Staff

Hello! The TAP-Win32 interface is the virtual network adapter used by OpenVPN. Air is a routed VPN, not bridged, and uses a TUN interface. Please also see here: http://en.wikipedia.org/wiki/TUN/TAP Kind regards

Hello! Yes of course, your care for privacy is absolutely correct. Please attach the file in an e-mail and send it to info@airvpn.org. Ask for and send your gpg public key before sending the file if you don't wish to send it unencrypted. Kind regards

Hello! We apologize for the inconvenience, that link was wrong. Fixed now. Kind regards

@dexter010 Hello! Thank you for your purchase. You should have received instructions to use your code from bitcoincodes, our authorized reseller, but if your mailbox is blocked you clearly could not. Anyway... To activate your account to premium status: - register and log in our website https://airvpn.org - select "Payment Plans" https://airvpn.org/payment_plans - pick the non-recurring subscription plan matching the code you have - before the checkout, insert your code (uppercase) and click "APPLY" - your account will be activated to premium status (no traffic limit, no bandwidth limit) After that, just select your favorite server and port with our configuration generator (for Linux, Windows, MacOSX, Android, DD-WRT), or connect through the AirVPN client (for Windows). You can generate as many configs as you wish in order to switch easily from one server/port to another with the OpenVPN client. FAQs are available here, please take a moment to read them all, because they will help you use our system at best (including enhancing performance for p2p and fully use our unique Remote Port Forwarding system): https://airvpn.org/faq More details on recent improvements on the system: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1616&Itemid=142 Another useful tool is the real-time servers monitor: https://airvpn.org/status The ToS and the Privacy Policy are available at the bottom of most of our website pages. Please do not hesitate to contact us for any further information. Kind regards

Hello! Please send us: - Comodo network zones - Comodo global rules - Comodo application rules - Comodo Firewall events logs - Air client (or OpenVPN) logs Kind regards

Hello! If you don't want use the Air DNS, you should force your favorite DNS servers on your TUN/TAP interface, so that encrypted and tunneled DNS queries will be forwarded by our servers to those. No problems with the Comodo rules, they don't prevent DNS queries in the tunnel, they prevent them outside the tunnel. Usage of DNSCrypt is useless when a device is connected to the VPN. Usage of DNS servers different of Air DNS will not impact anonymity, but will neutralize our anti-ICE censorship system. Kind regards

Hello! Can you please send us the logs? Kind regards

Hello! The operation you performed should give you no problems. If you still can't connect to our servers, please send us the Air (or OpenVPN) logs. Basically nothing changes. You will have to know some parts of your network, though, just in case you'll need additional allow rules to communicate with your gateway, or with the corporate proxy (if any). Kind regards

Hello! We are not willing to offer "false solutions" which give a dangerous, false sense of security, like other services do. If we find a solution as reliable as a firewall rule, we will of course be very glad to implement it. Setting the rules for Comodo should take no more than 3-4 minutes, except for persons who don't know what a firewall is. In that case, reading the Comodo quick guides is useful and it is very well spent time. We repute that nobody should ignore what a firewall is nowadays. Techno-ignorance is the most powerful weapon in the hands of the censors. Please consider that if you just need to block a torrent client, only ONE rule is necessary (application rule for the torrent client as explained). Kind regards

Hello! We don't detect any problem. Can you please make sure that the proxy type you select (http or socks) matches the proxy type you're using for TOR? Kind regards

Hello! Yes, it's totally normal. No, this is important, please make sure that you don't have forwarded on your router the port your torrent client listens to. Please see here for a clarifying explanation https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142 (if you have Windows; you can find rules for other systems in the top part of the forum, in the "Announcements" section). You should set firewall rules to prevent leaks in case of unexpected VPN disconnection. This is the safest solution. We don't recommend different solutions, due to security reasons. Kind regards

[Thread quick-up]

Hello! Please follow the instructions for Mac OSX, you will be ready in 5 easy steps. Instructions are available in menu "Enter"->"Mac OSX", direct link: https://airvpn.org/macosx/ Kind regards

Hello! That's exactly what our customer asked for. Please elaborate, it's written in the message above. If you mean how an OpenVPN server pushes routes, then the answer is "with the push directive". A client may refuse pushes with the nopull directive, in which case a tunnel is established but nothing will be tunneled until a proper routing table is defined. Kind regards

