Staff

Hello! Anyway, we just added the "Entry-IP" field for servers, and the "Best Server" by country/continent/planet. Kind regards

Hello, can you please try again now? Kind regards

Hello, a DNS leak is when a DNS query is sent out of the tunnel. It does not even reach our servers. If a DNS query reaches our server, then it has been tunneled, and we want to leave our clients the freedom to use their favorite DNS, in case they do not want to use our VPN DNS. In case they want to force the VPN DNS, the option you suggest looks just like "Force DNS", which is already implemented in Eddie. Some confusion here, you talk about "config generator section of the Client Area" and at the same time propose a "server side" feature. You propose a "Force all applications use Air's VPN server" but the iptables refers to "--dport 53", another mistake. In any case, on client side, all we can implement is done in AirVPN Client. Yes, maybe in the future we can enhance the Config Generator to create some scripts to prevent leaks, but we need to write it in every platform, not only Linux/iptables. On server side: - There isn't any 'application leak' that we can manage, because if a packet reaches our server, there isn't any leak. - There isn't any 'DNS leak', because if a DNS query reaches our server, it's already inside the VPN tunnel. Note: 'DNS Leak' normally means a DNS request sent outside the VPN tunnel. You are a Linux guy, and DNS leaks never happen in Linux. DNS leak in Windows exists because Windows sometimes sends the DNS query to the DNS server set on the standard interface (lacking also a global DNS) regardless of the VPN tunnel being estabilished or not. If a Windows executes a DNS query outside the tunnel, our server never receives it, so it's impossible to prevent Windows DNS leaks on server side. Kind regards

Hello! We are in contact with Hadar datacenter technicians, they are investigating. Kind regards

Hello, try to tick "Force DNS" in "AirVPN" -> "Preferences" -> "Advanced". Kind regards Is already ticked Hello! Good, now set your favorite public DNS on your physical network card while Eddie is NOT running. After that, "Force DNS" will set VPN DNS when the connection is on, and restore your favorite DNS when the connection is off (assuming that you do not kill Eddie abruptly but you shut it down normally). If you need references: http://www.opennicproject.org/configure-your-dns/how-to-change-dns-servers-in-windows-7 Kind regards

Hello! Please note: geo-localization is based on javascript and is not necessarily related to your IP address. Kind regards

Hello! You can resolve .airvpn.org. For example: $ dig @95.85.9.86 acrux.airvpn.org +short 37.48.81.12 Kind regards

We don't have any, we're sorry. Kind regards

Hello, might it be that the OpenVPN version you run directly is not the same version run by Eddie? Compare OpenVPN logs version output in Eddie logs with OpenVPN logs version output when you run it directly. Kind regards

There are no DNS leaks on Linux. What it could happen is that your torrent client queries its own DNS servers bypassing resolv.conf, but the query is tunneled anyway. Kind regards

Hello! We're very glad to inform you that new 1 Gbit/s servers located in Canada are available: Almach and Spica. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Almach and Spica support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that new 1 Gbit/s servers located in the Netherlands are available: Botein and Mizar. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Botein and Mizar support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Exactly! Kind regards

Hello, yes, the forum board does not log IP addresses. Kind regards

Hello, what is vulnerability 5906907 according to Kaspesrky? Kind regards

Hello! .airvpn.org resolves into all the possible entry-IP addresses of VPN servers on that country, so the choice is random and performed by your OS. For a more accurate selection you can use .vpn.airdns.org (for example "de.vpn.airdns.org") which resolves into one IP address, i.e. the IP address of the VPN server with the best rating in that country. For the most accurate selection according to latency our client Eddie is recommended, or you should look at the real time servers monitor on our web site (click "Status" from the upper menu of our web site). About the rating method please see here (the last part of the post): https://airvpn.org/topic/12671-upgrades-for-eddie/?do=findComment&comment=21663 Kind regards

Hello, try to tick "Force DNS" in "AirVPN" -> "Preferences" -> "Advanced". Kind regards

