Staff

Hello! In China, please try OpenVPN over SSL (it's called "SSL Tunnel - Port 443" in our client Eddie). Upgrade to Eddie version 2.8.8 or 2.9.2 is recommended. Feel free to keep us posted. Kind regards

Yes, definitely. Network Lock is a plug-in that (in Windows) sets Windows firewall rules. Please see also here: https://airvpn.org/topic/12175-network-lock Kind regards

Hello! The observed behavior makes us think about a problem in some QoS / packet inspection / packet filtering tool, either on the system or on the router. When you start a VPN connection in UDP, all of your traffic is wrapped in UDP, so everything you send out and receive through the router and the physical network card is in UDP. Now, a lot of tools are configured to prevent UDP flood attacks. When they see a significant and persistent percentage or amount of incoming packets in UDP, they think that an attack is ongoing. When you start your torrent client, UDP flow usually sky-rockets and does it persistently after a couple of minutes or so. This triggers the security feature of the tool which starts dropping packets, preventing quickly communications from the VPN server. We have seen repeatedly this problem with a variety of packet inspection tools (usually aimed to QoS or flood protection). It's worth a check. In case it's your ISP that does so, try a VPN connection in TCP to discern whether the problem is related to UDP or not. Kind regards

Hello! This is a very important information, thank you! Kind regards

Hello! Running two firewalls at the same time will inevitably cause unpredictable behavior. Kind regards

Hello! New subscriptions are added on top of already existing ones and expiration date is set accordingly. You will not lose a single day. Kind regards

Hello, the 10.x.y.z address is the tun interface address, i.e. the VPN IP address of your node (the tun interface is the virtual network adapter used by OpenVPN). It's not the public IP address assigned to you by your ISP. Kind regards

Hello! You're right. This is an unexpected and unobserved behavior. Do you have any other firewall installed in your system? Can we see the client logs, taken after Network Lock has been (allegedly) activated? Kind regards

Hello, different world visions. We have enough consideration for our customers to firmly believe that they can understand that a program that's not running can not do anything, even less can it reply to incoming packets. Writing that a program that's not running can't run until it is run is somehow insulting. Of course momentary lapse of reasons are always possible but just like in your case they will be spotted soon and they will be functional to inner growth. Kind regards

Hello! Correct, you don't need to worry. Check yourself with ipleak.net for ultimate test. Kind regards

About Hola, it is very important that you read this: http://adios-hola.org/ http://www.dailydot.com/technology/hola-vpn-security Kind regards

We're very glad to say that the "problem has been solved", or maybe, even better, that the problem never existed Enjoy AirVPN! Kind regards

Hello! We would like to have the help of our fantastic community to determine the optimal value of OpenVPN buffers size in various Operating System on different lines. We have already an opinion and we are aware of some issues with all version of OpenVPN in setting the correct buffer size, which usually result in a too small buffer which causes performance hit on high throughput lines, but your help would be invaluable, because it would allow us to collect measurements from a much wider testing systems. All of the above will help us determine the best approach to treat the matter both in the Configuration Generator and in Eddie, and perhaps even in our VPN servers OpenVPN daemons setup. If you wish to take a role in the testings, you can measure performance with various buffer sizes when all other conditions are the same (try to take measurements with the very same speed tests, same machine load, same VPN servers and same configuration - vary only the buffers sizes for each test). In order to test buffer sizes, add the following directives either to your configuration (.ovpn/.conf) OpenVPN file or in the client Custom directive field you can find in "AirVPN" -> "Preferences" -> "Advanced" -> "OVPN directives. After that, make sure to re-start the VPN connection. The syntax is: sndbuf size_in_bytes rcvbuf size_in_bytes We ask you to test first without any sndbuf and rcvbuf directive, and then with the following values for size_in_bytes: 65536 131072 262144 524288 For example: sndbuf 131072 rcvbuf 131072 In your report, please specify your Operating System exact version, the VPN server(s) you tested with and the nominal peak bandwidth of your line. For the purposes of our test, a test in UDP is enough, but if you wish to add a test also in TCP you're of course welcome. Please test only with 1 Gbit/s servers, do not test with 100 Mbit/s servers. Thanks so much in advance to all who will spend their time to perform the tests! Kind regards AirVPN Staff

