Staff

Hello! No collisions are possible: when the system reserves a port to your account, you can rest assured that you don't need to worry about that. We have investigated the issue and one of your forwarded port is totally blocked by the system on some servers. This is due to very particular circumstances: either an attack against our servers toward that port has been detected by the server or activity that infringes our Terms of Service to that/those IP:port has been reported to us. In both cases momentary port blocking/packets dropping is essential to protect our system without infringing customer's privacy. Thank you for your understanding. For any further information and/or for your problem with the Air client please open a ticket at your convenience. Kind regards

Hello! We confirm you that you should NOT forward ports on your router. That would potentially expose your system to correlation attacks. Kind regards

@itsmeprivately Hello, it's just a matter of automatic triggers (when they are possible to implement) to be decided on a case by case basis. Kind regards

Hello, as you have correctly noticed, Cygni load has been more or less constant during last days. Such extreme performance differences are usually due to network congestion, from your ISP or anywhere between your node and our node, or (but in this case you would be warned on the servers monitor and we confirm you that Cygni has had no problems) to some server malfunctioning (typical example: packet loss) or attack against the server itself. Check the servers monitor https://airvpn.org/status and the Ping Matrix https://airvpn.org/pingmatrix to have an overview of the servers. Do not hesitate to switch server to perform a comparison. Also, you might like to have a look at your OpenVPN logs to check whether there's some intermittent problem (such as packet loss, or packet fragmentation). If in doubt, do not hesitate to send us a copy of the logs, taken while the problem is occurring. Kind regards

Hello, can you please perform a test with our PortListener available here: https://airvpn.org/topic/9315-port-forwarding-tester/ and report the results? Please set the PortListener to listen to your VPN IP address (10.x.x.x) on your remotely forwarded port, then log in the web site, go to your ports panel and start a test for that port (and also for some other port, for a more extensive test). Look at the PortListener and check whether any incoming packet is detected or not. Kind regards

Hello! Theoretically, very few kbit/s would be sufficient to maintain the tunnel active. From the logs, it seems that periodically the bandwidth goes to 0 (see activity timeout lines) and therefore the connection is lost. Maybe there are "dropouts" in Starbuck connection? Kind regards

Hello, your system is resolving europe.vpn.airdns.org to 67.215.66.132, which is not an entry-IP address of any of our VPN servers. In fact, it is an OpenDNS server IP address (OpenDNS is in no way related to AirVPN, of course). So Tunnelblick tries to establish a connection to... an OpenDNS server, which obviously fails. We can't say why it happens, can you please check your hosts file? Which DNS servers is your system using? Could you please open a command line and type ping europe.vpn.airdns.org and send us the output of the command? As an immediate solution, you can re-generate your configuration file(s) ticking, on the Configuration Generator, "Advanced Options", and then ticking both "Resolved hosts in .ovpn file" and "All servers for area or region", so that the generated file will contain only IP addresses and not host names. It would be anyway very interesting to investigate on the issue, so do not hesitate to reply if you wish so. Kind regards

Hello! Yes, to our frontend, not to the VPN servers. It's an ordinary https connection like a web site login. The Proxy option of the Air client is meant for OpenVPN, not for the client (remember that the client is an OpenVPN wrapper). If you don't want to disclose your IP address to the frontend server, just run OpenVPN directly (or OpenVPN GUI). We don't force (and we will never force) to run any proprietary software to connect to the VPN servers. Kind regards

Read this : https://airvpn.org/topic/891-important-notice-about-security/?do=findComment&comment=11718 OpenVPN is nice and gives you the option to run OpenVPN over TOR, your real IP address is not communicated to any VPN server unlike with the AirVPN client which will. Hello, no, the Air client itself does not connect to a VPN server, so it does not "communicate" anything to a VPN server. Kind regards

Hello, that's correct: if you run a program configured to connect over the TOR proxy, its traffic will be tunneled over TOR only. When you wish traffic over OpenVPN over TOR you must run programs NOT configured to connect to TOR. Kind regards

@janern We are not removing the link because it gives us the option to talk about an important security issue. With our service, you don't even have to create manually a file. Our Configuration Generator will generate all the files needed by OpenVPN. Make sure to tick "Advanced Mode", and then tick "Separate certs/keys from .ovpn file". Unfortunately, the instructions you linked talk only about a ca certificate, as if the Astrill authentication method is based only on that (with, optionally, login and password, which would be even worse). That's really a very bad way to build a secure & trusted VPN. Our authentication method is based on client certificate, server certificate and client key, with TLS re-keying at each connection and every 60 minutes (Perfect Forward Secrecy). No VPN server keeps any database of login names, passwords, user names or anything else. This is the correct way to provide a higher security service with OpenVPN. It is so obvious that we are astonished that you even compare a service without the aforementioned features with AirVPN. Since security and strength of the anonymity layer are one of our highest priorities, we're sure you'll understand our decision to never compromise the system to meet the needs of devices that do not implement all the OpenVPN features (IF it's your case, of course), even if that would mean to have some gullible customers that with the current system we can't have. If some services meet your need and our service does not because it provides a much higher security level, it's unfair to blame us, and not only in consideration of the fact that we clearly list all the systems that are compatible with our service. You should blame VPN providers and manufacturers that do not offer the better security options. We see that you have already asked for a refund and that the refund has been granted, so you are free to pick the service that you prefer. If you think that security is not of your concern, there are literally hundreds of low security, low privacy VPN services on the Internet that you can use. Our service will not compromise security and/or privacy for marketing reasons. Kind regards

