Staff

Hello! It's not possible to decrypt the packets you send to the VPN server and the packets you receive from the VPN server (not even by someone who's monitoring your line), except by your client. The device you link is meant to decrypt and re-encrypt SSL traffic for which it has already all the keys. This can be obtained in corporate environments or with malicious means, to which an OpenVPN hardened security based VPN is not vulnerable. To have a closer hint on how these devices work: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk65123 EDIT If you're curious to see the strength of AES (Air data channel is encrypted with AES-256-CBC): http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Known_attacks The fastest known attack against AES-256 requires 2^254 operations for key discovery... and OpenVPN executes TLS re-keying every 60 minutes. Kind regards

Hello! That's the whole point. An account used for critical activities for which the account holder does not want to let VPN administrators know its real IP address must always connect over the VPN over TOR. It's not difficult at all (once you have configured OpenVPN or our client to use a TOR proxy, OpenVPN will not even connect if you forget to run the proxy) and a careful person will always do that, or use separate accounts for separate activities. In our case, we are unable to correlate because we don't keep logs. But if a server is monitored in real time by an hostile entity, here you can see the great advantage of VPN over TOR. You can defeat an adversary even if it can monitor YOUR line AND VPN servers lines simultaneously, and this is a huge, really enormous benefit. Anyway, this sends us back to partition of trust. We have repeatedly been talking about the strong advantages of Air over TOR in order to perform partition of trust when absolutely necessary: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745 Obviously partition of trust can be performed with any other socks or http proxy, or with VPN over VPN (for example just running a client in a host machine and another client which connects to a different server in a VM), TOR is just a significant example which gives some notable advantages (for example in TOR Browser Bundle you find a customized browser perfectly prepared to mitigate any privacy assault). It all depends on which adversary you have to face. A file sharer adversary is completely different from the adversary in human rights hostile countries. Kind regards

Hello! The problem was here: but immediately after, when restarted, OpenVPN could handle correctly the TUN/TAP interface: It's difficult to say for sure, but maybe the TUN adapter driver had crashed. If the problem persists, we would suggest that you uninstall completely and re-install OpenVPN, making sure to authorize the installer to install all the drivers. In our package for Windows OpenVPN 2.2.2 is included, while if you need different versions please see here: http://openvpn.net/index.php/open-source/downloads.html Also, we strongly recommend that you secure your connection against leaks in case of unexpected disconnections. You can find the guides to do that (according to your system) in the forum announcement section link. https://airvpn.org/forums Please feel free to keep us updated. Kind regards

Hello! That's why we accept Bitcoin (also through a separate reseller) and Liberty Reserve. If you tunnel over TOR over OpenVPN, the VPN can see your real IP address. So, if your aim is to hide your IP address to our servers and use every protocol over TOR, you have to go with Air over TOR. If you don't want to hide your IP address to our servers AND you don't need to tunnel UDP over TOR AND you don't need transparent tunneling over TOR, then TOR over VPN is an option. It's the opposite. If you tunnel TOR over VPN, you'll need to configure every single program to be tunneled over TOR, and you can't anyway tunnel UDP. If you tunnel VPN over TOR, our servers can't know who you really are and you bypass proxy limitations and need to configure every single program to be tunneled over a proxy. So it's just a matter of what you really need. Kind regards

Hello! Can you please try connections to different servers and especially different ports and protocols? Just in case your ISP caps bandwidth on some or all UDP ports. Kind regards

Hello! You can achieve your purpose with DNAT, please see here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=2849&Itemid=142#4695 Kind regards

Hello! Yes, TCP has a full error correction and therefore you have a slight overhead which results in slower performance. If there's high packet loss or fragmentation, TCP may be able to let you connect anyway (while UDP might be unable to do that) at the price of performance. You should check the logs during an UDP connection in order to see whether you have packet loss or fragmentation (fragmentation is not so rare on WiFi connections). Kind regards

Hello! We have detected no problem at all with Serpentis in the last week. Some more details? Kind regards

@superduper Hello! Please try to uninstall completely OpenVPN. Then re-install it making sure that you authorize the installer to install all the drivers. Kind regards

