Staff

Hello! Please describe your problem with as many information as possible and also please send us the connection logs of your client. Kind regards

Hello! Everything appears fine... can you please perform a test? On both your Realtek PCIe GBE Family Controllers, force the following DNS: 10.4.0.1 as primary 8.8.8.8 (or anything you like) as secondary and please test a VPN connection on port 443 UDP (ping, normal browsing etc.). We're looking forward to hearing from you. Kind regards

It's a little unclear: you don't tunnel ports, you tunnel packets. Can you please elaborate? Kind regards What i mean is, what if I wanted only DNS and web traffic (port 80 and 443) over the tunnel, and everything else (like email, IM, etc) to just use my regular connection. I'm considering biting the bullet and flashing a "known working with AirVPN" dd-wrt build as well, as I would like this to be transparent on my network as a whole, but if I could get that working on just this one PC in the mean time, that would be good. I assume it can't be done with openvpn alone and I'd need some sort of firewall configuration to do the routing? Hello! Splitting the tunnel on a port basis will not necessarily allow you to split it on programs basis. Since our servers will push a routing table and redirect gateway in order to tunnel all the client device traffic, you can reject the push (using the nopull directive) and build your own NAT, gateways and routing table. Unfortunately some tools which come handy are missing in Windows: on a vanilla Windows non-server edition, you can't do masquerading, forwarding and you can't even handle multiple routing tables. So, perhaps a more viable solution is a little hack: bind the applications that you do NOT want to be tunneled to your physical network interface with a program loader and DLL injector like ForceBindIP: http://www.r1ch.net/stuff/forcebindip Although ForceBindIP is not advertised for Windows 7, at least two customers of us have reported it works successfully in Win7 (although the usage was the other way round, i.e. forcing the binding to awfully programmed videogame clients like PES2012 which refuse to bind to the TAP-Win32 interface and therefore would not connect to the game servers when the VPN connection is established). Kind regards

Hello! Your system can reach the VPN DNS, but still can't resolve airvpn.org. Do you have some firewall running? Can you please send us the output of the commands "ipconfig /all" and "route print" (feel free to delete sensitive information) while you are connected? Kind regards

Hello! You can safely define that network zone with the following IP range: [10.4.0.0 - 10.9.255.255]. Please note that this is an IP range, not an IP/NetMask. You can discern in Comodo an IP range from an IP/NetMask: the first has the "-" symbol, the latter the "/" symbol, according to CIDR notation. Please see here if you're curious: https://airvpn.org/specs About the hosts file: launch a text editor (for example NotePad) with administrator privileges. Open the hosts file and add the following line: 85.17.207.151 airvpn.org Save the file and quit the text editor. The name of the file is simply "hosts" and the path to it is (on a default Win7 installation): C:\Windows\system32\drivers\etc Please do not hesitate to contact us for any information or further support. Kind regards

Hello! AES-256-CBC encryption/decryption (the data channel cipher mode we picked for OpenVPN) of tens of Mbit/s throughput requires a CPU power which, while widely available on desktop and laptop computer since years, is still problematic for most routers CPUs. You can find more information on DD-WRT forums, most probably users and developers there will be able to give you some recommendations on high-end DD-WRT compatible routers with enough processing power to break the 8-10 Mbit/s limit. You might like to specify that the encryption method for the data channel in the OpenVPN servers you use is AES-256-CBC. The packet authentication (HMAC SHA-160bit) and the RSA auth keys (2048 bit) are not relevant for a CPU. Kind regards

Hello! Please change that line in the hosts file into: 85.17.207.151 airvpn.org We have changed IP address of the main frontend to provide a higher quality. An additional change is imminent, please follow the forum, it will be announced. Once completed, the migration will provide a much more robust infrastructure with an effective failover. Kind regards

Hello! Can you please make sure that all your network cards are enabled to accept a DNS DHCP push (i.e. you have not forced DNS fixed IP addresses)? Also, while you're connected to port 443 UDP, please open a command prompt or the PowerShell and send us the output of the commands: ping airvpn.org ping 85.17.207.151 ping 10.4.0.1 Kind regards

