Staff

Hello! You can use pfctl. http://www.openbsd.org/faq/pf/config.html Kind regards

Hello! Thank you for the information, we're glad to know that the problem is solved. Can you please tell us if you changed anything in your system? Kind regards

Hello! Can you please make sure that you start Transmission AFTER you have established a VPN connection? Also, can you please test with completely disabled LittleSnitch and firewall? Kind regards

Hello! Please make sure that Transmission listens to the correct port (the port number must match the remotely forwarded port number) and that this port is forwarded both for TCP and UDP (various modern p2p clients use both protocols). Kind regards

Hello! It is opinion of this admin that a pre-configured .cfgx Comodo file containing global rules meant to prevent any leak represents a security risk for our customers and would need anyway to be highly customized (too many variables seem to make impossible to cover all cases). It is also opinion of this admin that a basic knowledge of a firewall is an essential requisite for a person really interested in network security and privacy. The guides and Comodo manuals are perfectly suitable to master all the Comodo firewall free edition features. Our guide is designed precisely to be unlinked to a particular Comodo firewall version: all the rules are reported in text format and care to avoid references to specific menus, options etc. has been used in order to provide maximum flexibility. However we will discuss internally about this option. Kind regards

Hello! The ports are correctly forwarded to you by the server you're currently (at the moment of this writing) connected to. Those error messages are normal if you open ports while you're not running the services which have to listen to those ports. When you open/close a port, you don't need to disconnect and re-connect, but you have to wait some tens of seconds to allow the server to receive and apply the changes. About the UDP red token, please make sure that you have not forwarded on your router that port. If you are sure of that, then it's just a false positive which may occur with UDP. If you have still issues, please do not hesitate to contact us. Kind regards

Hello! We suggest the following solution. Please note that it will work only if you have at least two physical network interfaces in your computer. The PS3 will need to use a LAN cable, so if you have just one LAN card you can anyway connect your computer to your router via your WiFi card, if available. This solution is suitable for Windows 7 and any other Windows system supporting ICS (Internet Connection Sharing) as well. It will work also with XBox consoles and in general with any other device with similar or higher networking abilities. 1) Configure the PS3 IP networking. IP address: same subnet of your Vista system BUT not the same IP address of your router and/or Vista system Subnet Mask: this depends on your home network configuration, usually 255.255.255.0 is a safe choice, anyway if you have issues please try 255.255.0.0 Default router/Gateway: The IP address of your Vista system Primary and secondary DNS servers: IP address of your Vista system 2) Connect the PS3 to your computer via cable 3) Connect your computer to your router via WiFi 4) Connect your computer to an Air VPN server 5) In your Vista system, go to your Control Panel->Network/Internet Setup, locate the TAP-Win32 Adapter V9 card, select its "Properties" and click on tab "Sharing". Enable (tick) the option "Allow other network users to connect through this computer's Internet Connection". In the drop down list under "Home networking connection", select the PS3 connection to the Vista computer LAN interface (probably "Local Area Connection" or similar). 6) Disconnect from AirVPN, then reset the LAN card. In order to do so, the quickest way is selecting your LAN interface (probably "Local Area Connection" or similar), disable it, wait a few seconds and then re-enable it. 7) Re-connect your Vista system to AirVPN After about a minute your PS3 should use your Vista system as a "gateway" and therefore use transparently AirVPN. Kind regards

Hello! Vega problems are getting bigger instead of getting resolved. We will be working with the ISP to determine exactly the nature of the problem which is still puzzling us. If the problems will not be solved within a reasonable period of time we will replace Vega with a new server. In the meantime, it is possible that you will get same or better performance with our Phoenix (Arizona) server Arietis, can you please test it? In order to check status of our server you can browse here: https://airvpn.org/status Kind regards

