information that a website can detect about you. It's generally used to check if there are leaks (IP, DNS, RTC etc.) with a connection to a VPN, Tor, proxy etc. We developed it with updated state-of-the-art techniques to detect leaks. The main page performs around 30 DNS detection tests to build a list. A single detection can be done with: https://random_long_hash.ipleak.net/ Replace random_long_hash with a random hash on every request. You can also query any IP address: https://ipleak.net/8.8.8.8 or any qualified domain name: https://ipleak.net/nl.airvpn.org API available here

You can obtain data from ipleak.net trough an API, by querying the directory json or xml or php. We don't require any authorization or API key for this service. It's provided as a best-effort service. We limit requests in time-range for specific IP addresses if anyone runs too many requests to preserve availability of this service. For example, to fetch data about your IP in json format: https://ipleak.net/json/ To forceIPv4 usage: https://ipv4.ipleak.net/json/ To force IPv6 usage: https://ipv6.ipleak.net/json/ To fetch data about the IP address 8.8.8.8 in xml format: https://ipleak.net/xml/8.8.8.8 To fetch data about detected DNS in json format (replace [session] with a random hash (40 chars long) and [random] with random chars every request). Perform many request with same [session] and different [random] to populate. https://[session]-[random].ipleak.net/dnsdetection/ Fields query_text Your query text query_type Can be myip, mydns, ip or domain query_date Unix timestamp of server result. level Level of detail. Can be min or max. Only some IP addresses are fetched for all available data (max levels) cache Unix timestamp of data accuracy, if the level is max. Data at min level are always in real time. Fields like Tor and reverse are always in real time. ip The IP address. country_code Country ISO code country_name Country Name tor If the IP address matches a Tor Exit Node. reverse Reverse lookup. The above fields are always provided. Other fields may be available if additional data is available. If you query a qualified domain name, every IP address it resolves into is available under an ips data node. Reserved address If the address is an IANA special address, data will contain special fields. See as an example 127.0.0.1 ( xml, json) Check IANA IPv4 / IPv6 Special-Purpose Address Registry for more information about the fields.

On top of the staff's clarifications, I would like to point out that the "Network Lock" feature will prevent DNS leaks as it will only allow traffic to go to the VPN server, hence cutting off any connection to any other DNS server other than AirVPN's. Hello, an additional clarification is here needed. Network Lock does not block communications to your router. Now, assume that you run Windows, that you disable "Force DNS" Eddie option, that the primary nameserver of your Windows physical network card is set to the router IP address and that the router in turn queries your ISP DNS. When Windows sends a DNS query from the physical interface (and sooner or later it will happen) that query will go unencrypted to the router, which in turn will query, again in clear text, your ISP DNS. For the above reasons, Network Lock does not prevent DNS leaks in this very specific circumstance, and that's why "Force DNS" is set by default on Eddie from version 2.9.2. "Force DNS" sets VPN nameservers on all the system interfaces. If we want a Network Lock that's also a DNS leak prevention on Windows, then it must block all packets to router port 53, but this solution must be evaluated carefully because it could pose some issues in other specific setups (for example where a box is also a DNS server for resolution of local names). Kind regards

Hi! Just a clarification which is extremely important. This is not how Network Lock works. It would be catastrophic if Network Lock worked in that way! Network Lock is a set of firewall rules to prevent any leak. It does not matter whether the connection to the VPN is working or not, whether the traffic is tunneled or not, the firewall rules are the same. This is vital, otherwise it would be impossible to prevent a leak while the traffic is properly tunneled, it would be impossible to prevent leaks in case VPN connection went down undetected. it would be impossible to prevent leaks from programs binding unexpectedly to your physical network card. Such problems affect kill switches and they are some of the reasons (there are additional, important reasons too) for which kill switches do not deserve any consideration. See also https://airvpn.org/faq/software_lock Kind regards

Hello, checking routes requires just a few hundreds bytes... you can disable it anyway. Kind regards

Hello! No, Eddie does not include Tor. It includes features to use OpenVPN over Tor swiftly, but anything related to Tor installation is up to the system administrator. Kind regards

Hello, that's a known bug affecting Eddie 2.8.8 and older versions, fixed in 2.9.2 and 2.10.1 Experimental, therefore you probably need to upgrade. https://airvpn.org/services/changelog.php?software=client&format=html You also need to fix the syntax of your command invoking the Air client, all the options start with a "-" symbol. https://airvpn.org/topic/11541-command-line-edition-and-syntax Kind regards

Hello, if you have a rooted device you can disable IPv6. Otherwise at the moment we can't provide any solution. Kind regards

Hello, direct OpenVPN connections are disrupted in most China lines since years ago, you were lucky that yours was not. OpenVPN over SSL will solve the problem just like over SSH, but probably with higher performance (apparently, SSH is allowed on every line but it is shaped more than SSL/TLS to port 443). Please select "SSL Tunnel - Port 443" in client menu "AirVPN" -> "Preferences" -> "Protocols". Kind regards

Hello, you are not watching properly. Windows DNS leaks are prevented by our free and open source client Eddie and we have also published several articles to prevent them for those persons who are not willing to run our client. Eddie is available for Linux, OS X and Windows. It can be used both in graphical and in command line mode. Eddie also performs a DNS check that's not crackable at the beginning of the connection, We maintain a whole website aimed to this and many additional tests http://ipleak.net Our service provides same VPN IP addresses for nameserver and gateway, preventing DNS hi-jacking attacks. We run our internal VPN DNS based on root servers which also resolve host names in OpenNIC and Namecoin operated namespaces. Additionally, our free and open source client Eddie: includes a Network Lock feature https://airvpn.org/faq/software_locksupports DNS push through resolvconf in Dynamic Mode or via rough resolv.conf renaming in Linuxcorrectly handles DNS push in OS X Mavericks and Yosemiteallows usage of OpenVPN over Tor without middle-boxes solving the "infinite route looping problem"lets the advanced user to customize routesallows execution of custom scripts at App Start, App End, Session Start, Session End, VPN Pre, VPN Up and VPN Downallows total customization of OpenVPN directivesincludes options to modify socket buffers sizesincludes advanced DNS check and route check (both can be de-activated anyway)correctly communicates with OpenVPN Management and with Tor ControlMost of the above features are not available in any competitor's software. Additionally, most of our competitors' software (if not all?) is closed source. Kind regards

Hello, Eddie portable version has always been available. Under Windows you still need installation of the tun/tap driver (which is not included by default in Windows). No such problem exists in Linux (provided that the tun module is there, as it happens in 99.9% of the cases) or OS X, of course. Kind regards