Staff

What is Dynamic DNS? "Dynamic DNS or DDNS is a method of updating, in real time, a Domain Name System (DNS) to point to a changing IP address on the Internet. This is used to provide a persistent domain name for a resource that may change location on the network." Wikipedia, http://en.wikipedia.org/wiki/Dynamic_DNS Premium Members can choose up to 20 names in their Forwarded Ports page, accessible from the left tabs of their "Client Area". Just for comfort, a name is associated to a forwarded port. When a Premium member connects to an Air VPN server, the .airdns.org DNS record is updated to the exit-IP address of that server. Therefore, be aware that this service may be unusable when you establish multiple connections to different servers from different devices with the same account (in such cases, you need to point directly to the exit-IP address of the server, or use some third-party DDNS which you manually set). This service can be useful when you need a domain name, which must be persistent across all Air VPN servers, for a service you need to run "behind Air VPN". For example: if you want to host a game server, you can communicate to the players the DNS name and freely switch Air VPN servers. Notes:TTL (Time-To-Live) is one hour. If you change VPN server, one hour may be needed before other users can resolve correctly your domain name. A longer time might be necessary: some public DNS (for example Google DNS) sometimes ignore TTL in their caching system.DNS are created or updated when a connection to an Air server is performed. They are deleted only if you disable the system (i.e. you delete the name from the forwarded ports panel). The latest IP address is NOT removed during disconnection or connection retry.

Hello! Yes, we have our own VPN DNS: 10.4.0.1 10.5.0.1 etc. (see also https://airvpn.org/specs) 10.4.0.1 is accessible regardless of the AirVPN server port your system connects to. Try to set: nameserver 10.4.0.1as first nameserver in your /etc/resolv.conf file. Also check how that "dns-fix" works, just in case it overwrites your /etc/resolv.conf. A more elegant solution is accepting the DNS push from our servers. For that you'll need to install resolvconf package (if available for your Linux distribution): http://en.wikipedia.org/wiki/Resolvconf and add the following lines to your .ovpn configuration file(s): script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf The script update-resolv-conf is provided in most OpenVPN packages, but if you don't have it you can just create it in the /etc/openvpn directory (watch out for permissions). The content of the script is attached in the text file below. Kind regards update-resolv-conf.content.txt

Hello! Both bugs confirmed, working on it as soon as possible. Kind regards

Hello! You might apply policy routing. It's not what you asked but it's very simple and it can achieve the same purpose if you have more than one computer connected to the router. You could reject the routes push from our servers (route-nopull directive) and then build your table according to the devices you want to be tunneled. So you could avoid tunneling for a computer dedicated to run a p2p client and a Usenet client (or whatever you do not wish to be tunneled). In the following thread, check out the message starting with "I finally did it" http://serverfault.com/questions/382498/howto-only-tunnel-specific-hosts-route-through-openvpn-client-on-tomato If the above does not meet your needs, splitting traffic on an outbound ports basis will be necessary (see the subsequent message in the very same thread). Kind regards

Hello! Can you please make sure that you have the correct version (in particular, 64 bit versions will not install on 32 bit systems)? What is your Windows version? If the installer fails and you are sure it has administrator privileges, try to launch manually the OpenVPN installer (with administrator privileges, as usual). The Air client, which is an OpenVPN wrapper/GUI, does not need any installation , but OpenVPN does (at least of the TUN/TAP adapter driver). Kind regards

Thanks! ipleak.net is run by us, do you like it? Kind regards

Hello! We beg to differ, this is very well explained in the welcome e-mail, in the forum (in something like dozens of threads) and in the How-To guide. A DNS leak is a typical Windows problem (the only OS which lacks the concept of global DNS), guides to fix it abound (please browse the forum, hint: look at this very same thread...), please see our external web site http://ipleaknet.net Suggested fix is once and for all, you don't need to re-apply it over. Kind regards

Hello! Problem should have been fixed now (two vicious, hidden bugs), can you please try again? Please feel free to report. Kind regards

Hello! There may be several reasons: the service expects UDP packets, the service does not reply within the timeout, the service is forcefully bound to the physical interface etc. Can you provide additional details about the service you have issues with? Kind regards

