Staff

Hello, we have just been informed that Bootis and Cassiopeia will be migrated to a new datacenter. Migration will start at 10 PM GMT+1 28 Jun 2013. Unfortunately the provider informed us only a few minutes ago about this migration. IP addresses will not change. Scheduled downtime is 4 hours. If you need a UK server, we strongly recommend that you switch as soon as possible to Carinae or Nashira, in order to avoid unexpected disconnections. Kind regards

Hello! We're very glad to inform you that a new 100 Mbit/s server located in Spain is available: Sador. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Sador supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello, we're glad to inform you that a new payment processor is available: Authorize.net, by CyberSource, a VISA company. Air is an Authorize.net verified merchant. The processor accepts VISA, MasterCard and JBC credit cards, including prepaid cards. Privacy and security notice: we never come to know your credit card number. The transaction core is handled by Authorize servers in compliance to Payment Card Industry Data Security Standard (PCI DSS). Kind regards

What is an API? AirVPN application programming interface (API) allows our customers to access and control their accounts, using custom written software. If you need some other kind of API please feel free to write in our forums. API Syntaxhttps://airvpn.org/api/?format=<format>&key=<your_api_key>&service=<service_name>&<service_params> (optional, default 'web') is the output format:web : Displays result as web-site page. Useful to understand.json : JSON format.xml : XML format.php : PHP, function serialize() and unserialize().text : Plain text, key=value for each rows. Nested result grouped with .dot notation in key field. is your API key. Generate a key from API page. If you are already logged in AirVPN website, this is optional. Use the key param if you plan to use our API in scripts. is the service name, look below for additional reference.Any service returns a 'result' field with 'ok' if successful or an 'error' message. Dates are always in UTC. Dates that end with "_date" are the dates in the MySql standard format, yyyy-mm-dd hh24:mi:ss. Dates that end with "_unix" are the dates in UNIX timestamp (integer). Do not send more than 600 requests every 10 minutes or we will ban your IP address. Supported methodsGET, curl example: curl "https://airvpn.org/api/?format=json&service=test"POST application/x-www-form-urlencoded, curl example: curl -d "format=json&service=test" -X POST "https://airvpn.org/api/"POST application/json, curl example: curl -d '{"format":"json", "service":"test"}' -H "Content-Type: application/json" -X POST "https://airvpn.org/api/" Services Service: userinfo Access: Member only Details about yourself, including connection details. Params: None Output:userlogin (login name)register_date (date of registration on our website)register_unix (date of registration on our website)premium (boolean, if premium or not)expiration_unix (date of expiration)expiration_date (date of expiration)expiration_days (days to the expiration)last_attempt_unix (date of last attempt to connect to a VPN server)posts (posts in forum)credits (account credit)last_post (date of last post in forum)last_visit_unix (date of last visit on website)last_activity_unix (date of last activity on website)connected (boolean, if connected or not)sessions (array of all sessions, ordered by connected_since)vpn_ip (local IP address assigned, 10.*)exit_ip (exit IP)entry_ip (entry IP)server_name (server name)server_country (server country name)server_country_code (server country code, ISO)server_continent (server continent)server_location (server location)server_bw (server bandwidth: 100 for 100 Mbit/s, 1000 for 1 Gbit/s)bytes_read (read bytes in the current session)bytes_write (written bytes in the current session)connected_since_unix (date of start of the current connection)connected_since_date (date of start of the current connection)speed_read (read bytes per second)speed_write (written bytes per second)connection (it's the first session above, for compatibility) Service: notification Access: Member only Send a message to yourself. Choose in the notifications options, under Air -> API, if you want to see it in the web site and/or in an e-mail. Useful to write to yourself an event that needs attention, for example from a script. Note: key required in any case. Params:subjectbodyOutput: None Service: disconnect Access: Member only Requests a disconnection. If none of the filter parameters are specified, disconnect all sessions of the user. Note: key required in any case. Params:server - Optional, if specified disconnect only sessions related to this server name.device - Optional, if specified disconnect only sessions related to this device name.Output: None Service: status Access: Free The data available in our https://airvpn.org/status page. Params: None Output: Try it. Some fields:server_best is the recommended serverbw is the bandwidth used, in mbit/sbw_max is the bandwidth available, in mbit/susers is the number of usersservers is the number of serverscurrentload is a percentage of current loadhealth: Can be ok, warning or error. If a server is in error status, it doesn't accept connection. For example, a low packet loss may cause a warning status, a high packet loss or maintenance may cause an error status.warning: Only exists if health isn't ok, it's the reason.

