Staff

Hello! A DNS leak is not normal. Support meant that if you see Google DNS in the dnsleaktest you're not seeing a leak, you're seeing the DNS eventually queried by our servers. Kind regards

Hello! Account "indigo35" appears to be connected and successfully exchanging data since some hours to some server. Is it all right now? Kind regards

Hello! Thank you. Yes, same datacenter. Kind regards

Hello! Wait, this admin apologizes for any misunderstanding: the entrance and exit IP addresses are different, not necessarily the physical machine. Multi-hopping with servers belonging to the same entity does not really add any significant security (if you can't afford to trust the VPN operators) so if you need multi-hopping we recommend Air over TOR or VPN over VPN etc. Sorry if there was any misunderstanding on that. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in the USA (Portland, Oregon) is available: Octantis. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80 and 443 UDP and TCP. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins

No, it does not. Hello! Just some additional notes on your good considerations. You have to take into account that the client host connects to an IP address (entry-IP) which is not the Air exit node IP address. Additionally, if the torrent client had the intention to send out the IP address of the card it's bound, it would send out the VPN IP. It is assumed that the torrent client is not connecting over any proxy and is not forced (for example with ForceBindIP or similar code injectors) to bind to the physical network card of the client host, which would result in tunnel (routing table/gateway) bypassing. Not very alarming, as you already said. To make it even less alarming, consider also that, in this case, an entity like that would see exit-IP and port of the Air exit node, not the IP the OpenVPN client of the customer is connecting to in order to establish the connection to one of our servers (in all the Air servers, the connecting IP does not match the exit-IP). However, a more sinister scenario is possible, but only if the customer had the same port both remotely forwarded AND open on its router. In that case an entity with the ability to monitor the customer line can send packets both to the real IP address and to the exit-IP address of the VPN (toward the same port) to establish a sure correlation between the p2p activity detected on the VPN exit-node and on the customer host running the p2p client with a relatively low error margin (probably not valid as a legal proof anyway). For this reason we recommend not to open the same remotely forwarded ports on the routers' customers. Kind regards

Hello! We're very glad to inform you that a new 100 Mbit/s server located in Singapore is available: Columbae. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80 and 443 UDP and TCP. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins

Hello! We're very glad to inform you that a new 100 Mbit/s server located in Singapore is available: Puppis. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80 and 443 UDP and TCP. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins

Hello! If you are 100% sure that nothing in your system is blocking Tunnelblick / OpenVPN, then the first option to be considered is that your ISP is blocking outbound port 443 UDP. Please try to change connection ports. Try 443 TCP, 80 UDP and 80 TCP. Please feel free to let us know if the above solves your problem. Kind regards

Hello! Correct, there has been a major issue with the Bootis and Cassiopeia datacenter: it has had lines (or routing, we don't know for sure) issues for a couple of hours. The problem was not on our side, we updated the servers monitor to inform about the issue (feel free to check anytime when you have issues). The problem has been fixed, but we have received no info from the provider. Kind regards

Hello! No, it does not. Make sure NOT to forward on your router the same ports that you remotely forwarded, this would not expose your IP but may expose you to correlation attacks from an adversary with the ability to monitor your line. Kind regards

Hello and thank you! We should be able to provide some more information on the anti geo-IP discrimination system soon. Kind regards

Hello! Yes, here it is: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142 Kind regards

Hello! The "Expert Mode" displays log lines below the "Connecting..." string and shows the VPN IP (10.*.*.*) during the connection, nothing else currently. Kind regards

Hello! Yes, that's just fine. After internal resolutions (for internal services and against ICE censorship) our servers resolve names through Google DNS. Your client has correctly accepted the DNS push of our server. See also here: https://airvpn.org/specs Kind regards

Hello! An Air client version for Windows 8 is ready. The following is bundled with OpenVPN 2.3_rc1 for 64 bit systems: https://airvpn.org/repository/air_windows8_x86_64.zip The following is bundled with OpenVPN 2.3_rc1 for i686: https://airvpn.org/repository/air_windows8_i686.zip The Air client has been recompiled with .NET framework 4, so it will start immediately on a default Windows 8 installation. Please feel free to let us know if the above solves your problems. Kind regards

