Staff

Hello! No, it doesn't. Just set 10.4.0.1 as primary DNS in your router in order to query the VPN DNS. Set a public DNS server IP address as secondary DNS to allow names resolution when the router is not connected to the VPN. OpenNIC may be a good choice, see http://opennicproject.org As a side note, what you're experiencing is not a DNS leak, which occurs only on Windows (the only OS lacking the concept of global DNS): the router is just doing what you instructed it to do, i.e. query the configured DNS. Kind regards

Hello, your suggestion looked very good and a part of the donations budget has been delivered to riseup.net. More news soon in the dedicated "Mission" page https://airvpn.org/mission Kind regards AirVPN

Hello! Can you please make sure that you really followed the instructions? You should never double-click the configuration file. You need to double-click the icon of the folder that you renamed with a ".tblk" extension. 1) create a folder (for example on the Desktop) 2) paste inside the folder one and only one .ovpn file 3) rename the folder with a ".tblk" extension (for example, folder "abc" becomes "abc.tblk") 4) double click on the folder icon Kind regards

Hello! Well, the traffic to trackers is re-routed on some servers and not on others. To ipleak.net the traffic is not re-routed by any server, so you should always see the VPN server exit-IP address. We tend not to announce publicly such re-routing operations for some good reasons. The important thing, anyway, is that you never see your real IP address during the test. Kind regards

Hello, yes, please see https://airvpn.org/topic/9787-the-pros-and-the-cons/?do=findComment&comment=11501 Kind regards

Hello! We're very glad to inform you that we now provide a service to detect data provided by your torrent client, similar to the service provided by checkmytorrentip, through our http://ipleak.net web site (just click "Activate" under "Detected torrent address"). To detect data from your torrent client we provide a magnet link to a fake file. The magnet contains an http url of a controlled by us tracker (in http, not udp) which archives the information coming from the torrent client and displays them to you. The procedure can take up to 20-30 seconds, so do not close the web page for some time after you have started the torrent client, in order to allow the test to be completed. Enjoy the service when you need it! Kind regards

Hello! We're very glad to inform you that we now provide a service to detect data provided by your torrent client, similar to the service provided by checkmytorrentip, through our http://ipleak.net web site (just click "Activate" under "Detected torrent address"). To detect data from your torrent client we provide a magnet link to a fake file. The magnet contains an http url of a controlled by us tracker (in http, not udp) which archives the information coming from the torrent client and displays them to you. The procedure can take up to 20-30 seconds, so do not close the web page for some time after you have started the torrent client, in order to allow the test to be completed. Enjoy the service when you need it! Kind regards

Hello, in order to do this: please make sure that you follow the instructions. Your description is ambiguous. Keep in mind that you have to rename the folder you have created (not the file) after you have pasted one and only one .ovpn file inside it. Kind regards

Incredible. Blowfish was designed in 1993 and his very creator Schneier recommended years ago NOT to use it. There's a class of weak keys that causes problems in picking an appropriate key and, under the user point of view, we doubt that you can have the absolute security that the keys are appropriately picked. It's somehow weird that Air is compared to such services, maybe it's a comparison not focused on security. Many experts claim that Blowfish should not be used for OpenVPN Data Channel and in general it should not be used at all. Again, Schneier himself said to switch to something else in 2007. Anyway, about the CPU processing power, if the CPU usage is so low in your box then you're right, the bottleneck does not seem be there. Keep on experimenting and feel free to report back, because, as it is reported by very many customers on different threads here and also if you have a look at the top speed users in the servers monitor table, it's normal to achieve higher than 40 Mbit/s throughput on several of our servers (including Alkaid) with a line like yours. The quality of Air datacenters connectivity to tier1 and tier2 providers is surely not inferior to the datacenters we see PIA uses. Assuming that you connect in UDP, (if not, please try it, performance with TCP is surely inferior) you might like to verify, first of all, if there's packet fragmentation, by checking the OpenVPN logs after some minutes of ongoing connection and normal usage. Kind regards

Hello, is the Data Channel cipher the same? On boxes CPUs, AES-256-CBC is computationally heavy, but our ciphers are picked with high security in mind. As far as we know PIA uses weaker encryption for the OpenVPN Control Channel. Kind regards

Hello, another factor to be considered is that UDP is connectionless, therefore if a client disconnects without notification to the server (for example because line dropped), the server has no way to know that the client is no more there until a ping times out (60 seconds). TCP is an alternative option, but under normal circumstances TCP performance is always inferior than UDP one. Kind regards

