Staff

Hello! Please see here: https://airvpn.org/tor Eddie version 2.7 or higher is required. Kind regards

Hello! You need to insert the directive "reneg-sec" in your OpenVPN client configuration (see below a paste from the OpenVPN manual). Detailed instructions vary according to the client or OpenVPN wrapper you're running. With our client Eddie you can insert the directive in "AirVPN" -> "Preferences" -> "Advanced" -> "OVPN directives". Enter "reneg-sec 1800" in the left box reserved to additional directives, click "Save" and start a connection with a VPN server. Kind regards --reneg-sec n Renegotiate data channel key after n seconds (default=3600). When using dual-factor authentication, note that this default value may cause the end user to be challenged to reauthorize once per hour. Also, keep in mind that this option can be used on both the client and server, and whichever uses the lower value will be the one to trigger the renegotiation. A common mistake is to set --reneg-sec to a higher value on either the client or server, while the other side of the connection is still using the default value of 3600 seconds, meaning that the renegotiation will still occur once per 3600 seconds. The solution is to increase --reneg-sec on both the client and server, or set it to 0 on one side of the connection (to disable), and to your chosen value on the other side.

Hello! Wrong TLS cipher: TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 Try with "None". If it does not work try with "TLS-DHE-RSA-WITH-AES-128-CBC-SHA". Both are wrong as well but for some bug in several DD-WRT builds either the first OR the second work. Kind regards

Hello! Bug fixed. However, we would recommend that you use JSON, PHP or XML. Text format is not optimally readable. Kind regards

Hello, that's expected and correct when OpenVZ is not set up correctly, it's not OpenVPN fault. Please see here to solve: https://community.openvpn.net/openvpn/ticket/324 Kind regards

Hello, were you root or not when you invoked airvpn? Kind regards

Hello! Can you please elaborate on that? Kind regards

Hello! > 1. The upload speeds are fast (which also encrypt using tunnel and openvpn processes) You're right, that shows that the bottleneck is not in the CPU. But if it was your ISP to throttle, you could not reach higher performance on the host. With OpenVPN over SSL, the symptoms point to a bottleneck caused by VMWare. If the VM is attached via NAT to the host, maybe the problem is there. What happens in bridge mode? Kind regards

Hello, you can change connection mode in Eddie menu "AirVPN" -> "Preferences" -> "Protocols". Note that Eddie runs on OS X Mavericks or Yosemite. Older OS X versions should run Tunnelblick (another free and open source OpenVPN wrapper with a nice GUI). Try OpenVPN over SSL (in Eddie "SSL Tunnel - Port 443") if anything else fails. You should also get informed whether your node (in the college network) is behind a proxy or not. Kind regards

Hello, in the VM it is maybe a bottleneck due to the CPU. An OpenVPN daemon is run only by one core in any case so even if this core is at capacity you will not see the CPU particularly stressed, unless this is a single CPU, single core system. Currently OpenVPN does not scale well on multi-processor systems, it does not support HT. Kind regards

Hello, note that your definition of PFS is wrong: https://en.wikipedia.org/wiki/Forward_secrecy#Perfect_forward_secrecy We confirm to you that our cryptographic setup satisfies the properties of PFS. From your client logs you can see that Data Channel keys (used to encrypt the traffic) are re-negotiated every hour through DHE (Diffie-Hellman Exchange). Kind regards

Hello! Yes, assuming that you run our client it is possible to do it in "AirVPN" -> "Preferences" -> "Routes". Select "Not specified routes go: inside the tunnel" and enter the IP address(es) of the web sites. Without our client the same purpose can be achieved in this way (see the last part of the post): https://airvpn.org/topic/3721-netflix/?do=findComment&comment=3724 Kind regards

Hello! Our service is based on OpenVPN which is not included by default in Windows. Kind regards

Hello, many consumers' routers CPUs can't process more than 10 Mbit/s AES-256 throughput due to their processing power. Our Data Channel cipher is AES-256-CBC. Probably bottleneck is the router CPU. Try to connect directly from your computer to make a comparison. Kind regards

Hello, if you see your real IP address in ipleak.net or you see the central bottom box in our web site home page red while your system should be in the VPN, something is not working properly. According to your description it seems that the connection is established but the traffic is not tunneled. Please publish the client logs after a connection has been allegedly established. Kind regards

Hello, to change connection mode (ports, protocol etc.) select in the client "AirVPN" -> "Preferences" -> "Protocols". Do not trust speed tests and try different connection modes just in case your ISP is throttling OpenVPN connections. Kind regards

No, you can not confirm that. You not having DNS leaks (or whatever that is) does not mean "there is NO dns leak". It just means you're not having DNS leaks. Hello! Linux queries global DNS servers that are specified. Windows queries DNS servers specified on every and each network card, even with an apparently random behavior. A DNS leak occurs when a DNS server is queried against system settings for a particular connection. This can happen if a system lacks the concept of global DNS and starts querying randomly all the DNS servers it can find anywhere configured in any network card. Since Windows lacks the concept of global DNS and Linux does not, a DNS leak by definition can occur on Windows and can not occur on Linux. On 100% of the cases, so-called DNS leaks on Linux are configuration mistakes. Kind regards

Hello, it can be anything except a DNS leak. For "ISP's IP" do you mean the IP address assigned to you by your ISP? If so, the problem is different: your traffic is not tunneled. Feel free to clarify. Kind regards

If I understand correctly, this infers that they are not obligated to give out any information regarding to non-Canadian citizens using the service. How about requests for information pertaining to actual Canadian citizens using the service however? Hello, we presume that no Canadian citizens connect to Canadian servers, but if a competent authority (with jurisdiction on our company) can prove otherwise we'll be happy to evaluate any proof and consider new options. Kind regards

Hello! We confirm to you that we repute that we have no obligation to follow Canadian laws for services provided outside Canada and to non-Canadian citizens, with data only transiting through servers in Canada. Additionally, we also repute that for us the privacy and data protection framework of the European Union takes precedence on any Canada law, in case the latter conflicts with the first, because our company is under EU legal framework jurisdiction and not under Canada jurisdiction. Kind regards

Hello, which version of Eddie are you running? Kind regards

Hello, as suggested by zsxawerdu the directive "route-delay 5" solves the problem. Fedora 21 users can enter that custom directive on their Eddie clients, or on the Configuration Generator. We're considering whether to put a "route-delay" directive as default (for Linux only) in the next client release and in the Configuration Generator. Kind regards

Hello, no problems, we understood. Yes, this setting (Network Lock enabled and active) is 'sticky'. What you describe is an anomaly on your system that we would need to reproduce to understand why it happens on your system, if there's some hidden bug in the client etc. Kind regards

Hello! Just for readers information, we have the following countries list where Bitcoin usage is allegedly forbidden (of course such laws are very difficult to be effectively enforced due to how Bitcoin software works). If you have additional information feel free to share. Bangladesh Bolivia Ecuador Iceland Kyrgyzstan Kind regards

Idealy I want network lock to stay active at all the time when I'm not connected to an airvpn server but having the eddie client running. Hello! Yes, and that's exactly what happens. If you are disconnected from a VPN server but Eddie is not shut down, Network Lock remains active. If Eddie is killed without grace or crashes Network Lock remains active. In the moment you shut down Eddie, we have no rights to interfere with your system and we have no will to make invasive software that permanently modifies your system settings. Routing table, DNS and all previous firewall rules will be restored. Kind regards