Hello! "Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis". https://www.torproject.org While a VPN outperforms TOR in terms of bandwidth and latency, and allows all protocols (while TOR can't support UDP and is not suitable for p2p) TOR is anyway an important tool to increase your privacy and strengthen your anonymity layer. In critical situation, when a person can't afford to trust the VPN operators (to make an extreme example, when his/her life is at stake if his/her identity is disclosed and related to the information he/she imparts and/or receive), TOR can be used to perform what we call "partition of trust", so that betrayal of trust by one party does not destroy the anonymity layer. Some considerations on partition of trust and how to increase the strength of the anonymity layer if a person lives in a human rights hostile regime: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745 How to connect over AirVPN over TOR: https://airvpn.org/tor In order to connect, on the contrary, over TOR over AirVPN, just connect to an Air server first, then use TOR. Considerations about different approaches on partition of trust: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=5821&Itemid=142#5822 Of course if you don't find yourself in such critical environments you probably don't need any of the above, just connect to Air "normally". Kind regards

This is what I would like to do. Can TOR browser be made to work in this way? Hello! Thank you. Well, yes, for example the Aurora (a customized Firefox) browser in the TOR browser bundle can be configured to use no proxy, and you still have all the protections configured by the TOR Project Team (no scripts allowed, no Flash, https anywhere possible...). Just like with Firefox, in order to set how Aurora must connect to the Internet, go to "Options"->"Advanced"->"Network" tab. Then click on the "Settings" button near "Configure how Aurora connects to the Internet", finally select "No proxy". Kind regards

Hello! Your connection is "AirVPN over TOR". In this case, if you use a browser NOT configured to connect over a proxy: - our servers can't see your real IP address, but can see your traffic - TOR nodes can't see your traffic, which is encrypted by OpenVPN - you are "visible" on the Internet with the Air server exit-IP address With the same setup, if you run a browser configured to connect over the same TOR proxy used by OpenVPN: - you will be using TOR only - your traffic will not pass through our servers - you will be visible on the Internet with the TOR exit-node IP address of the established circuit - you are not protected against TOR malicious exit-nodes So, if your purpose is getting protected from malicious TOR exit-nodes and hide to our servers your real IP address, you should connect over OpenVPN over TOR, as you have already done, and then use a browser not configured to connect over a proxy. If your purpose is hiding your traffic to our servers, then just connect to an Air server normally, and then use the TOR browser. If your purpose is hiding your traffic AND your IP address to our servers, but trusting TOR exit-nodes, you can connect over TOR over AirVPN over TOR. In order to do that, the simplest way is through a Virtual Machine. In the host you just connect over OpenVPN over TOR as you do now. In the guest OS you connect over TOR. Kind regards

Hello! Please check your account (menu "Member Area"->"Your Details"). Kind regards

Hello! The application rule for uTorrent looks ok and the AirVPN Network Zone is correctly defined. Maybe uTorrent is using a proxy? Please also check that Comodo Firewall security is set to "Custom Policy". As a side note, please check your Loopback Zone definition (it is wrong), it must be IP/Netmask [127.0.0.0/255.0.0.0] or equivalently IP range [127.0.0.0 - 127.255.255.255] Kind regards

Hello! You're right, if you need contiguous ports the system is annoying. We planned to modify this system actually (for example with the addition of a "map" of free ports) and we'll work on it soon. EDIT: option was added. In the meantime please contact us and we'll give you a free consecutive 20 ports range. We'll have to provide the option to use the same forwarded ports to different accounts and direct those accounts to different exit-IP addresses or invent some other trick. Actually, it is a problem which we would be glad to face, it would mean that Air is used by very many people. Kind regards

Hello! The problem was solved some hours ago, anyway your account was one of those not affected by the issue. Your account is connected and exchanging data successfully with some Air server since 15-16 hours ago approximately. Kind regards

Hello! tun0 IP will be DHCP-assigned by our servers, unless you reject the push with nopull. https://airvpn.org/specs Yes, it makes sense, and if you notice no leaks you're just fine. The "no connection found" is probably correct (it should occur until your OpenVPN client receives the push from the server). Of course you're right, a remotely forwarded port for a p2p client must not be remapped to a different local port, as specified in our FAQ, otherwise the client won't be reached from the Internet (p2p is of course possible but with no incoming connections). This is a particular case for which a port remap is not desirable with our cone-NAT. Kind regards

Hello! It appears that your account has no problems at all. Can you confirm? Kind regards