Hello! Mac OS X is based on UNIX-compliant OpenBSD, which is probably the strongest feature of the OS. The recommended firewall is pf, which is one of the best packet filtering tools currently existing in the world together with iptables. There is no reason for which a Mac user should be intimidated by some of the finest software in the world, don't be afraid, as well as there is no reason for which a Mac user should be afraid of using for real his/her own system, i.e. a UNIX-like system. pf is available by default on OS 10.8 because it is pre-installed by Apple so you will not need any installation. jessez has prepared instructions and ready-to-use script which are Mac OS users friendly: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&limit=6&limitstart=36&Itemid=142#2532 Kind regards

Hello! The logs show that initially you had a packet authentication failure (method is HMAC SHA-160). The failure may be caused by various factors: - high packet loss/latency - WiFi problems (is your computer connected to your router via WiFi?) - a replay attack https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3773&Itemid=142#3784 About the last above point, if your computer is connected to your router via WiFi, can you please tell us which encryption and authentication are implemented? Please try to change server and also try to connect to TCP ports in order to make a comparison. We're looking forward to hearing from you. Kind regards

Hello! Please see step 3: set it to "Custom Policy". Correct. Unfortunately not: you should not block all incoming connections if you wish to use our remote port forwarding system. You need remote port forwarding only if you want some service (a web server, a p2p client etc.) to be reachable from the Internet behind our VPN servers. Please see also here: https://airvpn.org/faq This will define the firewall behavior on an application basis. Nothing wrong, but it will not secure your connection against leaks in case of unexpected VPN disconnection: you will have to set the global rules anyway. Please do not hesitate to contact us for any additional support. Kind regards

Hello! Maybe a corrupt archive? Can you please try to re-generate and re-download it? Kind regards

Hello! As far as we know OpenVPN can't run on a PS3. Therefore you need a gateway, like a DD-WRT router or a computer which connects to AirVPN and shares the connection with the PS3. For additional instructions about the latter case, can you please tell us the OS of the computer which might share the connection? Kind regards

Hello! Please see our previous message to determine the non-Leaseweb servers. You can obtain the IP addresses you need by contacting us through the "Contact us" form (or by using the configuration generator, menu "Member Area"->"Access without our client"), because we are reluctant to publish them in the forum. Kind regards

Hello! You can use any of your favorite torrent clients. It's not necessary. It may be a courtesy to us as it might help us receive less bogus copyright infringement notices. However PeerBlock efficiency is so low that it does not really make a significant difference. Also, please be aware that some PeerBlock blocklists are so badly written that they will block some of our servers as well. First of all, you must never use two firewalls simultaneously. They will interfere with each other with unpredictable outcomes. DNS leaks are not a concern when you do p2p. The real concern is preventing your real IP leak in case of unexpected VPN disconnection. We would recommend you to get rid of any firewall and install Comodo firewall (the free version is just fine), OR to translate the Comodo rules for your favorite firewall (please be aware that it's not possible to do that fully with the Windows firewall). With the recommended Comodo rules you will prevent not only DNS leak, but any leak. Variable latency is normal on the Internet. The best approximation you can obtain with short-time speed tests is with speedtest.air, because the test is performed internally, inside the Air server you're connected to, without relying on another server. Unfortunately we are still unable to find an Asian provider which complies with our requirements about security, privacy, peering, bandwidth and traffic. All these factors together, in addition to privacy legal frameworks, represent a hard selection which cuts out a lot of providers (privacy-hostile legal frameworks force us to discard whole countries in Asia). We are not willing to sacrifice privacy and security for better marketing. Our research anyway is ongoing. Kind regards

Hello! Please upgrade your client. You can download the latest version here: https://airvpn.org/windows (click on the "Download" button). Direct link: https://airvpn.org/repository/air_windows.zip Kind regards

Hello! Since you can reach https://airvpn.org on the same network with a different device there must be a problem on the device which can't reach it. Please make sure that the device with the problem resolves airvpn.org to 85.17.207.151. If you have modified your hosts file, please make sure that the line referring to airvpn.org is: 85.17.207.151 airvpn.org Kind regards

Hello! Please describe your problem with as many information as possible and also please send us the connection logs of your client. Kind regards

