Staff

Hello! Nothing more is required in your case, enjoy AirVPN! Kind regards

Hello! Support tickets are just one hour behind at the moment, every previous ticket has been replied! Kind regards

Hello! We'll update the Tomato instructions soon, we apologize for the inconvenience. Kind regards

Hello! You need to post a screenshot of your DD-WRT OpenVPN configuration page to get proper support. Kind regards

Hello! LZO compression is disabled on all of our VPN servers. Kind regards

Hello! Which DNS server did you query? We do not detect any problem at all with all major public DNS, and our authoritative DNS servers are working properly. Kind regards

Hello! After the upgrade a bug was in the SSL server. We apologize for the inconvenience. It has been fixed, can you please try again now? Kind regards

Hello! No, that's not required. You are totally free to connect from three different addresses. For example, if you travel you can leave your home computer connected and stay connected during the travel with two more devices (smart phone and tablet, laptop and smart phone...). Kind regards

Hello! Can you please re-check all the certificates and keys and make sure that you pasted properly (just in case you committed a "paste mismatch")? Also, can you please make a test with "TLS Cipher" set to "None"? Finally, we disabled LZO compression, please set it to "None" or "No". Kind regards Hello, I confirm that changing TLS Cipher to none solved the problem. My DD-WRT is v24-sp2 (02/04/14) std - build 23503, so it´s not an old one. Just one more question: disabling TLS Cipher implies in risks? Thanks Hello! Absolutely no risks at all. The additional TLS authentication through the ta.key is clearly performed anyway (not that it adds any relevant security on your end, it's just an additional protection for our servers) because otherwise our servers would not accept your connection. It seems a bug of the OpenVPN client DD-WRT configuration page, but it is totally harmless. Kind regards

Hello! You need to re-generate the files with our Configuration Generator. Configuration, certificates and keys have changed. We're sorry you were not aware of the upgrade, we spread the information well in advance via PM, personal e-mail, forum, Twitter and Facebook, we could not do anything more. Kind regards

Hello! We don't know for sure how it's possible since the Data Channel is AES-256-CBC. Speculating, we could assume that the TLS Cipher is overridden, in the part pertaining to the Data Channel cipher, by the appropriate field in case of conflicts, and the TLS Cipher, in this case only, is used in the part TLS-DHE-RSA... keep in mind, this is just speculation. Kind regards

Hello! Can you please re-check all the certificates and keys and make sure that you pasted properly (just in case you committed a "paste mismatch")? Also, can you please make a test with "TLS Cipher" set to "None"? Finally, we disabled LZO compression, please set it to "None" or "No". Kind regards

Hello! Maybe you're using one of the older builds in which it is necessary to set TLS Cipher to "None" (every other setting will cause a connection failure). On some, old builds, setting TLS Cipher to "None" is the only solution: pasting the ta.key will cause DD-WRT OpenVPN implementation to consider anyway the additional TLS Auth configuration, fixing the apparent bug. Kind regards

Hello! The most common usage is establishing up to 3 connections to up to 3 different servers from up to three different (either real or virtual) machines. Kind regards

@zhang888 You entered a logical flaw. In order to maintain a high privacy environment and a strong anonymity layer it is mandatory that we agree that logging is not a marketing term, but it means to keep a file to record past events so that they can be rebuilt in ANY arbitrary moment in the future. If you extend the meaning of logging as you are doing, then the RAM image itself would mean "logging", or more generally any state at any given moment of any kind of a limited Turing machine would be a log. According to your definition every type of limited Turing machine logs and every state is a log (even if that state is destroyed in time) and the concepts of "anonymity layer" and "privacy" do not exist anymore as soon as any limited Turing machine or a computer is used, while on real world it is clear the difference (given the flow of time as we perceive it) between keeping information that can be used in any arbitrary moment in the future and NOT keeping them. Amongst other things, what here is relevant is that keeping a temporary information (for example, 1 byte) about whether a "connection" is established or not (which is mandatory to make Internet working) is not only totally irrelevant for privacy, but also and above all completely equivalent regardless of the value of that byte, from which the absurdity of your conclusion derives: there is no difference according to your definition in allowing n connections from one account, for each possible value of n, including n=1 and n=3. Such philosophical discussion is completely irrelevant for our mission and for the purposes of our customers, for whom the concept of "anonymity" and "privacy" are preserved when no information can be rebuilt in an arbitrary future moment even if it is known that they were using a VPN service, but it can imply a real nice philosophical discussion that you are free to open in "Off Topic", but please not in this topic, thanks in advance. Kind regards

Hello! Thank you for your feedback. 1) Client, DDNS handling and port checks need an update. We are already working on it and a solution will come out very soon (a matter probably of days). 2) We don't use any RADIUS or other kind of software for authentication purposes. There is no change about privacy and no additional monitoring. Internal details: - Each AirVPN server runs simply OpenVPN daemons - When a new connection is received, after the cryptographic validations, the VPN server contacts indirectly a backend server to notify the connection. This updates a centralized 'active sessions' table in our db, data queried by our website pages for real time stats. Previously, if our backend server already had a session from a user, it replied to OpenVPN server to reject the connection Now, if our backend server already sees 3 sessions from the same user, it tells OpenVPN server to reject the connection. Technically, there isn't any architectural change. It is a 'political' change. Kind regards

Hello! No, wait, the download of keys and certificates is NOT in the clear. It's encrypted via HTTPS with TLS up to 1.2 and Perfect Forward Secrecy (with DHE or ECDHE key exchange). Just don't use Internet Explorer 6 or 8 otherwise you will lose FS and TLS 1.2. Kind regards

Hello! We're glad to inform you that from now on: every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/ No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it. No price increase has been planned for this new feature. As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server. We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers. Please do not hesitate to contact us for any further information. Kind regards & datalove AirVPN Staff

Hello! Crucis is under maintenance and we'll make an announcement soon about it. Kind regards

Hello! We're glad to inform you that in a short time we'll release an Air client version supporting connections of OpenVPN over SSL/SSH. Kind regards

Hello! We're glad to inform you that upgrade completed successfully! Kind regards

UPGRADE IS IN PROGRESS. You can already download the new configuration files (which include new keys and certificates) if you wish so. Kind regards

Tunnelblick users need to re-generate certificates, configuration files and keys, just like users of any other OpenVPN wrapper (except the Air client) need to do. Kind regards

Hello! It's a warning, not an error. The system warns you that the key is accessible by a whole group. Just change the ownership and flags (if necessary) of the file to fix it. For example, make it readable only by root. Kind regards

Hello! Because the service could use different methods than your IP address to detect which country you're in. For example the service can (in HTML5) just ask your browser which country you're in and your browser (if authorized) will tell it. Kind regards