Not connected, Your IP: 18.191.216.163
Online: 21971 users - 236261 Mbit/s total BW
.png.f3c947a2e9e68659251859004ed11f01.png){kind=avatar}
Staff
-
Content Count
10594 -
Joined
... -
Last visited
... -
Days Won
1760
Posts posted by Staff
-
-
All my assigned ports are closed on the Tauri server. When I connect to ANY other server, the correct ports are open. I would prefer to use the Tauri server because it gives me the best connectivity. Any chance you can resolve this issue?
Hello!
We just checked that the correct ports are forwarded to your account current VPN IP address on Tauri. Can you please double check?
Kind regards
-
Hello!
BurstNet USA (with which we operate Pegasi) informed us through a support technician (!) that due to alleged copyright infringements (3 notices in one week, one of them a duplicate of another, without any legal proof), that we have a "last chance" (sic) to stop infringements.
BurstNet USA just takes for granted copyright trolls claims without taking into consideration its own paying customers counterclaims, which are granted by USA Digital Millennium Copyright Act.
BurstNet USA has no interest in checking whether an alleged infringement is real or not, showing an unacceptable disrespect toward its customers, toward DMCA safe harbors and above all showing a total lack of interest in ascertaining facts and truth.
BurstNet USA makes false and defamatory claims insinuating that we host copyrighted materials on our servers, while as you know not only we don't host copyrighted contents on our server, but we don't host anything at all. It would be so easy for BurstNet USA to ascertain that we don't host anything at all on our servers, but they prefer to try to pathetically intimidate their paying customers than to spend a few minutes to check the truth and consider the claims of the paying customers who make their business possible.
We are therefore considering to cancel Pegasi server with them. Also, we will surely cancel the plans of adding various 1 Gbit/s servers with them in their 2 USA datacenters, and we recommend that you switch to another server as soon as possible.
We don't need them, you don't need them and above all the open Internet does not need this kind of providers.
Kind regards
-
I'm a paying member, but having trouble connecting.
I have installed Tunnelblick (on OS X), but get the message below when I try to connect. What is going wrong? If you have any ideas, try to explain them to me as if I'm a 5 year old.
Hello!
Instructions for Mac OS X are available here:
Do you run or have you run in the past any other VPN client in your Mac?
If so, please check here:
Kind regards
-
I am having very similar problems, was there any particular solution?
Sep 22 21:12:08 mcoghlan-XPS-M1330 nm-openvpn[3011]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Hello!
Air uses a double certificate verification method. Please make sure that you have set "ns-cert-type server". Additionally, you can launch OpenVPN directly in order to bypass all the problems with network-manager:
Kind regards
-
Thanks for checking. I rechecked my settings, the ports are correct (and i assigned them correctly in emule). Unfortunately emule still cannot communicate over them, i keep getting a low id.
I use comodo firewall and setup a rule for emule (see above). Do i have to specify rules for the ports in comodo and if yes, how?
Thanks for your help (on a sunday!)
Hello!
Can you please post the exact rule for eMule? Probably the problem is in it.
Kind regards
-
Hello
I am online and my services are listening on my remotely forwarded ports.
Regards
Hello!
Thank you. We have been able to check successfully that the ports you remotely forwarded are actually properly forwarded to you while you are connected.
Therefore you should now check that the incoming packets can reach your service. Make sure that:
- your service listens to the correct port(s) and take care that you have not mismatched UDP and TCP ports
- your service is not blocked by any firewall
We are not reporting here your ports for privacy and security reasons, anyway be aware that: port 10... is UDP forwarded; port 12... is TCP forwarded ; port 22... is forwarded both TCP & UDP.
Kind regards
-
Can you tell me how would I check the iptables rules? Couldn't really understand from google searches.
Yes, same symptoms.
Hello!
The commands to insert the proper rules (assuming that your router has tun0 and br0 interfaces) are:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
If you use the router DD-WRT web interface you can insert them in the appropriate section (see https://airvpn.org/ddwrt for instructions), otherwise you can insert those commands in one of your scripts.
Kind regards
-
Hi - I checked the Tunnelblick link.
The webpage will not load either by using the name or the numerical IP address. I tried on both ibm.com and google.com. So maybe not DNS.
I had a look through the Tunnelblick discussion group but could not find a cure.
I double checked and indeed Pegasi is working just fine for me (in fact I am connected as I write this) but other servers are not working for me.
Right now my DNS settings show the following: DNS Servers 10.4.0.1 (no other servers showing). Search domains openvpn.
Hello!
Yes, we can rule out a DNS problem.