Hello! Good to know, thank you. However the version you're running is not reported by us as fully working and the logs you sent us seem to confirm that. It's a little unclear: you don't tunnel ports, you tunnel packets. Can you please elaborate? Kind regards

Hello! It appears correct, your router can't probably handle more than 10 Mbit/s throughput. As you can see from your Windows connection (32 Mbit/s) the "bottleneck" is not on our side or your ISP side, but on the router. You should check whether you have a stable VPN connection. If you have it, you can safely ignore the final part of those logs. You can use the DNS servers you prefer, however for optimal privacy protection you should either tunnel your DNS queries or use the Air DNS server. Kind regards

Hello! Why do you say that the problem is due to DNS servers? Can you please elaborate? Also, are the below quoted disconnections caused by your intervention or do they happen on their own? We're looking forward to hearing from you. Kind regards

@PsychoWolf Hello! It definitely looks like a firmware OpenVPN known bug. Probably a re-flash with a different firmware is necessary. Please see here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=4684&Itemid=142#4687 and here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=4684&Itemid=142#4690 for Linksys E2000 and E3000 DD-WRT firmware versions that are reported as fully functional. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Switzerland is available: Virginis. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80 and 443 UDP and TCP. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins

Hello! Can you please send us the connection logs? Kind regards

Hello! You might like to start from here: http://en.wikipedia.org/wiki/Vpn AirVPN is based on OpenVPN: http://en.wikipedia.org/wiki/Openvpn http://openvpn.net/index.php/open-source/335-why-openvpn.html Kind regards

Hello! Thank you for the great job. Don't worry, messages are not lost, they just need to be approved by a moderator before they show up. Kind regards

Hello! Remember that you can have a full refund within 3 days since you subscribed. That said, have you tried different ports? Several ISPs cap bandwidth on some UDP ports. Also, can you please send us your client logs? You can see normal bandwidth which most clients with high bw lines are able to use on our servers in the "Top 10 Users Speed" in our monitor https://airvpn.org/status Kind regards

Any Swiss replacement servers planned? Hello! Yes, we should be able to provide more connectivity in Switzerland during the next week. Kind regards

Hello! Setting up Comodo rules requires a basic knowledge of Comodo firewall. This simple guide will let you use the firewall at its best: http://personalfirewall.comodo.com/Comodo_Internet_Security_User_Guide.pdf You can concentrate on the firewall section, skipping all the other parts. Kind regards

Hello! Due to repeated copyright alleged infringement notices (three in one month ) we have no choice but to dismiss Aquarii (the ISP will shut it down anyway). Please disconnect from Aquarii as soon as possible. Kind regards

Hello! TPB is now accessible from Vega. Kind regards

Hello! Using PeerBlock is surely a courtesy toward us, because it may slightly help us receive less bogus copyright infringement notices. However, the PeerBlock protection against them is so small, that you can safely renounce to it. If you wish to use PeerBlock anyway, you will have to remove from the blocklist you're using the LeaseWeb entry and exit-IP addresses of our servers with LeaseWeb: - all the NL servers - Tauri in Germany - Librae and Sirius in the USA or you'll have to use a non-LeaseWeb server. The solution to allow our servers entry and exit-IP addresses is the safest one. Kind regards

Hello! Unknown. Possible explanations: - momentary congestion/packet loss/high latency between your and our ISPs - bad WiFi connection (to rule out if you are cable-connected to your router) - crash/misbehavior of some network card driver (including the TUN/TAP adapter) - misbehavior/crash of your router - a replay attack (https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3773&Itemid=142#3784) If it occurs again please notify us and at the same time try a connection to the same server but on a TCP port, and also to UDP ports of different servers. Kind regards

Hello! We haven't tested the program you cite. Generally speaking, the problems with this approach are: - the time between disconnection detection and program forced kill might allow anyway a leak; about this, you should test carefully the program in order to determine whether it's the case or not - a forced program kill may potentially cause lost or corrupted data, so please be aware of that - contrarily to firewall rules, this approach might not protect you against correlation attacks Kind regards

Hello! Can you please tell us, at your convenience, how the "Authenticate/Decrypt packet error: bad packet ID" problem was solved on your system? Did it disappear by itself or did you do something? Kind regards