Staff

Hello! We are very glad to announce new features aimed to improve your experience with our service. The web site menus have been rationalized for a quicker and easier access, while several web pages have been completely rewritten to improve clarity and effectiveness. We have added a page which we feel particularly important: the mission page. In it, you will find a complete overview of our mission https://airvpn.org/mission to understand "why we do what we do". Thanks to the excellent and fast growth of AirVPN customers base, of which we are very proud, we have been able since some months ago to fulfill an additional task: "Support when possible a range of projects and NGOs whose aim is compatible with AirVPN mission statement". In the same "Mission" page you will find projects, initiatives, NGOs that we gladly decided to support, as well as side projects that are managed directly by us. Whenever possible, we will continue such support and also expand it to other projects. In a separate article we will explain the reasons of our choices for each supported project. We have published a new forum https://airvpn.org/forum/32-no-profit where you can suggest a project that covers our mission. Let's examine now the additional features of the web site and the service. In the servers status page https://airvpn.org/status you can now see a list of the latest issues occurred on the service. The list of issues is displayed on the top. It can be very helpful to backtrack possible issues you experienced with the service or with specific servers. The list is updated automatically by our monitoring system. A completely new page has been added, the "Checking routes". In this page you can instruct every and each VPN server to perform a routing check to any destination. The results will be displayed within 60 seconds and cached for 10 minutes. Output includes several, relevant data. You can use this tool for troubleshooting, routing evaluation, name resolution verification, HTTP answers (in case of web sites) blocks discovery, target latency time and more. Last but not least, we have implemented a series of "backend" modifications which in some cases you can't directly see but you will benefit from. In particular, the handling of the clustered database has been improved, the queue tasks of the VPN servers have been optimized and the monitoring system has been remarkably powered up. An additional part of the monitoring system has been made public, allowing an organized and fancy view of several stats for every and each VPN server. We are confident that the new stuff will be useful and appreciated. We will be very glad to receive comments and feedbacks about it! Enjoy AirVPN! Kind regards & datalove AirVPN Staff

Hello! We have had a momentary problem with PayPal, promptly solved by competent intervention of PayPal business customers care. Everything looks fine now, we apologize for any inconvenience! Kind regards

https://www.stunnel.org/ The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library. Stunnel can benefit from FIPS 140-2 validation of the OpenSSL FIPS Object Module, as long as the building process meets its Security Policy. A scanned FIPS 140-2 Validation Certificate document is available for download on the NIST web page. The Windows binary installer is compiled with FIPS 140-2 support. The FIPS mode of operation is no longer enabled by default since stunnel 5.00. 30/01/2014, Funded with 1000€ (1355 USD).

Hello, since you are in the USA and you're a Comcast customer, probably the choice of a UK server is not optimal for your purpose. Please try a server in Canada. Kind regards

Hello! You need to run OpenVPN directly: you can use the executable we compiled for OS X directly from the original OpenVPN source code (tested on Mountain Lion), available here https://airvpn.org/topic/9325-development-of-os-x-airvpn-client/?do=findComment&comment=9555 Kind regards

Hello, sporadic bad packets IDs in UDP mode can be totally normal. If they are very frequent, they are a symptom of either a poor line quality or a replay attack https://airvpn.org/topic/3773-pls-help-strange-logs/?do=findComment&comment=3784 Kind regards

Hello! Please try UDP mode to ports 53 and 80. Furthermore, disable "NAT-PMP Port Mapping" in uTorrent. Kind regards

Hello, can you please publish the Air client logs taken just after a connection has been allegedly established? Please right-click on the Air tray icon (a white cloud), select "Logs", click "Copy to clipboard" and paste into your message. Kind regards

Hello, it is explicitly forbidden by the Terms of Service, article 4, point 6. Kind regards

Hello! It should be openvpn_if="tun"but that does not really matter, it will be overridden by the configuration file. Maybe it's just a DNS issue, what is the content of resolv.conf? Also, please read here:https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf You can quickly determine whether it's a DNS issue by trying the following commands: ping -c 4 10.4.0.1 ping -c 4 google.com ping -c 4 8.8.8.8 so that you can immediately see whether the traffic is tunneled and/or names are resolved or not. If in doubt do not hesitate to post the output of the aforementioned commands. Finally, keep in mind that our service does not support IPv6. Of course. This is correct: the authentication is based on double certificate and secret key (embedded in the .ovpn file) not on login/password. Kind regards

Hello, that's just fine. The 54... IP address you see is used by one of our failover servers. On this one, a frontend web server runs as well. That's why you can see our web site. Kind regards