Hello! Yes, it's possible. By default our servers push routes so that all traffic is tunneled. You need to change the routing table in order to route the traffic for Netflix through your normal gateway instead of the VPN one. You need also to know the Netflix IP ranges. According to comment by "Jon" here: http://kaeding.name/articles/2010/11/15/prioritizing-netflix-traffic-with-dd-wrt/ the IP addresses used by Netflix to serve content are many: 208.75.76.0/22 128.242.0.0/16 63.97.94.0/24 65.200.11.0/24 96.16.0.0/15 216.246.75.0/24 204.0.0.0/14 204.200.0.0/14 184.84.0.0/14 62.0.0.0/8 58.0.0.0/8 198.76.0.0/14 4.27.0.0/16 8.0.0.0/8 206.32.0.0/14 209.84.28.0/23 209.84.24.0/22 209.84.16.0/21 192.221.0.0/16 205.128.0.0/14 4.0.0.0/8 204.160.0.0/14 199.92.0.0/14 184.72.0.0/15 208.111.128.0/18 Now, you need to modify your routing table so that the above IP ranges do not get tunneled: route add -net 208.75.76.0/22 gw <your "non-VPN" gateway> ... route add -net 208.111.128.0/18 gw <your "non-VPN" gateway> In this way you'll obtain that all the traffic for Netflix (assuming that the above IP ranges list is correct and exhaustive) will not be tunneled. Kind regards

Hello! Can you please send us the logs? Kind regards

Hello! On some versions of NetGear DG834G it is possible to flash OpenWrt, which includes OpenVPN support. It is very important that you determine exactly which version you have (1, 2, 3, 4 or 5). Please see here: http://wiki.openwrt.org/oldwiki/openwrtdocs/hardware/netgear/dg834g Kind regards

Hello! We're glad to know that you managed to solve the problem. Kind regards

EDIT: the problem is solved (provider IP db error). Please note that from now on Tauri will have a new exit-IP address. Hello! Due to problems in Tauri datacenter we have been compelled to put momentarily down Tauri. Although the problems are reported as resolved (see http://www.leasewebnoc.com/en/networkstatus/leaseweb-germany-network-issues) we still have major connectivity problems with Tauri. We'll be investigating with the help of Leaseweb technicians and we will keep you updated. Kind regards

Hello! Please read here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=852&Itemid=142 Kind regards

Hello! Sure, of course you can force any DNS you like on your TAP-Win32 adapter, your query will be sent encrypted in the tunnel to our servers, forwarded to your favorite DNS server and the answer sent back encrypted to your client. No problems in resolution, no privacy problems (your ISP will NOT see the queries), however please note that in this way you will no more use our anti-ICE seizure system. Try "rojadirecta.com" for testing purposes to understand what we mean. Kind regards

Hello! We don't detect any problem with DNS. Can you please check the DNS push from Sirius on port UDP 443 and send us the output of "ipconfig /all" for the TAP-Win32 adapter? If the DNS push is successful, you should see the address 10.4.0.1 as DNS server of the adapter. If not, please check that the adapter accepts the push. Kind regards

Hello! We don't detect any problem with Sirius port 443 UDP. We have been testing the server and the port since the time of your writing. Previously and currently more than 60 OpenVPN clients have been finely exchanging data on it. Can you please check your routing table after the connection? Kind regards

@rbuilder Hello! Jinsong is right, probably your ISP shapes some or all UDP ports so you get better performance with TCP. This is becoming a common practice because these ISPs see UDP packet shaping a way to: - increase overselling without investing in infrastructures - hide anti-competitive practices to make their own content and service delivery to their customers more attractive than those of their competitors (VoIP, A/V streaming etc.) - test their customer base for acceptance of walled-gardens, a business model aimed to dismantle the open Internet. Apple huge success, which shows that majority of people will support enthusiastically a company that actively fights to dismantle the open Internet and open source software, this model is now very attractive. Kind regards

Hello! Given your peak bandwidth without VPN (300 kB/s), the performance you obtain is normal (assuming you mean kB/s, not kbit/s). Either your ISP always caps all ports or, more probably, it does not cap at all but is incapable to give you more than 300 kB/s down. Kind regards