Staff

Hello! Thanks for your subscription. You need to remotely forward 5 ports (menu "Member Area"->"Forwarded ports"), all of them both TCP and UDP. Remap the first port to local port 80, the 2nd to local port 3074, the 3rd to local port 88 etc. You don't need the access the housing router. Kind regards

Hello! Probably 1.0.3 is the OpenVPN GUI version. Latest client version is currently 1.8, latest OpenVPN version is currently 2.3.0. Can you please send us the logs of the Air client just after the problem occurs? Kind regards

Hello! OpenVPN Data Channel uses AES-256-CBC cipher. RSA keys are 2048 bit long. Packet authentication is performed through HMAC SHA 160 bit. TLS keys are renegotiated every 60 minutes with overlapping windows. During SSL/TLS rekeying, there is a transition-window parameter that permits overlap between old and new key usage, so there is no time pressure or latency bottleneck during SSL/TLS renegotiations. Client/server authentication is performed through double certificate and key. Cryptocat encrypts your chat end-to-end and it does not hide your IP address. As you say a VPN is a totally different service, encrypting everything from/to the server to/from the client. Out of this tunnel data are decrypted (of course) but your real IP address is no more in the packets. Nothing prevents you to use additional end-to-end encryption layers in addition to the VPN, especially if you need to protect your data while they transit out of the tunnel. Kind regards

Hello! It works even for virtual interfaces like the tun/tap adapter. Kind regards

Hello! Yes, of course, this is one of the most basic features of the service. Kind regards

Hello! What Air client version and OpenVPN version are you running? Kind regards

Hello! For your router, please see here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=6525&Itemid=142#6612 The cited firmware has been reported as fully working with our service by different persons. Kind regards

Hello! If you run the Air client, please right-click on its dock icon, select "Logs", click "Copy to clipboard" and paste here. Please take the logs after some minutes your computer is connected to a VPN server. Kind regards

Hello! Your mail was not received. Can you please send us your client connection logs and information about your OS? Kind regards

Hello! The socks proxy can be external as well, for example on a server with a public IP address, or on another device in the LAN. OpenVPN needs to communicate with such a node outside the tunnel, needing therefore to reach the proxy server (in your case 127.0.0.1) through the default gateway (in this case 10.1.1.1). Actually, since 127.0.0.1 is the localhost, that route is superfluous (but in no way harmful) in this particular case, OpenVPN just include it without discerning peculiar cases. We have tried to replicate the behavior on yet another Linux box without success, eveything works swiftly. IF it's the bug that was mentioned in a previous post in this thread, it might be related to your box. Unfortunately we have currently no CentOS 6.2 available, we will investigate further. In the meantime you might like to post in CentOS and OpenVPN community support forums. Kind regards

@airbreathe Hello! Apparently you edited the OpenVPN configuration file with the directive "remote 127.0.0.1". However, in order to allow OpenVPN to connect over a socks proxy, you must specify it through the "socks-proxy" directive. The "remote" directive must always point to the entry-IP of the VPN server you wish to connect to (over the proxy) otherwise OpenVPN has no way to set the correct routing table. Compare your configuration file with the configuration files generated by our configuration generator with the proxy option enabled. If you did so, is there any particular reason for which you needed this solution? If it is mandatory for you to keep this setup, probably adding a route manually could solve. Otherwise you should revert to the "canonical" OpenVPN setup to connect over a proxy. We're looking forward to hearing from you. Kind regards

Hello! Any chance that you can try OpenVPN 2.3.0? Kind regards

@airbreathe Hello! It might be an OpenVPN 2.2.x bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657964 See also these messages: http://readlist.com/lists/lists.sourceforge.net/openvpn-users/2/12784.html http://readlist.com/lists/lists.sourceforge.net/openvpn-users/2/12785.html However, we are currently unable to reproduce the behavior with OpenVPN 2.2.1 on Debian 6 and Debian 7 64 bit. Which OpenVPN version are you running? Kind regards

Hello! Thank you for your subscription! Unfortunately it seems an undocumented bug. What is your Mac OS X version? Is it possible to catch the logs before the crash? Kind regards

Hello! What is your router model? Also, please evaluate Tomato, now that you need anyway to re-flash a new firmware. If you just need an OpenVPN client on the router, by our and our customers' experience we can say that Tomato is more friendly. Also, several DD-WRT firmwares have a fatal OpenVPN implementation bug. But DD-WRT has some attractive features for the advanced user, so evaluate your needs before picking Tomato instead of DD-WRT. Kind regards

Hello! Some options for Windows: http://superuser.com/questions/106078/per-process-network-activity-monitor More options for Windows: https://duckduckgo.com/?q=windows+display+"network"+activity+"per-process" Kind regards

Hello! We're sorry, we have some issues in understanding,can you please elaborate? Kind regards

sorry' date=' MB/s[/quote'] Hello! Well, 10 MB/s == 80 Mbit/s looks like a GREAT performance. Why aren't you satisfied with it? What is your nominal peak download and upload bw according to your ISP? Kind regards