Please try at your convenience to upgrade to Tunnelblick 3.3beta21a:
http://code.google.com/p/tunnelblick/wiki/DownloadsEntry?tm=2
or, for testing purposes and comparison with Tunnelblick on the non-working servers, try Viscosity:
http://www.sparklabs.com/viscosity/
Kind regards
-
Thanks for your response.
I also have a Netgear WNDR4000 router that does the same.
I guess it's a firmware issue for that as well?
Hello!
Same symptoms (connect/disconnect cycle)?
Can you please double-check your iptables rules?
Also, you might consider to flash OpenWrt, if there's compatibility with any of your routers.
Kind regards
-
Hello!
As you already noted, the DNS push appears correct. Also, the routing table is correct.
The odd thing is that you have problems with all the servers except Pegasi, but all the servers have the very same configuration and same OpenVPN server version, scripts etc.
Can you please check the following:
In particular, check your Mac DNS settings in "System Preferences".
Kind regards
-
Thanks for the reply. Unfortunately, I can't get much help from LnS support because they're MIA. The firewall seems like ity's not supported anymore, which is a shame. But it's the best, and really the only, rule-based firewall out there that doesn't have a HIPS or antivirus scanner, etc., so I'm keeping it.
Hello!
HIPS and Antivirus are optional in Comodo. Our guide refers to Comodo Firewall, Antivirus and HIPS are not required. However Windows users may greatly benefit from the additional protection provided by Defense+ against very many threats.
In order to disable permanently Comodo HIPS, set Defense+ to "Disabled".
In order to disable permanently Comodo Antivirus, just install Comodo Firewall (i.e. do not install the package Firewall+Antivirus), or set "Antivirus" to "Disabled".
I've gone through the Comodo thread as best I can and created some rules that will help. From top to bottom:
1. VPN Allow - Allow TCP/UDP in/out from my nic MAC and routed IP to any MAC on TCP/UPD port 443
For other readers who like the same approach: change the destination port, or add rules, in case you connect to ports 53 or 80. EDIT: please note that this approach is deprecated by us.
5. VPN DHCP - Allow all in/out from any IP port 67 to any MAC to IP equal to 255.255.255.255 any port.
You might need to add port 68 too.
6. VPN Block - Block TCP/UDP in/out from any MAC IP Range not in 10.4.0.0 - 10.9.255.255 to any MAC different then my adapter MAC, and IP any port. The rule is activated when utorrent.exe is active
That about sums up the ruleset. I'm not looking at it to block DNS leaks, just to block connections from utorrent.exe should the VPN drop.
If it's a global rule, the above rule also prevents DNS leaks (and any other leak, except those toward port 443 from your physical interface) by blocking everything outside the tunnel, including svchost.exe DNS queries leaks. Therefore, after you're connected to the VPN you can activate it even though utorrent is not running.
Please be aware that this rule must be inactive in order to allow DNS resolution when you don't want to be connected to the VPN etc.
EDIT: finally please be aware that this approach will not prevent leaks toward port 443 (or 80 or 53).
Kind regards
-
Same here. It seems to be connected for about 30 45 seconds and then disconnects then reconnects.
2012-09-23 07:15:04 *Tunnelblick: OS X 10.8.2; Tunnelblick 3.2.8 (build 2891.3099)
Hello!
Tunnelblick 3.2.8 is not fully compatible with Mac OSX 10.8.x. Please install the correct version, see here:
http://code.google.com/p/tunnelblick/wiki/DownloadsEntry?tm=2
Kind regards
-
My VPN keeps dropping out cant supply logs can you please investigate.
Hello!
After your message it appears that your connection is stable. Can you confirm that the problem is solved? If the problem occurs again, it's likely that it's a momentary problem due to some factor such as routing, Internet congestion, peering, so you might try a connection to a TCP port on different servers in order to mitigate it.
Kind regards
-
@ergolon
Hello!
It was assumed that your client was running in a *BSD machine (OpenBSD, FreeBSD, Mac OSX...) with pf. If you connect through your DD-WRT router, then you must not set the firewall rules specified by the tutorial by jessez on your *BSD device. In order to secure your connection you will have to use iptables on the DD-WRT.
It's definitely correct that your forward ports in your home network. The warning pertains to forwarding ports in the router physical network interface which communicates with the "outside", which would be dangerous.
Kind regards
-
Hello!
It appears that there's absolutely nothing wrong in your configuration, so it's still likely that it's a firmware problem. In the specialized forums, we have seen tons of E2500 users reporting your very same, exact problem ("connection reset" without explanation), but no solution. So this is not a true support answer, sorry, but we'll keep investigating and keep you updated. Also, feel free to keep the thread "up".
Kind regards
-
Hello!
