Staff

Hello! Which server are you connecting stunnel to? From this line: Section stunnel: SSL server needs a certificate it might be a server-side problem. Also, try with "stunnel4" instead of "stunnel" Kind regards

Hello! Does the problem occur on Pollux only? Kind regards

Hello! Maybe so, but first please define a captive portal and elaborate. The more information the better. Kind regards

Hello, we do not understand your point, that's a verification for suspect transactions to make sure that the credit cards data and the data you provide will match in order to prevent common frauds on the online environment. Without such verifications for each even slightly suspect transaction there would be no option for merchants to accept credit cards online: the number of frauds would be overwhelming. If you want to hide your identity in the transaction phase to the payment processor you need to pay with Bitcoin, not with your credit card. If you want to abort the transaction just do not provide the require data. Kind regards

We're going to start with the April poll with a new option, let's see how it goes. Only persons who have contributed to our forums with at least 5 posts are allowed to vote. We have some perplexity whether to allow only premium users to vote: - Some people could use different accounts for VPN and forum posts. - The information whether a forum member is a premium member or not is NOT public. We want to avoid to disclose this information with this kind of distinction. If the community wants to know, for transparency purposes, who voted an option, that would become a privacy problem.

Only persons who have contributed to our forums with at least 5 posts are allowed to vote. Anyone can vote with a single or multiple choice. Who votes for what is NOT a public information. We can change this if the community prefers so.

Hello! The problem is here: It's not Eddie's problem, see here for a quick fix: http://askubuntu.com/a/172157 Kind regards

Hello! Noted. We confirm the problem on Fedora: we will be investigating soon. Thanks for the report. Kind regards

Hello! If you click the "Logs" tab, do the logs open? If so, if you click on the icon "Copy to clipboard" or "Save to file", what happens? EDIT. network-manager-openvpn usage is currently deprecated by us, see the instructions to know the reasons (here https://airvpn.org/topic/11432-using-airvpn-with-ubuntu-network-manager and here https://airvpn.org/topic/11432-using-airvpn-with-ubuntu-network-manager ) Kind regards

Hello! We expected a notice like that It is not a bug, it is intentional and it does not pose any security concern. It looks like plain http, but it is NOT. What data can you see? Use Wireshark for example. You can see an HTTP request, with two parameters. These parameters are encrypted with AES 256, over a RSA 4096 bit pre-authentication, preventing any possible MITM attack. We don't use the similar layer implemented in HTTPS, we re-built it, so https become only an additional, useless layer. If you want to look at the code on GitHub, all the connections to our authentication servers are managed by this class: https://github.com/AirVPN/airvpn-client/blob/master/src/Core/AirExchange.cs In order: - Generation of AES 256 key (note: new one for each http request) - Encryption of the AES 256 key with "AirVPN Software Public Key" (RSA 4096 bit). This is the param "S" in HTTP request - Encryption of the data with AES. This is the param "D" in HTTP request - Our server receives the request. Only our server has the RSA Private Key, so only our server can decrypt/obtain the AES key. - Our server replies with data encrypted with the AES key, that only the client knows so that it can decrypt data. Our only missing feature (planned) is an implementation about revoking the public key on client-side. Thanks for the report. Kind regards

Hello! You're not missing anything, we confirm the issue on openSUSE, we're investigating. Kind regards

Hi, which servers (always specify names please)? Kind regards

Hi, Eddie for Windows and Linux (in beta version) has been released, Eddie for OS X (in beta version) could be out at the end of May. Kind regards

Hi, we changed nothing on this respect. Kind regards

Hello, first check the most obvious, possible mistakes. Command "Ip" does not exist, probably you want to use "ip". Kind regards

Hello! Yes, that very question we answered to. Kind regards

Hello! It's planned but in the meantime just download the tar.gz archive, decompress it and run "airvpn" (even by double-clicking it from the file manager). In order to extract a tar.gz archive use the command "tar -xvfz" from a terminal or just use the graphical file manager in your desktop environment. Kind regards