Hello, the section "News & Announcements" is dedicated to that. Kind regards

Hello, as we said this feature will be implemented on the next client version. We're very near to a first alpha-release. Under a technical and security point of view it's a bad defect, not a good thing, that you must rely on a proprietary software from the same provider of the VPN service you use. You should always be able to choose to connect to a service with some software that does not come from the service provider itself. It's also not true that you need script files to prevent leaks, you can just use one (ONE) command that you can issue in 2 seconds or configure carefully firewall rules (which is a task that has some very important, good side effects on your network know-how). Kind regards

Hello, the .NET framework version that's required by the Air client is specified in the instructions for Windows (menu "Enter"->"Windows" in our web site). To keep the minimal amount of software in the VM, do not install the framework and do not run the Air client, the OpenVPN GUI is just fine. Kind regards

@refresh In order to discern whether the problem lies in pfSense or not, try a connection from one of your computer and check whether the same thing occurs. If so, might it be that your ISP "leases" your IP address for a definite time frame (and therefore DHCP-re-assigns it every x hours or at some fixed time of the day)? Just speculation but it's worth a check. If it happens, your OpenVPN connection needs necessarily to be re-established, because of course the OpenVPN server has no way to know "your" new IP address until the client re-contacts. To answer to the thread topic question: no, the Air servers keep the connection alive even when this connection is "inactive". Kind regards

Hello, this is an English-only forum, we're sorry. Kind regards

Hello, very probably our answers to FAQ can help you. Please read this https://airvpn.org/topic/9161-you-provide-remote-port-forwarding-what-is-it first, then read this https://airvpn.org/topic/9170-do-you-allow-p2p-how-can-i-optimize-performance-of-emule-and-bittorrent-with-airvpn Feel free also to use the Forum "Search" function, which is powerful and can be very helpful, after years there's a good knowledge base on this forum, thanks to the invaluable contribution of the community. In case of any issue, anyway, do not hesitate to open a ticket. Kind regards

Hello, no, that's perfectly normal and does not compromise security in any way. One of our services runs and listens to port 88 of the VPN servers exit-IP addresses. Packets are not forwarded to th Virtual Private Network or to the VPN nodes. The fact that our system replies to ping is deliberate, and it must be so, otherwise we could not gather reliable data for the Ping Matrix that you can access through our Servers Monitor, see https://airvpn.org/status and https://airvpn.org/pingmatrix Actually what GRC web site states ("of YOUR system...") is technically wrong. It is in many cases true just for the coincidence that a long ago, when IPv4 addresses were still available, NAT and VPN were relatively uncommon. The GRC system sends packets not to your system, but to the exit-IP address of our VPN servers, i.e., so to say, "the IP address your node is visible on the Internet". This assumption is quite trivial and it is probably the reason for which it is not clarified by the GRC web site, but we understand that it can be confusing for a network-unexperienced user. By default, all accounts ports are closed. Each account can anyway remotely forward up to 20 ports, in which case the system will properly forward packets to the VPN, to the appropriate client VPN IP address. Kind regards

Hello, according to your description it seems just a YouTube IP geo-location database error (inaccurate database, a common problem). Kind regards

Hello, what happens if you set your browser language to English (it is currently set in German) and disable HTML5 geo-location (if it's enabled)? Kind regards

Hello, it makes sense on a particular circumstance: if you wish to connect to a VPN server from the Windows machine, with the Air client and with the Windows machine unable (for example because it is "secured" against any leak) to resolve names via DNS queries. Kind regards

Hello, after the thread was written a "Disconnect Now" button in the web site and a "Disconnect" API service were implemented. Please see here https://airvpn.org/topic/9612-what-is-api Kind regards

Hello! What happens if you set as static DNS 2 a public DNS? What is the output of the command (from the router and while the router is connected to the VPN): dig @10.4.0.1 skydrive.live.com Kind regards

Hello, yes, 10.0.0.0/8 IP addresses are private addresses. This solution: Static DNS 1: 10.4.0.1 Static DNS 2: 50.116.23.211 Static DNS 3: (optionally another OpenNIC DNS server) looks perfect. It will let your device use the VPN DNS when it's in the VPN and a public and trusted DNS when it's not. Kind regards

Hello, we confirm that, it's an old problem with network-manager. It does not pass explicit-exit-notify directive to OpenVPN. Therefore when OpenVPN client in UDP mode ends, the server has absolutely no way to know that the client disconnected until the timeout. When you run OpenVPN in UDP mode via the network-manager, please allow 2 minutes for a server switch (i.e. wait for 2 minutes after you disconnect from the first server before trying to connect to the a different one). Alternatively please run OpenVPN directly to solve the issue completely. Kind regards