Hello! What do you mean with "meg"? MB/s or Mbit/s? Kind regards

Hello! It is a consequence of a bug in the OpenVPN GUI installer. Try to launch OpenVPN GUI with administrator privileges, it should be able to create the key. Anyway with our client for Windows you could just ignore OpenVPN GUI. You can't launch the Air client and OpenVPN, or the Air client and OpenVPN GUI, at the same time. Make sure that OpenVPN and OpenVPN GUI are NOT running when you launch the Air client. Kind regards

Hello! Thank you for your concern. You can use p2p in any server you like. Just as a courtesy to us, absolutely not as an obligation, you can avoid Germany and USA servers, where we receive some alleged copyright infringement notices (most of them bogus, anyway, and all of them lacking any proof). Kind regards

Hello! This admin has verified that the support team had sent a proper answer to you, we're sorry that you did not receive it (maybe you can check your inbox spam folder?). Anyway, the answer is quick: no, you don't need to modify any System Setting. If your real IP is detected, please send us your Tunnelblick logs (just after you have established a connection) at your earliest convenience, they may be very useful for troubleshooting. A general advice: please keep in mind that Tunnelblick 3.2.8 is NOT compatible with Mountain Lion (Mac OS X 10.8.x) so if it's your case you need to upgrade to Tunnelblick 3.3beta21b. Kind regards

Hello! Nice idea, it will be implemented for sure, thank you! Kind regards

Hello! Today we're very glad to introduce native support for OpenVPN over SSL and OpenVPN over SSH, and a completely re-designed configuration generator which includes exciting, additional AirVPN services and features. Our service becomes more censorship resistant and easier to use with a wide range of OpenVPN GUIs and wrappers. NEW SERVICES: OPENVPN OVER SSL - OPENVPN OVER SSH OpenVPN over SSL and OpenVPN over SSH will allow you to bypass OpenVPN connections disruption. Known ISP countries where the disruption takes place are China, Iran, Syria, Egypt. The connection disruption is possible because OpenVPN connections have a typical fingerprint which lets Deep Packet Inspection to discern them from pure SSL/TLS connections. Connecting OpenVPN over SSL or OpenVPN over SSH will make your connection undiscernable from pure SSL or SSH connections, rendering DPI fingerprint identification powerless. OpenVPN over SSL/SSH is included in every Premium subscription without any additional payment. Use OpenVPN over SSL/SSH only when necessary: a slight performance hit is the price to pay. The performance hit is kept as low as possible because the "double-tunneling" is performed directly on our servers without additional hops. NEW FEATURES A new system for host resolution (not available for Windows) and dynamic VPN server choice is available. This will let you have OpenVPN configuration files which will try connections to various servers (according to your preferences) if one or more servers are unavailable. A new connection port (2018) is now available on all Air VPN servers. A new, alternative entry-IP address is now available on all Air VPN servers. NEW CONFIGURATION GENERATOR FEATURES - You can now select servers by countries, continents and planets (currently only one planet) or any combination between single servers and countries. - You can now select an alternative entry-IP address. Each Air server has now an additional entry-IP address to help you bypass IP blocking. - You can now choose a wide variety of compressing options: zip, 7zip, tar, tar & gzip, tar & bzip2. - You can now choose not to compress the files and download them uncompressed one by one NEW CONFIGURATION GENERATOR "ADVANCED MODE" FEATURES - Total connection ports range available, including new port 2018 in addition to 53, 80, 443 and (for SSH) 22. - Option to generate non-embedded configuration files, mandatory if you use network-manager as OpenVPN wrapper under Linux or just in case you use any wrapper that does not support embedded with certificates and keys OpenVPN configurations. - Option to generate files and scripts for OpenVPN over SSL/SSH connections by clicking on "Advanced Mode" - Option to select "Windows" or "Linux and others". Make sure you select the correct option according to your OS, because connections over SSL/SSH in Windows require different files than those required for Linux, *BSD and Unix-like / POSIX compliant systems such as Mac OSX. - New options to generate configuration files that support proxy authentication for OpenVPN over a proxy connections, particularly useful if you're behind a corporate or college proxy which requires authentication Instruction page for OpenVPN over SSL: https://airvpn.org/ssl Instruction page for OpenVPN over SSH: https://airvpn.org/ssh Please do not hesitate to contact us for any additional information. Kind regards & Datalove AirVPN admins

I read the info on the linked page but I am still not quite sure what the answer to the above question was and it is really very relevant to me personally. Please clarify in simple terms. Thanks. Hello! With Facebook and some other social network and with Google services, mixing identities can open the road to potential identity correlations even to third-party services which use Facebook integration/authentication. About your bank, the risk should be zero. Anyway it seems useless to use a VPN to access home banking in order to have an anonymity layer, because the bank surely knows your identity regardless of your IP address. Using a VPN to access home banking may be useful in some rare circumstances, where your connection might be hijacked to make you believe you are accessing your bank while in reality you are not (to steal your login credentials, for example). However, if the hijacking comes from inside your system (malware which modifies your hosts file, spyware like keyloggers) a VPN is powerless (keep in mind the golden rule: a VPN does not protect you against virus, spyware and malware in general). Kind regards