Hello, please click the button "Disconnect Now" in your "Client Area" for such purposes, it's there for that. Anyway your guess does not seem right, your account is not connected, maybe you have some other problem: feel free to open a ticket and always include the log files pertaining to the problem. The one-connection per account is not a matter to be fixed, it's a feature. We are the only VPN service in the world, as far as we know, that provides a guaranteed allocated bandwidth with a real time servers monitor to show that we keep to our word. Although this feature might not be appreciated by some people who just need lower quality or "whistles and bells" services with no care for anonymity and performance, we assure you that the fact that we are considered probably the top VPN service in terms of performance (in spite of the most computationally hungry cipher suite) is related to this as well. Kind regards

Hello, we will soon make an announcement about the release of Eddie, which will include leaks prevention features (including prevention of leaks in case of unexpected VPN disconnection). In the meantime we remind you that if you have issues with a Windows firewall, in Windows you can prevent any leak with a single command which needs less than 10 seconds to be typed in. For example if your computer gateway IP address in your home/office network is 192.168.1.1 (just an example) open a command a prompt with admin privileges and type: route delete 0.0.0.0 192.168.1.1and that's all you need to prevent any leak. You can immediately see the gateway IP address by typing "route print". Please see here for some theory and more information: https://airvpn.org/topic/9797-blocking-non-vpn-traffic-without-firewall-using-routing-router/?do=findComment&comment=11512 Kind regards

Hello, the "TLS Cipher" is wrong, please set it to "None". Make sure that your router tun interface is tun0 (on some builds it can be tun1 by default). Also set Static DNS 1 to 10.4.0.1. Kind regards

Hello, yes, actually it is assumed that the instructions for Linux are read entirely. We're sorry if it has caused troubles. Kind regards

Hello, could you both try to run OpenVPN GUI (or OpenVPN directly) so that we can determine for sure whether the problem is in the Air client or somewhere in OpenVPN? Apparently it's in the client, but anyway doing so is not a waste of time: if it's the client, then you have an effective way to connect in any case. If it's OpenVPN, more clues will come out. Kind regards

Hello, it's TLS 1.0, but implemented on OpenSSL 0.9.6 or higher, so enhancements of TLS 1.1 and 1.2 are irrelevant for the infamous CBC vulnerability of TLS 1.0. This vulnerability was resolved by OpenSSL with a workarpound 12 years ago, in 2002. Not to mention that practical attacks based on that (such as BEAST, CRIME, BREACH) need additional support from browsers, cookies etc. etc. so they can't even begin with OpenVPN. Our web site server supports TLS 1.1, TLS 1.2 and Perfect Forward Secrecy, up to TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for example. Perform this cool test https://www.ssllabs.com/ssltest/analyze.html?d=airvpn.org Of course you must have a browser supporting them. Kind regards

Hello, it's written in the Windows instructions page. Air client for Windows XP, Vista and 7 requires .NET 2.0. It should be installed by default but you have the link in the same page to download it, in case it's missing. Air client for Windows 8 requires .NET 4 (preinstalled on Windows 8). Also make sure that you do not mismatch 32 bit with 64 bit version or vice-versa. Kind regards

Hello, *.airvpn.org resolves into all the entry-IP addresses of the servers for that country or continent. *.vpn.airdns.org resolves into the "best" server entry-IP (chosen by the system through a rating system with parameters such as status, packet loss, latency and available bandwidth). Examples: ~$ dig @8.8.8.8 gb.airvpn.org +short 84.39.116.179 84.39.117.56 78.129.153.40 94.229.74.90 ~$ dig @8.8.8.8 gb.vpn.airdns.org +short 78.129.153.40 ~$ dig @8.8.8.8 nashira.airvpn.org +short 84.39.116.179 Kind regards

Hello, it looks like an IP geo-location database error. Kind regards

Hello! Please make sure that you're running the proper .NET framework and the proper client version for your system. Kind regards

Hello, the Configuration Generator works fine. In the instructions you can read: Select "Advanced Options"Tick "Separate certs/keys from .ovpn files"Kind regards

Hello! We're sorry, Paysafecard does not accept merchants who offer VPN services. Kind regards

Hello, thank you for your subscription renewal. bitcoincodes.com is an authorized reseller as usual. Kind regards

Hello, the percentage shows the busy bandwidth of each VPN server. Therofore 100% means that the server is at capacity. Values higher than 100% mean that the server is over capacity (bursts). The lower the % value, the more bandwidth a VPN server is able to provide. Kind regards