Hello! Can you please try a direct VPN connection with your computer, both toward TCP and UDP ports? It's likely that you have some bottleneck on your routers. Also, please consider that most DD-WRT routers don't have the CPU power to support an higher than 7-8 Mbit/s AES-256 encrypted throughput. Kind regards

Hello! That's perfectly fine, your ISP can't even know that you're using an NNTP client. On top of that, using an ssl connection (like you do) will also encrypt the packets from the Usenet to our server (i.e. not only from our server to you and vice versa), which protects your authentication details even outside the VPN. You don't need to forward ports (in general, you need to forward ports only for services which need to be reached with connections from the Internet, and this is not the case for an NNTP client: it's the client that establishes a connection). Kind regards

Hello! Can you please send us: - your network zones - your global rules - your application rules - your client logs Kind regards

Hello! Your account was activated to premium status immediately after the payment and the instructions e-mail was sent as well. Anyway you can access the instructions here: https://airvpn.org/enter FAQ are available here: https://airvpn.org/faq The servers monitor is available here: https://airvpn.org/status Guides to secure your connection against leaks in case of unexpected disconnection are permanently linked in the announcement section of the forum: https://airvpn.org/forums Our ToS and Privacy Policy are linked at the bottom of our web pages. Kind regards

Hello! Please see here: https://www.torproject.org/docs/faq#TBBSocksPort Once you can predict the proxy listening port, just set the same port in our configuration generator (or modify the configuration file accordingly). Kind regards

Hello! It depends especially on how many trial requests we receive. If you have not received an answer to your trial request, please re-send it after November the 4th. Please note that a trial request message must have the correct subject and that only one trial can be requested. Kind regards

Hello! Outbound port 25 is blocked to prevent spam. This is the only non-neutral constraint on our servers, it is absolutely necessary because spamming would cause a quick blacklisting of all of our IP addresses. The solution is quite straightforward, just use a different port and use SMPT over SSL or other forms of encryption/authentication. Clear text SMTP handshaking and mail sending must be avoided at all costs in any case. Kind regards

Hello! You need to make sure that your proxy is running and listening to port 9050. Please see here: https://www.torproject.org/docs/faq#TBBSocksPort Kind regards

Hello! We're glad to inform you that OpenVPN 2.2.2 and OpenVPN 2.3-beta work swiftly on Windows 8, so this OS is already supported. Kind regards

Hello! The MAC address of your computer card is not transmitted to the Internet (it is not a part of the network layer packets). Your computer network card MAC address is visible only inside your LAN/WAN. Your ISP can't see your computer network card MAC address. It can see your router/modem MAC on its first hardware device because that is an ARP domain between your router and the ISP's domain router. So, AirVPN and AirVPN providers can't see neither your computer MAC address nor your router MAC address, simply because they don't receive it in any way. Kind regards

Hello! Yes, it is. Please note that since Tails forces all connections over TOR, you will have a connection over OpenVPN over TOR, not a pure over OpenVPN connection. This adds security at the price of poor performance. If you wish a pure OpenVPN connection (i.e. not over TOR) in Tails, you can easily have that, please read here: https://tails.boum.org/forum/how_to_install_openvpn__63__/ Proceed with caution. Kind regards

Hello! Please try to limit your upload speed. We don't shape traffic at all, so it might be an ADSL problem (if you're on an asymmetric line), since a too high upload bandwidth will "strangle" your download bandwidth. PeerBlock/PeerGuardian blocking lists have been reported to cause a lot of troubles in our network (because some of those lists block a huge amount of perfectly legitimate IP addresses, including some of our servers IP addresses). If you're running this type of programs, try to disable them. Finally, if you're using Windows and the Windows firewall, please check that it does not filter your torrent client on ANY network. Even though the torrent client is authorized on some network, it might be filtered in other ones (when you enter the Virtual Private Network, you're in another network). Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in the USA (Phoenix, Arizona) is available: Pegasi. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on ports 53, 80 and 443 UDP and TCP. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins

Hello! Probably so, it depends whether their proxy accepts any kind of connection or it is restricted. Anyway, you might prefer to use TOR proxy to establish a connection over OpenVPN over TOR, in which case you would not need to subscribe to any service and you would obtain a much higher security: https://airvpn.org/tor Kind regards

Hello! We're sorry, currently we don't provide any proxy service. Kind regards

Hello! Maintenance ended, Castor is online. Kind regards