Hello! Our apologies, we fixed a little bug in our TOR detection system. Now ipleak.net reports correctly if an IP address is associated to a Tor Exit (exit versus 8.8.8.8). Take for example Pallas, the information about the relay is public: https://atlas.torproject.org/#search/37.48.80.175 We inevitably know which AirVPN users are, because they forward the ORPort and DirPort to do that. We remind you that AirVPN already powers two Relays and funds TorServers.net (1000 EUR every other month) to power an Exit node. Note: it's disappointing that TorServers.net has our Exit node down at the moment. We are investigating about this, and also thinking about the option to run ourselves one or more Tor Exit node. We are evaluating whether to send a private notification to all AirVPN users that are running a Tor exit node behind one of our servers with a link to this topic. Kind regards

Hello! It seems all right, probably the tun/tap interface DNS servers are set to accept DHCP-push, which is fine. Kind regards

Hello, what happens if you try a connection in TCP? With our client Eddie you can change connection mode in "AirVPN" -> "Preferences" -> "Protocols". In your laptop, try for example port 443, protocol TCP. Have a check to antivirus software (if any) as well, just in case it's blocking openvpn.exe Kind regards

Hello, although many ipleak.net data are cached over time, Tor detection is always in real time. Currently (at the time of this writing) there are no servers marked as Tor exit nodes. We are monitoring when a server is marked as Tor exit node for further investigation. Kind regards

Hello! Some additional considerations on the whole discussion. It seems somehow paradoxical that some of our customers explicitly ask for Net Neutrality violation when they look exactly for a service capable to respect Net Neutrality with no discriminations against any protocol. As soon as Net Neutrality respect brings inconveniences created by third-parties, we are somehow invited to send such respect into the trashcan. We tend to think that it would be more appropriate and honest to focus energy and protests against those services whose administrators actively contribute to destroy the open Internet, with Tor indiscriminate bans, huge blacklists which block millions of IP addresses just because they are 'used as NAT' or because they are used to operate dedicated servers. It seems unquestionable that the concept behind such actions is an Internet where end-to-end principle and privacy are deemed as negative features to be fought. Remember our philosophy and mission: banning a server of ours because it's a source of problems appears as a very questionable action. It is the same error that some services do with Tor: to hit someone, they ban innocent users who love their privacy or who are forced to use Tor to bypass censorship in their country. If our servers or a Tor node are performing vulnerability scan, service needs to fix the vulnerability, not blame who caught it red handed. If our servers or a Tor node are wasting a service resource, service operators need to learn how to configure well their systems. If a service can't afford a method to manage spam, it should close the discussion system, it would be better for all. For all of the above, AirVPN will never violate Net Neutrality, and so we'll never commit any action to help "incompetent services". Kind regards AirVPN Staff

Case study: Currently (04/12/2014 00:49) users on Riguel cannot edit Wikipedia. The Riguel exit IP is 95.211.186.118. MaxMind - https://www.maxmind.com/en/home considers that IP address as Anonymous Proxy. whatismyipaddress.com - http://whatismyipaddress.com/geolocation-providers uses MaxMind database. Wikipedia has its own project to detect proxy. http://en.wikipedia.org/wiki/Wikipedia:WikiProject_on_open_proxies We entered the Riguel exit IP in the unblock requests area, and this message has been displayed: Conclusion: Wikipedia prevents Riguel users to edit articles only because MaxMind considers Riguel as a proxy. No Tor or other reason in this case. Kind regards

Hello! It may happen that some VPN servers are used to insert spam in forums, are categorized as proxy servers by services like MaxMind and it may happen that a Tor exit node is used behind a VPN server. Currently no VPN server is considered a Tor exit node. It's a highly dynamical list. A flag which identifies VPN servers which are in that moment used to run a Tor exit node behind them would not be very significant, given the fact that now none of our servers is categorized as a Tor exit node. If this flag were used to identify a server with any of the aforementioned issues, many servers would be flagged but in practice they would have no important malfunction. Before proceeding, it is necessary to understand the frequency of problems occurrences. We kindly ask you to continue to warn us, reporting the exact reason of the problem. Have a look at the following message as an example. Even if we don't provide feedback on every and each case, we are monitoring the situation you warned us about. Kind regards

Hello, an important point which shows how useless is this method is exactly this one. Even when you can monitor your own Tor network, you end up with 6% false positives, which does not allow you to discern anything useful at a big scale. Kind regards