Staff

Hello, we have had problems affecting *.airdns.org names with our authoritative DNS servers for approximately 3 hours. The problem has been fixed. at 14-Jul-15 6.30 PM UTC Kind regards

Hello, we confirm that the problem has been fixed. Kind regards

Hello! The problem has been fixed. Kind regards

Hello! Currently we have a problem with authoritative DNS servers and we're investigating. Use IP addresses (or our free and open source client Eddie) in the meantime, please. In our Configuration Generator tick "Advanced Mode", then tick "Resolved hosts in .ovpn file". Kind regards

Hello! Currently we have a problem with authoritative DNS servers and we're investigating: 2015-07-14 08:37:17 RESOLVE: Cannot resolve host address: us.vpn.airdns.org:443 (No address associated with hostname) Use IP addresses (or our free and open source client Eddie) in the meantime, please. In our Configuration Generator tick "Advanced Mode", then tick "Resolved hosts in .ovpn file". Kind regards

ipleak.net shows any kind of information that a website can detect about you. It's generally used to check if there are leaks (IP, DNS, RTC etc.) with a connection to a VPN, Tor, proxy etc. We developed it with updated state-of-the-art techniques to detect leaks. The main page performs around 30 DNS detection tests to build a list. A single detection can be done with: https://random_long_hash.ipleak.net/ Replace random_long_hash with a random hash on every request. You can also query any IP address: https://ipleak.net/8.8.8.8 or any qualified domain name: https://ipleak.net/nl.airvpn.org API available here

You can obtain data from ipleak.net trough an API, by querying the directory json or xml or php. We don't require any authorization or API key for this service. It's provided as a best-effort service. We limit requests in time-range for specific IP addresses if anyone runs too many requests to preserve availability of this service. For example, to fetch data about your IP in json format: https://ipleak.net/json/ To forceIPv4 usage: https://ipv4.ipleak.net/json/ To force IPv6 usage: https://ipv6.ipleak.net/json/ To fetch data about the IP address 8.8.8.8 in xml format: https://ipleak.net/xml/8.8.8.8 To fetch data about detected DNS in json format (replace [session] with a random hash (40 chars long) and [random] with random chars every request). Perform many request with same [session] and different [random] to populate. https://[session]-[random].ipleak.net/dnsdetection/ Fields query_text Your query text query_type Can be myip, mydns, ip or domain query_date Unix timestamp of server result. level Level of detail. Can be min or max. Only some IP addresses are fetched for all available data (max levels) cache Unix timestamp of data accuracy, if the level is max. Data at min level are always in real time. Fields like Tor and reverse are always in real time. ip The IP address. country_code Country ISO code country_name Country Name tor If the IP address matches a Tor Exit Node. reverse Reverse lookup. The above fields are always provided. Other fields may be available if additional data is available. If you query a qualified domain name, every IP address it resolves into is available under an ips data node. Reserved address If the address is an IANA special address, data will contain special fields. See as an example 127.0.0.1 ( xml, json) Check IANA IPv4 / IPv6 Special-Purpose Address Registry for more information about the fields.

On top of the staff's clarifications, I would like to point out that the "Network Lock" feature will prevent DNS leaks as it will only allow traffic to go to the VPN server, hence cutting off any connection to any other DNS server other than AirVPN's. Hello, an additional clarification is here needed. Network Lock does not block communications to your router. Now, assume that you run Windows, that you disable "Force DNS" Eddie option, that the primary nameserver of your Windows physical network card is set to the router IP address and that the router in turn queries your ISP DNS. When Windows sends a DNS query from the physical interface (and sooner or later it will happen) that query will go unencrypted to the router, which in turn will query, again in clear text, your ISP DNS. For the above reasons, Network Lock does not prevent DNS leaks in this very specific circumstance, and that's why "Force DNS" is set by default on Eddie from version 2.9.2. "Force DNS" sets VPN nameservers on all the system interfaces. If we want a Network Lock that's also a DNS leak prevention on Windows, then it must block all packets to router port 53, but this solution must be evaluated carefully because it could pose some issues in other specific setups (for example where a box is also a DNS server for resolution of local names). Kind regards

