Staff

Hello, probably you don't have the slightest clue about what you're saying about keys and certificates but your fears are legitimate. That's already what happens (see Diffie Hellmann negotiation in a public key infrastructure), but it does not make any difference, we still potentially can see your traffic (only the traffic without an additional encryption layer). You need partition of trust if you can't afford to trust us. If we were running a "honeypot" or anyway conducting a sinister operation, we would not be promoting partition of trust since our "birth". Please read here: https://airvpn.org/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745 A practical example that opens the doors to multiple trust partitions: https://airvpn.org/tor Kind regards

Hello! At the moment that test is not working at all (tested from 3 different ISPs with their DNS), maybe it requires public and open DNS. Please note, however, that the test you mention is not strictly meant to detect DNS leaks, but to provide an indication of DNS randomness/"entropy". Try this for checking DNS leaks: http://ipleak.net Kind regards

Hello! 1. Yes! To ascertain the interface name, use the command ifconfig, it will list all the interfaces. Alternatively, type tun+ in the iptables rules (tun+ tells iptables to apply that rule of that chain of that table for every tun interface tun* - but if you have multiple tun interfaces this might not be what you want) 2. If the local listening port of destIP device service does not match the remotely forwarded port, then yes. In the How-To it is assumed that the service listens to the same remotely forwarded port. Warning: port remapping can NOT work with p2p clients, because the p2p client will anyway announce the local port, so the swarm peers will try to contact the p2p client on the wrong port. Kind regards

Hello! 2. Correct. We also provide a Dynamic DNS service (included in every subscription, no surcharge) https://airvpn.org/topic/9314-what-is-dynamic-dns/ with a maximum of 20 names *.airdns.org. Kind regards

Hello! Hello, first some clarifications from us. A port is an abstraction, a port is "open" when a process/task endpoint in an operative system is identified uniquely by an address and a 2 bytes number (this number is the port for that address). Therefore a port simply does not exist in an OS where there's no process/task endpoint matching what we call "a port" associated to an address. When such a number does not exist, the "port is closed". By extension, we also say that "a port is closed" when such an endpoint exists in the OS, but IP packets with headers that specify that endpoint are rejected/dropped by another process (typically a packet filtering tool such as a firewall). Your tests are ambiguous for two reasons: apparently from your report you have run simultaneously two processes which allegedly compete for the same endpointthe PortListener screenshot shows that the PortListener was listening to all interfacesLet's start over. First of all, we need to detemine whether the system connected to an AirVPN server receives forwarded packets from the outside or not. Make sure that no remote access tool is running. Shut it down if it's running. Connect to an Air server. Run PortListener. Make it listen to IP 10.something port 32665. Log in the web site with the same account you use to connect to an Air server, go to the Forwarded ports panel and start "Check" on port 32665. Observe the result in the PortListener and let us know. If you don't see any entry, disable any packet filtering tool (such as a firewall, PeerGuardian, PeerBlock, Malwarebytes, anything related to filtering packets, including some antivirus, Internet "security tools"...), repeat the test and let us know at your convenience. Kind regards

Hello! Destination IP is the local IP address of the device running the torrent client. With Tomato routers, it will be 192.168.x.y If in doubt open a shell in the computer running the torrent client and type the command "ifconfig" (as root). Look at the IPv4 address ("inet addr") of the physical interface (for example eth0 or wlan0). In Windows the command is "ipconfig". Kind regards

This. Any server/country that you reccommend we use to cause the least problems possible for you/us? Hello! The "situation" is perfectly under control. As a courtesy (absolutely not an obligation) you might evaluate to use servers in the Netherlands. Kind regards

Hello! You need to implement a simple NAT on Tomato: https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables Kind regards

Hello, since you get error 111 (connection refused) and not error 110 (timeout) the most probable cause is a firewall dropping packets, can you please check? Kind regards

Hello, our policy did not change, we don't log, monitor or inspect our customers' or users' traffic. Kind regards

Hello! 1. Yes. Special setup is required in China and Iran, see https://airvpn.org/ssh and https://airvpn.org/ssl 2. It is not logged anywhere. You need to enable sessions stats in your control panel, which by default is turned off. Log in the web site, click "Client Area" from the upper menu, click "Settings" from the left tabs, turn "Collected history and statistics about my sessions:" box from "No" to "Yes", finally click "Save settings". From that moment, every subsequent session stat (total traffic in and out, start date and time, end date and time) will be logged and will be accessible in your "Client Area". Kind regards

