Staff

http://www.omegle.com Website: http://www.omegle.com Omegle is a free online chat website that allows users to communicate with strangers without registering. The service randomly pairs users in one-on-one chat sessions where they chat anonymously using the handles "You" and "Stranger". Status: OK Routing: All server to an non-public route.

http://www.cielotv.it/ Website: http://www.cielotv.it/ Cielo (Sky in English) is an Italian television channel broadcast by 21st Century Fox aimed to a young audiences,[1] and available on digital terrestrial and satellite television through Sky Italia. Status: OK Routing: All server to IT route.

Website: http://www.deezer.com/ Deezer is a web-based music streaming service. It allows users to listen to music on various devices online or offline. Status: OK Native: All server except US and NL Routing: US and NL, to FR route.

Hello! We have many projects for this month (April) in no-profit forum. Great! Which one shall we fund? As explained in Guidelines: We are thinking about a poll. But we can't guarantee that people won't create many accounts only to submit a vote. Available options: Any member can vote. Only premium members, with at least one month subscription, can vote (to avoid votes from Trial accounts) Only members of a special group can vote. Initially, those who have suggested a project would be included in that group: PirateParty, gigan3d, urbanconcrete, pfSense_fan, dwright. The same group would decide the next members, typically those who propose an on-topic project. ? Other ideas? We're looking forward to hearing from you all. Kind regards

Hello! Keeping a high level of privacy on the Internet is much more important than accessing Hulu services. In this way Hulu tends to compel USA citizens to access the service without the necessary protection provided by a VPN or similar service. Voluntarily or not, copyright reasons or not, this is equivalent to yet another attempt to lower the privacy levels in the USA. Spreading VPN usage is a threat to USA surveillance. Finding ways to discourage people to use VPN services helps privacy intruders. About copyright, this is pure nonsense. It is just an impulse to file sharing and other methods which are able to provide with much higher video and audio quality, without ads and without the various technical problems of streaming solutions (which in several cases prevent a proper, fluid and happy content fruition) more than what Hulu provides. Kind regards

Hello! Yes, you're right. It looks fine then, are all the interface names correct? Kind regards

Hello! The script is working correctly: all the traffic is tunneled. If you want to split traffic with this script, then you forgot to de-comment one of the key lines See here: # # Define the routing policies for the traffic. The rules will be applied in the order that they # are listed. In the end, packets with MARK set to "0" will pass through the VPN. If MARK is set # to "1" it will bypass the VPN. # # EXAMPLES: # # All LAN traffic will bypass the VPN (Useful to put this rule first, so all traffic bypasses the VPN and you can configure exceptions afterwards) # iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1 # Ports 80 and 443 will bypass the VPN # iptables -t mangle -A PREROUTING -i br0 -p tcp -m multiport --dport 80,443 -j MARK --set-mark 1 # All traffic from a particular computer on the LAN will use the VPN # iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 192.168.1.2 -j MARK --set-mark 0 # All traffic to a specific Internet IP address will use the VPN # iptables -t mangle -A PREROUTING -i br0 -m iprange --dst-range 216.146.38.70 -j MARK --set-mark 0 # All UDP and ICMP traffic will bypass the VPN # iptables -t mangle -A PREROUTING -i br0 -p udp -j MARK --set-mark 1 # iptables -t mangle -A PREROUTING -i br0 -p icmp -j MARK --set-mark 1 Kind regards

Hello! Implemented. https://www.ssllabs.com/ssltest/analyze.html?d=airvpn.org Kind regards

Hello! Thanks for this warning, we will investigate. Kind regards

Hello! Yes you're right, HSTS is not enabled, we have put it in the things to do very soon. Kind regards

Hello! We can't do much on our side: it's Omegle that bans VPNs (not only AirVPN according to anonymous reports), not the other way round. We don't block any web site, of course. So the question should be asked to Omegle administrators in the first place. Kind regards I known its not AirVPN fault, however you can multi-hop or do whatever you do to unblock a site. This is the whole purpose of reporting blocked sites, isn´t it? Thanks Hello, yes, correct! Kind regards

Hello! We're sorry to inform you that we have just detected a hardware failure on Orionis. Instead of waiting for hardware inspection and replacement, we will probably add a new 1 Gbit/s server (Orionis is 100 Mbit/s) in the near future and dismiss the broken server. NL infrastructure is anyway largely redundant. Kind regards AirVPN Staff

UPDATE 01-SEP-17 Due to multiple, critical problems in network-manager-openvpn which after years have not been solved we recommend to NOT use it. Please understand that we will not provide support to network-manager-openvpn. In GNU/Linux we recommend that you run our free and open source software "AirVPN Suite", "Eddie" or OpenVPN directly Warning: Ubuntu 14.04 has an issue on configuration files import. At 25/04/2014 there's still no fix. Bug Report Go to Config Generator page, choose Linux and choose your preferred options. Select Advanced Mode Tick Separate certs/keys from .ovpn files Click on any archive format. Save the downloaded archive file somewhere, say in ~/.airvpn. Extract it. Five files should be extracted. Try to make sure nobody but you can read the file user.key, because that one is secret. Install the package named network-manager-openvpn-gnome, which is a plugin to NetworkManager handling OpenVPN connections. The install will automatically include all needed packages, like openvpn etc. Click on NetworkManager icon in top-right bar, and choose Edit Connections... Click Add, choose Import a saved VPN configuration, click Create... and choose a .ovpn file extracted from files generated by our Config Generator. The imported information is displayed. Click Save... and close the NetworkManager Connections editor. From now on, the imported connections are showed under VPN Connections menu. Click it to connect.