Hello! We're very glad to inform you that a new 100 Mbit/s server located in Portugal is available: Tureis. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Tureis supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! It's not possible with JavaScript to reveal your real IP address. Please see https://airvpn.org/topic/9058-will-using-java-reveal-my-true-ip/?do=findComment&comment=9123 Kind regards

Hello! We do not block any web site. Omegle.com is accessible from our servers (just checked from NL servers), from which of our servers do you see the problem? Please see here for additional information: https://airvpn.org/forum/10-websites-support Kind regards

Hello! Inaccurate databases. Most services anyway correctly report the exit-IP of our California servers as located in California. Remember that IP geo-location databases are difficult to maintain and inaccuracy is normal. Kind regards

(Issue handled in the support ticket system)

Hello! Are TCP connections successful? If they are, please check that nothing is blocking openvpn.exe and airvpn.exe in your system. The connection is established successfully, according to the logs, but the Air client is unable to complete the checking successfully. Please try also OpenVPN GUI instead of the Air client. Also, even if the Air client remains stuck in "Checking..." do not disconnect. Instead, open a command prompt and send us the output of the following commands: ping airvpn.org ping 10.4.0.1 ping google.com Kind regards

Hello! Do you have resolvconf installed? Can you send us the content of your /etc/resolv.conf file? Kind regards

Hello! Please make sure that the service you wish to be reachable on your device is running and listening to the correct port when the test is performed. Also, test with canyouseeme may be misleading with UDP, it's better that you test your service reachability by yourself. Kind regards

Hello! We're very glad to know it, thank you! The Minecraft server can bind to a single IP address or every IP address (0.0.0.0, all adapters), not to a selection of IP addresses or adapters. It's odd that you needed to bind yours to the tun adapter IP address: we have tested it and it bound to all adapters without any configuration modification. In general binding a service to the tun adapter is a good move when you have no control over the next network node, it prevents correlation attacks and also prevents leaks in case of unexpected VPN disconnection. Unfortunately if the service can be bound to an IP but not to an interface, the process becomes uncomfortable, because you need to re-insert in the service configuration the VPN IP address (which is dynamic) each time you re-connect to a VPN server. We will soon offer a new dynamic DNS service to all Premium members. It will provide additional, relevant comforts and will let anybody wishing to reach your service to point to the same url, regardless of the Air VPN server the device running the service is connected to. Kind regards

Hello! Please consider Liberty Reserve. If you connect through a DD-WRT (or Tomato) router, the client needs to run only on the router. All the connected to the router computers will have their traffic tunneled transparently. If you run a client on Windows, all the traffic will be tunneled transparently (ONLY on that computer), no need to configure any program. Just make sure that you launch your programs AFTER the connection to an Air VPN server has been established. Kind regards AirVPN Support Team

Hello! Yes, we have two servers in California, both with a 1 Gbit/s line. You can check anytime the available servers on the real time servers monitor, which will provide you with several information (click on "Status" in the upper menu). Direct link: https://airvpn.org/status Kind regards

Hello! We have currently prepared pre-packaged solutions for Linux and Windows. A guide for Mac OS X and OpenVPN will be ready very soon (stunnel installation and direct OpenVPN usage will be necessary). If you live in a country where OpenVPN connections are disrupted (in any other case, OpenVPN over SSL is NOT recommended, essentially for performance hit - in any case in which a direct OpenVPN connection is possible, OpenVPN over SSL does not make much sense but in very exceptional circumstances) please contact us and we'll provide you with the draft guide. Kind regards

Hello! The test is fully successful. That site will always claim nonsense if you are not connected to their service or TOR. Your post might be edited (no advertisements allowed in this forum). Kind regards

Hello! If so, it looks like a different bug. We'll continue working on it with your new information. If we need to make you some questions to reproduce the bug we'll contact you, thanks in advance. Kind regards

Hello! The logs are fine. The first thing you can try is a connection to a different port: maybe Verizon performs port shaping on outbound port 443 UDP. Please test connections to 53 UDP and 80 TCP to make a performance comparison test. Kind regards

Hello! In order to let us provide a preliminary overview, can you please send us your client connection logs? Kind regards