Hi! Just a clarification which is extremely important. This is not how Network Lock works. It would be catastrophic if Network Lock worked in that way! Network Lock is a set of firewall rules to prevent any leak. It does not matter whether the connection to the VPN is working or not, whether the traffic is tunneled or not, the firewall rules are the same. This is vital, otherwise it would be impossible to prevent a leak while the traffic is properly tunneled, it would be impossible to prevent leaks in case VPN connection went down undetected. it would be impossible to prevent leaks from programs binding unexpectedly to your physical network card. Such problems affect kill switches and they are some of the reasons (there are additional, important reasons too) for which kill switches do not deserve any consideration. See also https://airvpn.org/faq/software_lock Kind regards

Hello, checking routes requires just a few hundreds bytes... you can disable it anyway. Kind regards

Hello! No, Eddie does not include Tor. It includes features to use OpenVPN over Tor swiftly, but anything related to Tor installation is up to the system administrator. Kind regards

Hello, that's a known bug affecting Eddie 2.8.8 and older versions, fixed in 2.9.2 and 2.10.1 Experimental, therefore you probably need to upgrade. https://airvpn.org/services/changelog.php?software=client&format=html You also need to fix the syntax of your command invoking the Air client, all the options start with a "-" symbol. https://airvpn.org/topic/11541-command-line-edition-and-syntax Kind regards

Hello, if you have a rooted device you can disable IPv6. Otherwise at the moment we can't provide any solution. Kind regards

Hello, direct OpenVPN connections are disrupted in most China lines since years ago, you were lucky that yours was not. OpenVPN over SSL will solve the problem just like over SSH, but probably with higher performance (apparently, SSH is allowed on every line but it is shaped more than SSL/TLS to port 443). Please select "SSL Tunnel - Port 443" in client menu "AirVPN" -> "Preferences" -> "Protocols". Kind regards

Hello, you are not watching properly. Windows DNS leaks are prevented by our free and open source client Eddie and we have also published several articles to prevent them for those persons who are not willing to run our client. Eddie is available for Linux, OS X and Windows. It can be used both in graphical and in command line mode. Eddie also performs a DNS check that's not crackable at the beginning of the connection, We maintain a whole website aimed to this and many additional tests http://ipleak.net Our service provides same VPN IP addresses for nameserver and gateway, preventing DNS hi-jacking attacks. We run our internal VPN DNS based on root servers which also resolve host names in OpenNIC and Namecoin operated namespaces. Additionally, our free and open source client Eddie: includes a Network Lock feature https://airvpn.org/faq/software_locksupports DNS push through resolvconf in Dynamic Mode or via rough resolv.conf renaming in Linuxcorrectly handles DNS push in OS X Mavericks and Yosemiteallows usage of OpenVPN over Tor without middle-boxes solving the "infinite route looping problem"lets the advanced user to customize routesallows execution of custom scripts at App Start, App End, Session Start, Session End, VPN Pre, VPN Up and VPN Downallows total customization of OpenVPN directivesincludes options to modify socket buffers sizesincludes advanced DNS check and route check (both can be de-activated anyway)correctly communicates with OpenVPN Management and with Tor ControlMost of the above features are not available in any competitor's software. Additionally, most of our competitors' software (if not all?) is closed source. Kind regards

Hello, Eddie portable version has always been available. Under Windows you still need installation of the tun/tap driver (which is not included by default in Windows). No such problem exists in Linux (provided that the tun module is there, as it happens in 99.9% of the cases) or OS X, of course. Kind regards