Hello! Everything appears fine... can you please perform a test? On both your Realtek PCIe GBE Family Controllers, force the following DNS: 10.4.0.1 as primary 8.8.8.8 (or anything you like) as secondary and please test a VPN connection on port 443 UDP (ping, normal browsing etc.). We're looking forward to hearing from you. Kind regards

It's a little unclear: you don't tunnel ports, you tunnel packets. Can you please elaborate? Kind regards What i mean is, what if I wanted only DNS and web traffic (port 80 and 443) over the tunnel, and everything else (like email, IM, etc) to just use my regular connection. I'm considering biting the bullet and flashing a "known working with AirVPN" dd-wrt build as well, as I would like this to be transparent on my network as a whole, but if I could get that working on just this one PC in the mean time, that would be good. I assume it can't be done with openvpn alone and I'd need some sort of firewall configuration to do the routing? Hello! Splitting the tunnel on a port basis will not necessarily allow you to split it on programs basis. Since our servers will push a routing table and redirect gateway in order to tunnel all the client device traffic, you can reject the push (using the nopull directive) and build your own NAT, gateways and routing table. Unfortunately some tools which come handy are missing in Windows: on a vanilla Windows non-server edition, you can't do masquerading, forwarding and you can't even handle multiple routing tables. So, perhaps a more viable solution is a little hack: bind the applications that you do NOT want to be tunneled to your physical network interface with a program loader and DLL injector like ForceBindIP: http://www.r1ch.net/stuff/forcebindip Although ForceBindIP is not advertised for Windows 7, at least two customers of us have reported it works successfully in Win7 (although the usage was the other way round, i.e. forcing the binding to awfully programmed videogame clients like PES2012 which refuse to bind to the TAP-Win32 interface and therefore would not connect to the game servers when the VPN connection is established). Kind regards

Hello! Your system can reach the VPN DNS, but still can't resolve airvpn.org. Do you have some firewall running? Can you please send us the output of the commands "ipconfig /all" and "route print" (feel free to delete sensitive information) while you are connected? Kind regards

Hello! You can safely define that network zone with the following IP range: [10.4.0.0 - 10.9.255.255]. Please note that this is an IP range, not an IP/NetMask. You can discern in Comodo an IP range from an IP/NetMask: the first has the "-" symbol, the latter the "/" symbol, according to CIDR notation. Please see here if you're curious: https://airvpn.org/specs About the hosts file: launch a text editor (for example NotePad) with administrator privileges. Open the hosts file and add the following line: 85.17.207.151 airvpn.org Save the file and quit the text editor. The name of the file is simply "hosts" and the path to it is (on a default Win7 installation): C:\Windows\system32\drivers\etc Please do not hesitate to contact us for any information or further support. Kind regards

Hello! AES-256-CBC encryption/decryption (the data channel cipher mode we picked for OpenVPN) of tens of Mbit/s throughput requires a CPU power which, while widely available on desktop and laptop computer since years, is still problematic for most routers CPUs. You can find more information on DD-WRT forums, most probably users and developers there will be able to give you some recommendations on high-end DD-WRT compatible routers with enough processing power to break the 8-10 Mbit/s limit. You might like to specify that the encryption method for the data channel in the OpenVPN servers you use is AES-256-CBC. The packet authentication (HMAC SHA-160bit) and the RSA auth keys (2048 bit) are not relevant for a CPU. Kind regards

Hello! Please change that line in the hosts file into: 85.17.207.151 airvpn.org We have changed IP address of the main frontend to provide a higher quality. An additional change is imminent, please follow the forum, it will be announced. Once completed, the migration will provide a much more robust infrastructure with an effective failover. Kind regards

Hello! Can you please make sure that all your network cards are enabled to accept a DNS DHCP push (i.e. you have not forced DNS fixed IP addresses)? Also, while you're connected to port 443 UDP, please open a command prompt or the PowerShell and send us the output of the commands: ping airvpn.org ping 85.17.207.151 ping 10.4.0.1 Kind regards