Staff

Hello, might it be that the OpenVPN version you run directly is not the same version run by Eddie? Compare OpenVPN logs version output in Eddie logs with OpenVPN logs version output when you run it directly. Kind regards

There are no DNS leaks on Linux. What it could happen is that your torrent client queries its own DNS servers bypassing resolv.conf, but the query is tunneled anyway. Kind regards

Hello! We're very glad to inform you that new 1 Gbit/s servers located in Canada are available: Almach and Spica. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Almach and Spica support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that new 1 Gbit/s servers located in the Netherlands are available: Botein and Mizar. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Botein and Mizar support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Exactly! Kind regards

Hello, yes, the forum board does not log IP addresses. Kind regards

Hello, what is vulnerability 5906907 according to Kaspesrky? Kind regards

Hello! .airvpn.org resolves into all the possible entry-IP addresses of VPN servers on that country, so the choice is random and performed by your OS. For a more accurate selection you can use .vpn.airdns.org (for example "de.vpn.airdns.org") which resolves into one IP address, i.e. the IP address of the VPN server with the best rating in that country. For the most accurate selection according to latency our client Eddie is recommended, or you should look at the real time servers monitor on our web site (click "Status" from the upper menu of our web site). About the rating method please see here (the last part of the post): https://airvpn.org/topic/12671-upgrades-for-eddie/?do=findComment&comment=21663 Kind regards

Hello, try to tick "Force DNS" in "AirVPN" -> "Preferences" -> "Advanced". Kind regards

Hello! Our apologies, we fixed a little bug in our TOR detection system. Now ipleak.net reports correctly if an IP address is associated to a Tor Exit (exit versus 8.8.8.8). Take for example Pallas, the information about the relay is public: https://atlas.torproject.org/#search/37.48.80.175 We inevitably know which AirVPN users are, because they forward the ORPort and DirPort to do that. We remind you that AirVPN already powers two Relays and funds TorServers.net (1000 EUR every other month) to power an Exit node. Note: it's disappointing that TorServers.net has our Exit node down at the moment. We are investigating about this, and also thinking about the option to run ourselves one or more Tor Exit node. We are evaluating whether to send a private notification to all AirVPN users that are running a Tor exit node behind one of our servers with a link to this topic. Kind regards

Hello! It seems all right, probably the tun/tap interface DNS servers are set to accept DHCP-push, which is fine. Kind regards

Hello, what happens if you try a connection in TCP? With our client Eddie you can change connection mode in "AirVPN" -> "Preferences" -> "Protocols". In your laptop, try for example port 443, protocol TCP. Have a check to antivirus software (if any) as well, just in case it's blocking openvpn.exe Kind regards

Hello, although many ipleak.net data are cached over time, Tor detection is always in real time. Currently (at the time of this writing) there are no servers marked as Tor exit nodes. We are monitoring when a server is marked as Tor exit node for further investigation. Kind regards

Hello! Some additional considerations on the whole discussion. It seems somehow paradoxical that some of our customers explicitly ask for Net Neutrality violation when they look exactly for a service capable to respect Net Neutrality with no discriminations against any protocol. As soon as Net Neutrality respect brings inconveniences created by third-parties, we are somehow invited to send such respect into the trashcan. We tend to think that it would be more appropriate and honest to focus energy and protests against those services whose administrators actively contribute to destroy the open Internet, with Tor indiscriminate bans, huge blacklists which block millions of IP addresses just because they are 'used as NAT' or because they are used to operate dedicated servers. It seems unquestionable that the concept behind such actions is an Internet where end-to-end principle and privacy are deemed as negative features to be fought. Remember our philosophy and mission: banning a server of ours because it's a source of problems appears as a very questionable action. It is the same error that some services do with Tor: to hit someone, they ban innocent users who love their privacy or who are forced to use Tor to bypass censorship in their country. If our servers or a Tor node are performing vulnerability scan, service needs to fix the vulnerability, not blame who caught it red handed. If our servers or a Tor node are wasting a service resource, service operators need to learn how to configure well their systems. If a service can't afford a method to manage spam, it should close the discussion system, it would be better for all. For all of the above, AirVPN will never violate Net Neutrality, and so we'll never commit any action to help "incompetent services". Kind regards AirVPN Staff