Hello! Please see the FAQ for detailed instructions on torrent clients: https://www.airvpn.org/faq Do not hesitate to contact us for any further information. Kind regards Hi, the link above does not contain the information about setting up the utorrent. Could you update the page? Thanks Hello! It's fine. Try also this: https://airvpn.org/faq/p2p Kind regards

Hello, we don't understand, can you please elaborate? Kind regards

Hello! The apparent reason from Freenode (from their communications to us) is a single abuse on their IRC network from one of our nodes and our subsequent message informing them that we don't keep logs to detect the alleged abuser. Real identity protection and true, effective anonymity layer are probably the most important features of our service. The above features are not negotiable for us unless we are provided with clear proof about infringements of the ECHR, urgent matters which involve physical safety of a person etc. (see our Terms of Service) by a competent authority. We will not start logging as a consequence of a request from any private entity or from any not competent authority. Freenode therefore let us understand us that since we don't log, they would ban every AirVPN server. We did not add anything after the ban about this policy; as we said no-logging policy is not negotiable with private entities. This issue is just another hint for you about how serious and determined we are in respecting our commitments, policy and mission. Our determination in handling such issues and above all much more complicated matters is, in our opinion, comparable to the determination of several TOR exit-node operators. For example, think about the following: Freenode advertises Private Internet Access (a large VPN provider)Private Internet Access claims an absolute no logging policy: "No logging. Period." is written in their "Buy VPN" pagePrivate Internet Access nodes can access Freenode IRC servers, since the ban against AirVPN and at the time of this writingTherefore, either Private Internet Access in reality is able and willing to detect a user, start logging etc. as a consequence of a simple request by Freenode (or any other private entity), or Freenode does not enforce against Private Internet Access the same policy it enforces against non-logging VPN services such as AirVPN. We don't know, Freenode did not give us any detail about any abuse. Hopefully this message has clarified the most probable reasons. Kind regards

Hello! A rogue web site might try to do that through the injection of malware via Flash, Java (not to be confused with javascript) or, if you run Internet Explorer, ActiveX; or through attempted execution of malicious Flash and Java code; or maybe through exploitation of some other vulnerable plug-in. If you browse to a web site you don't know well, the first, and strong, line of defense is preventing any script execution from the pages code. With Firefox a quick way to accomplish this is via NoScript. http://noscript.net/ Kind regards

Hello, can you please perform a test with PortListener and inform us about your results at your convenience? https://airvpn.org/topic/9315-port-forwarding-tester/ Quit Plex Media server, launch PortListener and make it listen to port 32665 TCP. Then re-perform the port check from the web panel. Kind regards

Hello, tested from Castor with a variety of browsers running in Linux Debian 7, Windows XP and Windows 7 64 bit, there are no problems at all. Kind regards

Hello! Is Plex Media Server running and listening to the correct port when the check is performed? Kind regards

Hello! It seems correct, account "nimg" is not authorized to access VPN servers because it lacks a subscription plan. You need to subscribe to a plan to access the service. Kind regards

Hello! Thanks for the information, problem has been fixed. Kind regards

Hello! The correct menu is "Client Area"->"Config generator". Kind regards

Hello! 1. No. 2. Not necessarily. For clarifications and information, you can read a quite good article on Wikipedia: http://en.wikipedia.org/wiki/Port_%28computer_networking%29 Kind regards

Hello, it all depends on what the prank calling show consist of. Some prank calling shows may infringe our Terms of Service, while others can potentially infringe our ToS AND the fundamental right to privacy as enshrined in the ECHR. You accept to fully respect them both when you subscribe to our service and we remind you that we have zero tolerance against ECHR infringements. While anonymity is often an essential requisite to exercise in practice freedom of expression (and the right to anonymity in exercising freedom of speech is constitutionally granted in some countries) we don't see how a prank calling show relates to freedom of expression. Maybe if you clarify why you need an anonymity layer for your show and what the show would consist of we might have a clearer picture. Kind regards

Hello, it does not seem the case anymore, we detect free access to Freenode website and IRC from every AirVPN server. Kind regards

Hello! It must also be considered that we continue to receive regularly payments via credit cards. This makes very difficult to reproduce the issue (after weeks, we are unable to reproduce it). Kind regards