Hello, problem solved at the moment. Remember to use mirrors (there are really many) whenever possible in order not to overload their main web site. Kind regards

Hello, does the VPN connection drop only when you use a torrent client? If the problem occurs only when you launch a torrent client it might be that a firewall or an "Internet security suite" drop the packets when it sees "excessive" UDP traffic, assuming wrongly it's an UDP flood attack. We have seen this behavior several times with various Windows "security tools", because when the system is connected over UDP, all the incoming and outgoing traffic is encapsulated within UDP. When you launch a torrent client, the UDP traffic volume may increase considerably, triggering the block. First try to momentarily disable firewall and any traffic inspection/packet filtering tool completely (if any) on the router and on the computer and test again. Kind regards

New version 1.3 released, minor changes. - [bugfix] UDP improvement - [change] Message improvement - [bugfix] Support of domain name in IP field Thanks jessez, first post has been updated. Kind regards

Hello! A. Yes B. Yes Note: in this case you can use UDP as well for OpenVPN. The fact that a socks proxy does not support UDP is irrelevant, because it's TOR over OpenVPN, not OpenVPN over TOR (in which case yes, TCP would be mandatory). Kind regards

Hello amir4g, please contact us in private to bypass the web site block. Write to support(at)airvpn(dot)org Kind regards

NOTE: if you run Eddie or Hummingbird you don't need this guide, but you might need to get rid of update-systemd-resolved which, in one of its various working modes, can interfere fatally with DNS handling. This post describes how to accept OpenVPN servers DNS push on Linux, OpenBSD, FreeBSD and some other POSIX-compliant OS when: resolvconf package OR openresolv package is installed OpenVPN is run directly (i.e. NOT through any OpenVPN GUI/wrapper such as network-manager) OpenVPN version is 2.1 or higher Warning: the specified "update-resolv-conf" script path refers to many Linux distributions and OpenVPN package installation, but NOT to all of them. Please check the correct path of the mentioned file before proceeding (for example: it could be /usr/share/openvpn instead of /etc/openvpn). If the script is not on your system, you'll need to create it. See the typical script here: https://wiki.archlinux.org/index.php/OpenVPN#DNS Important: in the same above linked page, note that if you have a system based on systemd you might need some important modifications: Add to your OpenVPN configuration file(s), either in field "Custom Directives" of the Configuration Generator or by editing the configuration directly, the following lines: script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf In this way update-resolv-conf will record the DNS push and through resolvconf or openresolv will modify the nameserver accordingly. When OpenVPN quits, update-resolv-conf restores the previous nameserver line(s). Kind regards

Hello, all those IP addresses are airvpn.org public frontend servers. They are all on-sync, in real time. Kind regards

Thank you. In case you have VISA, MasterCard or JCB credit cards and you have issues with PayPal, you can just use your credit card, no PayPal need at all. Kind regards

Hello, you can, that's not a problem at all. PayPal will perform automatic currency conversion. You can also pay via credit card (VISA - MasterCard - JCB). Credit card issuer company will perform automatic currency conversion. Kind regards

Hello, no, sorry, but PayPal will perform automatic currency conversion. Kind regards

Hello jaypathora, you're connecting your system over OpenVPN over TOR. Kind regards

Hello, Tunnelblick does not support connections over SSL or over a proxy (Tunnelblick is not a wrapper that supports all the OpenVPN features). Please follow this guide: https://airvpn.org/ssl Do not hesitate to contact us for any issue or information. Kind regards

