Staff

Hello! Please feel free not to fish, just read this message: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715 Kind regards

Hello! DNS leaks are not strictly related to static or dynamic IP addresses. Also, our service does not require a static IP, you can use it either with a dynamic or a static IP address. Please see here: http://www.dnsleaktest.com/how-to-fix-a-dns-leak.php You might also like to secure your VPN connection in order to prevent any leak in case of unexpected disconnection: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142 and https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=2183&Itemid=142#2184 Finally, you must not configure the DNS inside Firefox. You could force your system to use our DNS as the primary DNS server. Please find its address according to the port you connect to and configure Windows to use it as primary DNS: https://airvpn.org/specs Kind regards

Hello! Can you publish the rules you have set for your torrent client? Kind regards

Hello! If you forward the same ports on your router and remotely on our servers, an adversary who can monitor your line (just as an example your ISP or those that have the power to force your ISP to do that) has various ways to perform successfully correlation attacks (for example, timing packet sending on the same port to your real IP and to the exit-IP of the VPN server you're connected to) disclosing the service and the protocol that you're using behind the VPN (and in case of p2p, your p2p activity). This is your vulnerability, not an OpenVPN one. This is only possible (in some cases) when your client responds to all of your network interfaces. A client that is instructed to do so directly exposes your real IP address when you do p2p, no need for any correlation attack. Please check the bindings of your client and avoid multiple IP bindings. This is not an OpenVPN vulnerability, it is a vulnerability inside your system which authorizes administrator privileges to an application making it capable to bypass the routing table or directly a vulnerability configured by you in your application. The p2p swarm will see your client as two clients: one with the VPN server exit-IP address and one with your real IP address. Kind regards

Hello! Please see here to block selectively any application you wish with Comodo: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715 Kind regards

Hello! No, if you use Windows firewall and you don't tick that box, you risk ending up with a completely blocked uTorrent (regardless of VPN connection or not). It is sufficient that you don't forward the port(s) you use for uTorrent on your router in order to prevent correlation attacks. As a side note, you might like to consider to switch to Comodo Firewall since the Windows firewall is unreliable. Comodo firewall will also enable you very easily to prevent uTorrent leaks in case of unexpected VPN disconnection. https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142 Kind regards

Hello! Yes, our servers push a VPN DNS to the clients. Please see here: https://airvpn.org/specs Kind regards

Hello! We don't have any other report from BT customers about this issue. Can you please try to connect to port 80 TCP (if you have not already done so) in order to determine whether BT has started throttling some UDP ports? Kind regards

Hello! If you need a UK server, currently please use Cygnus only. Virgo has issues we are looking into. Kind regards

Hello! We don't have onion sites... Kind regards

Hello! No, we can't, because we don't keep logs. Please do not hesitate to contact us for any further information. Kind regards

Hello! Can you please report when you exactly get that message and also provide us with some additional information (your Windows version and your .NET framework version)? Kind regards

Hello! Please see here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1955&Itemid=142#1956 Kind regards

Hello! We don't censor any website. Actually, we are against any censorship. Can you please send us a list of the websites that you can't reach (even in private, if you prefer so) so that we can investigate? You can send us a report even unrelated to your account (just register a new "fake" account and use the "Contact us" form to send us the list, or use a new mail account unrelated to the Air account of yours and write to info@airvpn.org). Kind regards

Hello! Currently servers in any Asian country datacenter do not meet our requirements for traffic, net neutrality, privacy and data protection. We must admit that our requirements are actually quite high. Should we find any provider that complies to our requirements, we'll be of course very glad (and it would be in our utmost interest) to install servers in their datacenters. Kind regards

Hello! Air over TOR is specifically useful when you want to hide your real IP address to our server even WHILE you are connected. You might like to read here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745 Kind regards

Hello! We can confirm you that we don't detect any problem on UK servers. Kind regards

Hello! We can confirm you that port forwarding is working correctly on our servers. If your router does not allow to close any port, you might block the ports you have remotely forwarded with your software firewall (very easy if you use Comodo) ONLY on your physical interface in order to prevent correlation attacks. Kind regards

Hello! Can you please use the "Contact us" form for this request? Kind regards

@aaronasaka Hello! This is just a wild guess in case you have Windows, but it's worth a try. We have some reports from Asus and other vendors customers from which it appears that some pre-installed "network card managers" have the effect to slow down dramatically the connection when OpenVPN is in use. For example, "Network i Control" from Asus appears from our reports to slow down the connection only when a TUN/TAP interface is used (just like in the OpenVPN case). At your convenience, and just in case you run a pre-installed Windows, please check whether you have one of those programs running and disable it to check whether the OpenVPN performance improves. Kind regards

Hello! We have deliberately chosen not to provide PPTP access with any authentication since the birth of AirVPN. MS-CHAPv2 authentication vulnerabilities are well known since years, nothing new under the sun. Attacks against PPTP with MS-CHAPv2 are trivial and can be performed automatically and rapidly with various tools. Kind regards

Hello! In your case, in order to have a cleaner, more precise set of rules, rule 2000 should be changed to: allow ip on en0 from 10.0.1.0/24 to 95.211.169.3 keep-state because 10.0.1.* in CIDR notation is 10.0.1.0/24 Rules from 5100 to 5260 can be made cleaner with "on tun0" (assuming that tun0 is your tun interface), for example: allow ip on tun0 from 10.4.0.0/16 to any Pay attention to rule 1200 if you wish to use a local proxy (for example Air over proxy will be blocked with that rule if you have a proxy on 127.0.01) and/or if you have software which needs to communicate with 127.0.0.1 (for example Tunnelblick). Kind regards

Hello! All the servers use and push the same VPN IP addresses according to the port you connect to. Please see here: https://airvpn.org/specs Kind regards

Hello! Please see our FAQ to optimize your p2p performance. You can do p2p without port forwarding, but remote port forwarding will improve the performance. https://airvpn.org/faq Kind regards

Hello! The address range 10.0.0.0/16 (10.0.0.0->10.0.255.255) will not conflict with VPN IP addresses (10.4.0.0->10.9.255.255). However, the rule pertaining to 10.0.0.0/8 needs to be modified accordingly for clients that use as their internal network the address range 10.0.0.0/16 (or even 10.0.0.0/24), because 10.0.0.0/8 covers the range 10.0.0.0->10.255.255.255. In CIDR notation, the range 10.4.0.0->10.9.255.255 may be represented with the following: 10.4.0.0/16 10.5.0.0/16 10.6.0.0/16 10.7.0.0/16 10.8.0.0/16 10.9.0.0/16 A CIDR Notation Calculator may help you, for example: http://www.subnet-calculator.com/cidr.php Kind regards