Hello, the private IP address is not a leak. The second IP address (the one you blacked out) should not be your public IP address, that field is not used by ipleak.net for that. It must be your VPN IP address. Can you tell us the left-most octet of this IP address? Kind regards

Hello, everything seems fine, the detected IP address is the VPN server exit-IP address. No leaks. Kind regards

Hello, access to other devices in the LAN should be available (and not routed in the tunnel) as long as "Allow lan" is ticked and Network Lock enabled after that option has been ticked and saved. We'll investigate the issue. Kind regards

Hello! Keep the large buffers size anyway and try OpenVPN over SSL connection. Assuming that you run our client Eddie, in "AirVPN" -> "Preferences" -> "Protocols" select "SSL Tunnel - Port 443" and re-start a new VPN connection. Test different servers in different countries, including UK. Do you see any performance improvement or not? Kind regards

Hello! As a first attempt please try to enlarge OpenVPN send and receive buffers. In "AirVPN" -> "Preferences" -> "Advanced" -> "OVPN Directives" menu add the following lines in the "Custom" field: sndbuf 524288 rcvbuf 524288 Click "Save", try a new VPN connection (test different servers) and check whether there's any improvement in performance or not. Please feel free to keep us posted at your convenience. Kind regards

Hello! It's not a vulnerability. The whole "WebRTC leak" case has been fabricated, probably in good faith, by people who did not understand what they were seeing. It's just an application that binds to a physical network interface, to say it quickly. For a more detailed analysis please see the link in the first message of this thread. We confirm that we can't reproduce what you say after weeks of tests on a bunch of different Linux systems (thanks to the community for dozens of reports on this!). iptables and ip6tables rules block outgoing packets from physical interface except to VPN servers entry-IP addresses, so theoretically that's totally impossible, but let's investigate, there must be something we're missing or something that's peculiar to your system. Let's see the iptables and ip6tables rules while your system is connected to some VPN server, with Network Lock enabled, listed just after you have managed to get your real IP address via ipleak.net WebRTC test. Please open a terminal as root, issue the following commands and copy and paste everything in your message: iptables-save ip6tables-save Attach also a screenshot of ipleak.net (taking care to delete your real IP address!). Yes, we can't reproduce the issue you report and it could be important. Please help us by providing the above requested data, thanks! Kind regards

Hello, another way to obtain BTC easily is to sell something (goods, services...) and accept Bitcoin as payment. To maintain an anonymity layer it is necessary that you always, without any exception, run your Bitcoin client behind Tor (or at least when you use the wallets whose transactions you want to keep "anonymous"). Bitcoin adds good privacy to transactions but it's not anonymous by itself (the blockchain will remain "forever" and can be used to correlate transactions to IP addresses and between persons). We also accept very many different cryptocurrencies, if that can help you. Kind regards

Hello! Please go to "AirVPN" -> "Preferences" -> "Advanced" -> "Network Lock", tick "Allow lan/private", click "Save". Disable and re-enable Network Lock (you need to be not connected to a server to do that) to apply the change. Kind regards

Hello! You're probably near to the maximum Raspberry Pi CPU processing power to encrypt/decrypt AES-256-CBC flow (the cipher we use for the Data Channel). Kind regards

But isn't that what network lock is supposed to do? Hello! Exactly, Network Lock must prevent so called "WebRTC leak". If it occurs anyway maybe you have modified iptables rules after you enabled Network Lock. Which Eddie version are you running? Note that 2.8.8 and older versions did not set properly ip6tables. Kind regards

Hello! Open your hosts file (with a text editor launched with administrator privileges). You should find the following line: 85.17.207.151 airvpn.org that you maybe inserted in the past for some reason. Delete it, make sure that no other entries pertaining to airvpn.org are there, save the hosts file and try again. airvpn.org should resolve into 95.211.138.143 How to edit the hosts file in Windows 7: http://helpdeskgeek.com/windows-7/windows-7-hosts-file Kind regards

EDIT: OBSOLETE THREAD. WINDOWS 10 GOT OUT OF THE BETA STAGE A LONG AGO. EDDIE VERSION 2.9.2 IS ALSO OBSOLETE. Hello! The tun/tap interface does not come up. Currently, as far as we know, tun/tap driver does not work in Windows 10 preview and any OpenVPN usage is not possible. We don't know if things have changed in the last couple of weeks (last time we updated on that). In general, to remain on the safe side, you should expect that nothing works on a preview version of an OS. Kind regards