Hello, Eddie (currently released in beta version) will implement an option to prevent any leak. A new Eddie version including this option is planned on the next week. Leaks prevention will NOT be based on forcefully programs kills, which is a barbaric and insecure method. Kind regards

Sorry, it is not possible to implement it quickly. We need to convert the UI project to GTK or at least create an additional wrapping layer. It is possible, but it has low priority. Yes, this is planned. We test Eddie only under Debian at the moment, and our package installer doesn't show this kind of error. For that we didn't notice. Anyway, this will be fixed in the next beta version. It is not a normal windows .exe, it's pcode. The same file runs on both Windows and Linux with Mono. It has the '.exe' extension only for comfort under Windows to run it with a double-click. It will be done soon. It will be done in the next beta release. Simply because we compiled our binary-bundle for Eddie beta packages before OpenVPN 2.3.4 was released. In any case, we normally wait some weeks before recommending a new OpenVPN version, if there isn't any urgent reason. We check the 'openvpn custom path', any bug about it will be fixed in the next beta version. Kind regards

Hello! We're very glad to inform you that the new AirVPN client (codename Eddie) is ready for the beta-testing phase. Introduction: https://airvpn.org/software/ FAQs: https://airvpn.org/forum/34-client-software/ Windows versions: https://airvpn.org/windows_ex Linux versions: https://airvpn.org/linux_ex A native Mac OS X version is still under development. We hope to release an OS X prototype in this month (May 2014). All the documentation is available on this page: https://airvpn.org/software Unlike some of our competitors that ask for customers' trust not only on networking, but also when installing closed-source software with full-access to users' machines, we release our client as free and open source under GPL3. Source code available on GitHub: https://github.com/AirVPN/airvpn-client Notes: Some advanced options are still disabled by default. As far as it concerns new features, we want to be sure that Eddie works at least like the current client. Soon, based also on community feedback, we will release a new version with some advanced options enabled by default.Please report exactly what version you installed (operating system, 32 or 64 bit, and file format) if/when you report an issue.Network Leak Protection Locking feature will be available in a next beta version, probably the next week. Screenshots: Enjoy! Kind regards

Hello! Once we define how to do it you'll be notified. Surely not later than mid-May to begin everything, so that we can deliver the funds before the end of May. Kind regards

Hello! The first problem in the User Interface is that TLS Auth is not supported and there's no room for ta.key. So you can't use the UI to configure OpenVPN. Read https://airvpn.org/topic/9785-using-service-via-chromebook/?do=findComment&comment=17289 to see where we got stuck. We do not use username/password for authentication. The authentication phase (only after TLS Auth is passed successfully) is performed through certificates and client key. Kind regards

What is the difference between protocols? UDP is a connectionless protocol, so during the handshake it is not always possible to do an effective error correction. As a result, when there's high ping or low quality line during the OpenVPN login, the handshake may fail, although you could see no significant problem after (if) the connection is established. TCP is capable of handling these problems. On the other hand, UDP is more efficient once the connection is established. OpenVPN also implements a basic packets error correction even in UDP (only after the tunnel is established). If you experience problems with VoIP video/audio conversations when connected to the VPN through a TCP port, a typical case for which a difference may be visible (VoIP over TCP - for example UDP over TCP - is clearly inferior to VoIP over UDP because TCP implements ARQ, UDP does not), then go for an UDP connection. In general, you should always try an UDP connection if your ISP allows it and you don't experience any problem during the handshake. However, TCP is mandatory if you need a proxy to reach the Internet. VPN over TOR connections require a TCP connection. Variety of ports (53, 80, 443) is an additional option to try to bypass country or ISPs blocks, or bandwidth management. When OpenVPN connections are disrupted by your ISP (this happens for sure in China and Iran) then you need OpenVPN over SSL or OpenVPN over SSH supported by every AirVPN server and requiring, again, TCP.

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Hong Kong is available: Hadar. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Hadar supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! Brand new information on this very subject can be found here http://america.aljazeera.com/articles/2014/5/6/nsa-chief-google.html (anyway NOTHING that shows that Google was a PRISM data collection partner) Kind regards