Hello! Not with the current client, because TLS 1.2 is supported only since .NET framework 4.5. However, with regards to BEAST, CRIME, Lucky Thirteen and various BEAST-dubbed attacks & exploits, this does not appear relevant, because such attacks rely on cookies and javascript (one of the key of the attack is decrypting a session cookie with a relatively low number of attempts; the number of attempts is still quite high for a single session, so the attack is dubbed for example with javascript, to open many multiple sessions), which are not used by the client. The most-successful known attacks against TLS 1.0 require at least 2-3 minutes to be completed, and the client not only will not open a myriad of sessions, but it will also timeout well in advance. The next client release for Windows, Linux and OS X will be under GPL so you will be able to examine the source code. About OpenVPN, the original message by James Yonan stands: Yonan went straight to the roots, without even having the need to consider all the browsers features, side-support web sites, injection etc. required to BEAST and CRIME to have a hope to succeed, to which OpenVPN is not "vulnerable". Feel free anyway to add your considerations, and remember that we do not and we will never force to use our proprietary clients to connect to Air VPN servers. Kind regards

Hello, TLS 1.1 and TLS 1.2 are now available also on the primary frontend server airvpn.org (95.211.138.143). All ciphers are supported, AES-256 included. Kind regards

A good re-collection of the leaks so far. It partially answers to our initial questions. http://www.forbes.com/sites/andygreenberg/2013/06/25/take-a-break-from-the-snowden-drama-for-a-reminder-of-what-hes-revealed-so-far/ Kind regards

Hello, far from defending our competitors, but everything you report points to severe problems on your end. Connections stability with OpenVPN and best datacenters is nowadays "an industry standard". It's mathematically impossible that you experience instability with every and each of Air and Air's competitors servers if it was not a problem on your end (or on your ISP, hopefully not). Just look at the servers monitor top connection times from clients to have an idea about OpenVPN and our servers stability. We have clients continually connected since weeks! Think about it: how could it be possible that 38 servers in more than a dozen completely separated and different datacenters connected to tier1 providers are ALL so unstable? Please do not hesitate to open a ticket, we will do our best to try to detect the problem. Kind regards

Hello, you should disable the DNS re-bind attacks filter, it's clearly a false positive probably due to the fact that speedtest.air is resolved into an address within the private network, an address which is also the VPN DNS IP address (when you connect to 443 UDP). Kind regards

Hello, please follow the guide https://airvpn.org/ios (click "iPhone", iPad screenshots are slightly different). About Safari, just make sure that it runs in full-mode, not in mobile-mode. If you wish to transfer files from PC to iPhone, you'll need iTunes, or you can e-mail to yourself the files (and open those e-mails on the iPhone). Anyway, using Safari in full-mode will allow you to download the configuration files directly with and into your iPhone, as described in the instructions. Kind regards

Hello, in this very moment your account is connected and exchanging data, can you please check what you see on your "Client Area" and on the central bottom box (important: browsing from a machine connected to the router and logging in with the same Air account you use to connect from the router)? Kind regards

Hello, with Comodo firewall it's easy and quick to check that, look at the "View Active Connections" window. Traffic to/from your VPN IP (10...) is tunneled. Traffic to/from your computer physical network card IP address (for example 192.168...) must be only to/from the server entry-IP you're connected to (normally only openvpn.exe will have such established connection). See also here about how Comodo can help you prevent any possible leak, even when system processes running with high privileges try to bypass the tunnel (see svchost.exe for DNS leaks) or even when the VPN disconnects unexpectedly: https://airvpn.org/topic/3405-windows-comodo-prevent-leaks/ Kind regards

Hello, TLS 1.1 and 1.2 are available on 212.117.180.25. If you wish to use them right now you should resolve airvpn.org to that IP address and force the browser to TLS 1.1 or 1.2. AES-256 is available as well. TLS 1.1 and 1.2 on the other two public frontend servers are planned to be implemented within the next 24 hours. Please note that TLS 1.0 and SSL 3.0 will remain available at the moment, in order not to cut out of the system Firefox, Chromium, Chrome, Iceweasel and many other browsers versions that do not support TLS 1.1 and 1.2 (perhaps more than 3/4 of our users) or that support them but require explicit user configuration to enable them. Kind regards