Can you please send us the Tunnelblick logs? It might still be a DNS problem.
A side note: Polaris is no more, it was dismissed more than a year, maybe almost two years, ago (replaced with more powerful hardware)!
Kind regards
-
Ok. Is this better. I've added a few lines that are supposed to get it to auto-reconnect after my system wakes up.
Hello!
It looks just fine!
Kind regards
-
I find it odd that I always get the same exit IP address when connecting to Castor (haven't checked the other servers). I expected different addresses.
What am I missing here?
Thanks.
Hello!
It's correct, each server has one, shared exit-IP address.
Kind regards
-
Thanks..
i want to clarify...
if im calling from skype prepaid calls to a regular phone over vpn, the ip cannot be traced but the conversation can be discovered?
Hello!
That's correct. Skype retains any and each encryption key, so Skype can decrypt your communications whenever it wishes or whenever it is asked to do so by a proper authority.
second, what about different Voip program? are there any recommend and secure one?
This will require a little investigation by you. You might like to start from here:
http://en.wikipedia.org/wiki/Voip#Securing_VoIP
Kind regards
-
Hi there,
refering to https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&limit=6&limitstart=36&Itemid=142#2532, how do I enable portforwarding to my machine in pf.conf?
Probably this has already been answered, but I just couldn´t find it via search...
Thanks for your help!
ergolon
Hello!
You don't need any "allow" rule on pf (as long as there are no blocking rules for ports on your tun interface): all the traffic is tunneled to/from a single port so all the packets will be properly forwarded to the correct application without need of pf policy. Just make sure that you have remotely forwarded the port(s) you wish on our system.
Kind regards
-
I think that's not hilarious, because I should be able to try the service before bying, or don't??? Ok I'll choose an other vpn provider
Hello!
In order to test the service you must apply for a free trial AND activate your account with your free trial coupon code. We don't provide free trials with a registration on a website. However, we do provide permanent free access to activists in human rights hostile countries who can't afford to pay.
Kind regards
-
After creating a new account, I started the cliend and logged in, but a message says that my account is not active. I have read the others topics, but for me the problem is not solved. Anyway, I'm running Windows 7 with Comodo Firewall, I don't know if this could be a firewall problem, I allowed the client to connect.
Hello!
It is not a mistake, your account is correctly not active and not authorized to access VPN servers. Please subscribe to a plan in order to activate your account.
Kind regards
-
I still can't seem to get the attachments to work but I see that my first response never made it. Here it is again.
---
I tried the suggestion to change the direction to "out" as seen in my "try2" screen cap.
It still has the same problem.
Just to see what it would do, I set the rule for IE to "ask" instead of "block". "ask.jpg" enclosed popped up. I've included it not knowing if it helps at all.
Hello!
It was understood that you were talking about a different application pertaining to VoIP.
Realizing that I should probably create another thread for this, what is this actually doing? Let's imagine that I'm using a torrent client that has the same rule mentioned earlier with the setting blocking both "in/out". Why would my imaginary client be showing normal uploading and downloading operations if I have only set to exclude an IP range in the source address tab? Shouldn't comodo be stopping either the in or the out?
No, it must stop only packets "out" NOT coming from 10.4.0.0->10.9.255.255. Your service (torrent client etc.) must be able to receive packets from any IP address. If you reject/drop packets in, you prevent your service to receive ANY packet, because the range 10.4.0.0->10.9.255.255 is the range of the virtual private network.
I'm fully aware that these are probably some of the most novice questions but I appreciate the help. It would also be great if anyone had any suggestions as to where to start reading / getting information on how to understand computer networking and infrastructure better. I don't even know what an IPv4 address is or how it differs from IPv6. The wikipedia page kind of helps, but trying to put everything together and figure out why it matters is slow going. I can appreciate the idea behind services like AIRVPN and Comodo but my understanding is very shallow.
Thanks in advance.
Don't worry, you don't need to be a network expert to use AirVPN. Anyway, reading the Comodo manual can really help.
Please follow this tutorial in order to prevent leaks with Comodo without setting up rules for each application:
https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142
Kind regards
-
Hello!
The file attachments are uploaded when you click "Submit", after you have completed your post. You can be sure you have attached a file when you have picked it from the requester which should appear when you click on the attach option. Your attachment was successful and we could see it (did you read the answer?).
When the forum is in "moderated" mode, all the messages must be approved to show up.
Kind regards
[SOLVED] Tauri Port Forwarding Problem
in General & Suggestions
Posted ...
Hello!
Sorry, bug detected. It should be fixed for your account now, can you please check once again (you don't need to disconnect and reconnect)?
Thank you for your patience.
Kind regards