Case study: Currently (04/12/2014 00:49) users on Riguel cannot edit Wikipedia. The Riguel exit IP is 95.211.186.118. MaxMind - https://www.maxmind.com/en/home considers that IP address as Anonymous Proxy. whatismyipaddress.com - http://whatismyipaddress.com/geolocation-providers uses MaxMind database. Wikipedia has its own project to detect proxy. http://en.wikipedia.org/wiki/Wikipedia:WikiProject_on_open_proxies We entered the Riguel exit IP in the unblock requests area, and this message has been displayed: Conclusion: Wikipedia prevents Riguel users to edit articles only because MaxMind considers Riguel as a proxy. No Tor or other reason in this case. Kind regards

Hello! It may happen that some VPN servers are used to insert spam in forums, are categorized as proxy servers by services like MaxMind and it may happen that a Tor exit node is used behind a VPN server. Currently no VPN server is considered a Tor exit node. It's a highly dynamical list. A flag which identifies VPN servers which are in that moment used to run a Tor exit node behind them would not be very significant, given the fact that now none of our servers is categorized as a Tor exit node. If this flag were used to identify a server with any of the aforementioned issues, many servers would be flagged but in practice they would have no important malfunction. Before proceeding, it is necessary to understand the frequency of problems occurrences. We kindly ask you to continue to warn us, reporting the exact reason of the problem. Have a look at the following message as an example. Even if we don't provide feedback on every and each case, we are monitoring the situation you warned us about. Kind regards

Hello, an important point which shows how useless is this method is exactly this one. Even when you can monitor your own Tor network, you end up with 6% false positives, which does not allow you to discern anything useful at a big scale. Kind regards

Hello, we know how DNScrypt works. Every VPN server has its resolver. When an authoritative DNS receive a query from our server (for example Castor), actually may know (if it knows the Castor exit-IP address) that the domain is requested by an AirVPN customer. Absolutely no information about which customer. Your suggestion doesn't really provide any benefit. And opening servers for public access (anyway even if limited to DNS) may expose them to other kind of troubles. Also it makes no sense to support DNScrypt in our client. When you are connected to the VPN, DNS queries are already encrypted. If you mean 'using DNScrypt when not connected to a VPN', this can be eventually done, but it sounds like bloatware, it's better to have a dedicated DNScrypt client. What we might do is funding a DNScrypt resolver node on a dedicated server (that can resolve ICANN domains, OpenNIC domains and NameCoin domains at the same time, like our VPN servers) or a project for a better client. We'll think about that. Kind regards

Hello! Can you please publish or send us the logs pertaining to the loop? Kind regards

What about the server Cygni what? Kind regards

Confirmed, it has been withdrawn. Kind regards

https://airvpn.org/topic/12793-completed-openvpn-upgrade Kind regards

https://airvpn.org/topic/12793-completed-openvpn-upgrade Topic locked. Kind regards

Hello! Starting from Dec 2 2014 2.00 PM GMT+1 we will upgrade OpenVPN on all of our VPN servers. The upgrade will cause clients disconnection and server unavailability for approximately less than a minute. We will perform the upgrade sequentially, following servers alphabetical order. No action on your side is required, our Eddie client will reconnect automatically. UPDATE: UPGRADE HAS BEEN COMPLETED Kind regards

Hello! We're following closely the matter and when the fixed version is released we will upgrade as soon as possible. Kind regards Does this mean that for those who connect to AirVPN through Viscosity or Tunnelblick will have to re-download config files? Hello! No, the vulnerability is on the server side. The exploit does not affect security but cause OpenVPN daemon crash. No action on the client side is required (as long as you use OpenVPN as a client only). Kind regards