Hello! Our servers implement OpenSSL 1.0.1k (not affected), Eddie 2.9.2 includes 1.0.1k (not affected) and Eddie 2.10.1 includes 1.0.2a (not affected). OpenVPN packages with installers I603 and I003 are now bundled with 1.0.1p, not affected: https://openvpn.net/index.php/open-source/downloads.html If you're not running our client Eddie and you run OpenVPN for Windows with OpenSSL 1.0.1o, upgrading is recommended. openvpn-connect for Android and iOS uses PolarSSL, not OpenSSL. We are planning to release a new Eddie version soon after some additional bug-check, but currently there is no time pressure. Kind regards

Hello, try to change "DNS Switch Mode" (in "AirVPN" -> "Preferences" -> "Advanced" -> "DNS") into "Renaming". In case your resolvconf package is not working in Dynamic Mode, this will fix the issue. Kind regards

Hello! The three days free trial is a premium subscription which is just like any other premium subscription, there is no difference. In order to connect to a server you have various options: - let the client ("Eddie") pick the highest rated server. The rating of each server is calculated with a formula based on several parameters - define a white list of servers and let Eddie pick the best server inside that white list - manually pick a server - manually pick a country and let Eddie pick the highest rated server in that country If a connection to some server fails, Eddie tries to connect to the highest rated server. If a white list is defined, Eddie will pick the highest rated server from inside the white list only. If a black list is defined, Eddie will pick the highest rated servers outside the black list. Kind regards

Hello, you misunderstood. Network Lock acts at firewall level so it will prevent "WebRTC leaks" regardless any application you run. Kind regards

Hello! This 4th of July we're teaming up with BestVPN.com to bring you a fantastic Independence Day offer, as well as the chance to win a 13” MacBook Air! We’re providing you with a 30% discount on the day (UTC), and 10% off until August 4th. To claim these great offers, and take part in their competition, just head over to their VPN Coupons page. BestVPN, arguably the best VPN comparison website around, has also launched a brand new website in order to celebrate this great day. In our opinion it is very important that BestVPN.com is one of the VPN reviews web sites that never asked us for payments for their reviews, which is a paramount requisite for an unbiased review. We are very proud of the fact that they have recently voted AirVPN the most secure VPN provider around. Kind regards and datalove AirVPN Staff

Hello! Thank you for your great feedback! We never use VPS for our VPN servers and for main AirVPN infrastructure servers, we only operate dedicated servers. Kind regards

Hello! It looks like this problem: https://airvpn.org/topic/12818-setting-up-openvpn-on-pfsense Please check the above linked thread, it could provide a solution that's suitable for you too. Kind regards

Hello, we don't know which account the writer refers to: the account he/she is writing from has been created very recently, has no tickets history and no subscriptions. All the personal information of an account (if any) are deleted within 30 days after the request according to the Tos and the Privacy Notice. If a totally unverified account owner writing in the forum can undermine our reputation with an old time customer like you, then we should evaluate to not approve posts with claims that we can't verify, but it's a practice that we would like to avoid if possible. EDIT - UPDATE: we have just checked that all account personal information requests for deletion have been accomplished as usual, except one, which anyway was requested a few days ago (so there is still a lot of time to satisfy this request - assuming that personal data have been entered). We would therefore rule out any human error by the person responsible for the treatment of personal data and we confirm that deletion of personal data has been going on regularly as usual in the last five years. As we always did, we anyway recommend that you do not put any personal data in your account during registration in the first place, this a normal and obvious principle of prudence which also makes irrelevant our policy about deletion of personal data. If any mistake is made during the registration process by a user, we're here to assist as we always did in five years. Kind regards

Hello, your traffic is encrypted from your node to the VPN server ONLY. For encryption up to the end destination (if the end destination supports it) you need end-to-end encryption. The encryption layer provided by OpenVPN ends on the VPN exit node for your outgoing packets, and starts on the VPN servers for your incoming packets. Please see also here: https://airvpn.org/topic/9165-what-is-a-vpn Kind regards