Download your configuration file from the page Config Generator. If you don't already have the OpenVPN package installed in your system, you can tick Advanced Mode and tick Bundle executable (only for x86/amd64 based systems). Have a look here to take care of DNS push (OpenVPN will not do that for you by default): https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/Open a terminal console, reach the directory where you stored the files generated by the Configuration Generator and launchsudo openvpn foo.ovpnif you already have installed the OpenVPN package, orsudo ./openvpn foo.ovpnif you have downloaded our bundled executable. foo.ovpn is any *.ovpn files generated by the Config Generator. In the example we report "sudo" to run OpenVPN with root privileges. In some systems you might not have "sudo" available, or your account might be not included in the "sudo-ers". In these cases, you just need to run a terminal as root, or become root with "su" command.

Hello! There is a major problem on the datacenter. Datacenter technicians are working on it. Kind regards

Hello! Thanks. You can't load airvpn.org pages in HTTP. HTTPS is forced since years ago. Kind regards

My interpretation of this was to type in the AirVPN password. Thanks! Your interpretation is correct but that step suggested in the message is wrong. Getting back to network-manager, try to follow our instructions precisely. All of our tests end up with a fully working configuration. Anyway we are going to deprecate network-manager usage because it invokes OpenVPN in a way for which OpenVPN does not verify the server certificate and this is a security hazard. We recommend to run OpenVPN directly as long as we do not release Eddie for Linux. Kind regards

Hello, that's a mistake. Where did you read to do that (we ask because if there are forum posts telling to do that we need to fix them)? Kind regards

I personally am excited about this. I think this has good potential for future releases of OpenVPN and ultimately our uses with VPN. This perhaps might be a good canidate for AirVPN's No-Profit Community innitiative. If it meets the standards for it, i will gladly submit a post for it. Further reading: http://www.libressl.org/ http://www.openbsdfoundation.org/ http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/ Hello! Please feel free to duplicate your message to the "No Profit" forum. We have various candidates for April! Kind regards

Hello! After several tests we don't detect the bug reported in the forum in network-manager. Anyway, it is possible that we have been unable to reproduce it but the bug really exists. In any case please run OpenVPN directly. What we detect, and this not good at all for security, is that network-manager runs OpenVPN so that no server certificate verification is required from your OpenVPN. We underline that this is bad for security reasons and we are investigating. This is another good reason ((the other reason is that network-manager does not pass explicit-exit-notify to OpenVPN) to run OpenVPN directly, as long as we do not release the client for Linux. If you wish further investigations, after you import a .ovpn file in network-manager with OpenVPN plugin, please send us all the screenshots of its various configuration (one per each tab), they may give us important clues. No keys or certificates need to be imported one by one: if our instructions are followed exactly network-manager will do all the job automatically: ta.key, user.crt, user.key and ca.crt will be all read automatically by network-manager and their names displayed correctly in the relevant fields. Kind regards

Hello! @WcoRaaky According to the logs the connection is perfectly successful. OpenVPN is not "sitting there", it just does not have anything else to output in the terminal at the moment. It is running just fine. Kind regards

Hello! We're glad to know it! Basically it depends on the lease time of the DHCP server. "IP addressing information is leased to a client, and the client is responsible for renewing the lease. By default, DHCP clients try to renew their lease when 50 percent of the lease time has expired. To renew its lease, a DHCP client sends a DHCPRequest message to the DHCP server from which it originally obtained the lease. The DHCP server automatically renews the lease by responding with a DHCPAck message. This DHCPAck message contains the new lease as well as any DHCP option parameters. This ensures that the DHCP client can update its TCP/IP settings in case the network administrator has updated any settings on the DHCP server. Figure 4.9 illustrates the Renewing state." (From http://technet.microsoft.com/en-us/library/cc958935.aspx ) If the VM is in bridge mode, then the DHCP server is again your router. If the VM is attached via NAT, it depends on the host system. Kind regards

Hello! We have planned to work on mediaset. Please feel free to warn us about other services (such as the cited cielotv) you would like to have accessible from out of Italy servers. Kind regards

Hello! Have a look at your ticket. Kind regards

Hello! There's no disconnection every 2 hours on our system. It looks like a problem on your side, maybe you have a brief line drop or a DHCP renew from your ISP every 2 hours. Kind regards