There are a few decrypter tools for Truecrypt, even commercial ones like from Elcomsoft. I would rather take my hands of Truecrypt or Bitlocker if we're talking about security. Hello, can you please elaborate? Kind regards

Hello, glad to know it, enjoy the service! Just for information and reference, you don't need to rename the .ovpn files if you declare them explicitly. Kind regards

Hello, the instructions for Linux do not require an OpenVPN GUI or wrapper, and do not require any desktop manager or any graphical environment. Please follow the instructions for Linux, ignore instructions for network-manager. Kind regards

Hello, it's because your account is already connected to another server (maybe from another device?). You can check anytime the reason of the last connection failure in your "Client Area" on the web site. Kind regards

Hello! We are aware of this problem and we'll be working to solve it. The cause is normally this: https://threatpost.com/firefox-adds-mixed-content-blocking-by-default?replytocom=93364 because the test is in an https page, but the test itself transfers the randomly generated files for download and upload in http. Kind regards

Hello! Difficult to say, we're investigating as well. At the moment, we have noticed that intermittently some OpenNIC DNS (and perhaps Verizon DNS, but we're not sure) claim that airdns.org domain name (the domain name used in the configuration files for countries, continents and planet) does not exist or they are not reachable from some networks. Since the problem is intermittent, it's difficult to investigate. It might be something related to this: http://en.wikipedia.org/wiki/Domain_Name_System#Broken_resolvers or something we have not yet figured out. For the records, which DNS servers were your system sending queries to, when the problem occurred? Eddie development is taking longer than expected, because we have decided to insert (or try to insert) additional features. We are evaluating to dedicate more persons to the development in order to speed up the release. Kind regards

Hello! It might perhaps be a problem with host names. Please try to re-generate your configuration files in the following way: - in the Configuration Generator tick "Advanced Mode" - tick "Resolved hosts in .ovpn files" - tick "All servers for area or region" Re-download and try again with Viscosity. We're looking forward to hearing from you. Kind regards

Hello, old CPUs like Intel P4 2.6 GHz can encrypt/decrypt at least 15 AES-256-CBC Mbit/s. Some time ago it was reported on this forum that an AMD C-60 (a dual core processor from 2010 normally mounted on laptop and netbook computers) running DD-WRT x86 could handle 24 Mbit/s https://airvpn.org/topic/5553-x86-dd-wrt-build/?do=findComment&comment=5575 Kind regards

Hello! There are two guides by jessez, one for ipfw and one for pf. https://airvpn.org/forum/15-how-to/ Kind regards

@bizel No router specific configuration is required. For example, let's assume that the candidate host has two NICs, one Ethernet card and one WiFi card (a common setup for most desktop and laptop computers). The host connects via OpenVPN to an Air VPN server via the virtual tun/tap card and the physical Ethernet card (physically the cable goes to your router). It also shares Internet connection, necessarily via the WiFi card on the tun/tap adapter. The guests whose traffic must be tunneled connect to the host just like they do with any WiFi hot-spot. Other devices (if any), whose traffic you don't want to be tunneled, connect instead to the router. OpenVPN runs only on the host computer, therefore you need only one Air account. Kind regards

@andromeda Ouch, it sounds bad, thank you for the information. Kind regards

Hello! Yes, please see here: https://community.openvpn.net/openvpn/wiki/RelatedProjects#ClientGUI A graphical client for Linux+Mono (only for AirVPN) is also under development by us. Two notes about network-manager with OpenVPN plugin: it does not support explicit-exit-notify and it does not support embedded files. Therefore, if you use network-manager-openvpn, remember to generate separate certificates, key and configuration files with the appropriate option in our Configuration Generator (more details can be found on the instructions for Linux). Additionally, when a client connects over UDP with network-manager piloted OpenVPN, after a disconnection our servers will not be notified, therefore the account will be considered disconnected not immediately, but only after 60 seconds. Simple OpenVPN GUI For Linux (sogfl, untested by us) is very similar to OpenVPN GUI: http://sourceforge.net/projects/sogfl/ Kind regards

@bizel Hello, NIC = Network Interface Card If your only purpose is connecting multiple devices inside your network with just one Air account and you have a suitable host computer, you don't need DD-WRT or Tomato or any other router running OpenVPN. The same applies in every case for which you connect a computer to a VPN server. The best thing to do is probably a test by yourself: setting up a host should take just a few minutes. A guest can connect to the host via WiFi or Ethernet, it depends on the available NIC on the host. Kind regards

Hello, probably only to your router. The important thing is that it has two NICs. Normally the configuration is not difficult with nowadays OS. For example, if you connect the host to the router via cable, the guests can connect to the WiFi card of the host computer (instead of connecting to the router). When the host is connected to a VPN server, the guests traffic will be tunneled transparently. Our servers will see only one connection, so you can use the VPN with as many devices as you wish with just one account. Some instructions for a graphical environment with network-manager in Linux: http://linuxforums.org.uk/index.php?topic=10064.0 Some instructions for Windows 8: http://windows.microsoft.com/en-us/windows-8/using-ics-internet-connection-sharing Some instructions for Windows 7: http://windows.microsoft.com/en-us/windows7/set-up-a-shared-internet-connection-using-ics-internet-connection-sharing Kind regards