Staff

Hello! If you don't want to let your ISP know that you use TOR when you connect to .onion sites, please use TOR over Air instead of Air over TOR. Your ISP will see only encrypted traffic to and from our servers. Kind regards

Hello! Would you like (if you can) elaborate about the MITM attack you claim from the NSA? 66.233.234.27 and 64.13.115.27 appear to be servers of Clearwire, an american provider of 4G services. MITM attacks are extremely difficult (impossible?) with OpenVPN, even for the NSA. Their quickest solution to wiretap someone who's using OpenVPN would be the injection of some spyware directly on his/her devices, so that he/she would not be even aware of their "interest" and they should not bother about any encryption. Can you please try to secure your connection with the indications given in the following link and perform the DNS leak test again? https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142 We're looking forward to hearing from you. Kind regards

Hello! All the servers are and have been up and working properly. Please feel free to send us your connection logs for troubleshooting. Kind regards

Hello! Thank you for your inquiry. We provide unlimited traffic on every server. Our real time servers monitor will help you pick the most suitable server for you: https://airvpn.org/status Kind regards

Hello! Account "KADYWAMPES" subscription expired on July the 17th and is therefore not authorized to access the VPN servers. Please do not hesitate to contact us for any further information. Kind regards

Hello! Please check your iptables rules. In the downscript.sh the line "iptables -I OUTPUT -d 69.163.36.66 -p tdp -j ACCEPT" is wrong (replace "tdp" with "tcp"). Furthermore, apparently no proper masquerading is foreseen in your rules. Please compare your rules with: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&limit=6&limitstart=30&Itemid=142#2010 Once you have fixed iptables, please send us the connection logs. Also, please try different servers. Kind regards

Hello! Thank you very much for your purchase from our authorized reseller. You should have received the following (or similar) instructions from Bitcoincodes: - register and log in our website with the account you wish to activate - go to "Payment Plans" https://airvpn.org/payment_plans - pick the non-recurring subscription plan matching the coupon/voucher you have purchased - insert the code ALL UPPERCASE and click "APPLY" (do not click "checkout") The account you're logged in with will be immediately activated to premium status. Please do not hesitate to contact us for any additional information or support. Kind regards

Hello! Can you please post this issue on the Miranda support forum? Kind regards

Hello! Since you only need to access one site bypassing the VPN, the quickest solution is a change to your routing table. You can proceed as follows: - determine the IP address(es) of the website you need to connect to bypassing the VPN. Let's call it a.b.c.d - determine the IP address of the gateway of your physical network adapter (if you are unsure, type on a prompt "ipconfig /all"). Let's call it e.f.g.h After you have connected to the VPN, open a prompt or a PowerShell with administrator privileges and type the command: route -p add a.b.c.d e.f.g.h Please note that the -p flag will make this route permanent, surviving to a reboot. Do not specify "-p" if you don't want it to be permanent. You can remove this route with: route delete a.b.c.d Each packet to a.b.c.d will get out unencrypted outside the tunnel. Warning: proceed with caution. Any mistake might compromise your anonymity layer. Kind regards

Hello! It looks like a network-manager bug. If you use it, you'll sometimes need to restart it when you wish to reconnect. Kind regards

Hello! Please right-click on the Air dock icon and select "Preferences". In the "Proxy" field select "Type: Socks". Kind regards

Hello! Security and privacy on the Internet, as well as in life, require a continuous process of information and education. We do our utmost best to provide a strong anonymity layer, however (as we write in our ToS) a VPN secures your connection, not your computer or your behavior. We don't agree, the system has been designed to destroy correlations between the purchase and an account. When you buy a subscription with BTC, in reality you buy a code from a completely independent reseller (bitcoincodes.com). Then you use that code to activate any account on our website, so there is no correlation between the purchase of BTC through other currencies and/or the purchase of a code, and a premium account on the VPN. The following post may be what you're looking for. It describes how to preserve a strong anonymity layer in the worst case scenario: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745 Kind regards

Hello! Please replace that link with this one: https://airvpn.org/tor Kind regards

Hello! Draconis is up and running again. Kind regards

Hello! You're correct, Draconis has been temporarily withdrawn form the servers list due to instability. It suffered a second crash today, after a critical crash yesterday. We are investigating with the help of datacenter support in the hope to bring it up again in a short time. Kind regards

Hello! Since pinging 10.4.0.1 is successful, we could suppose it's a DNS resolution problem, although the routing table apparently shows further problems. Please force your system to use 10.4.0.1 as primary DNS (leave your favourite DNS as secondary) to see whether it fixes the problem. Please note that 10.4.0.1 is your VPN DNS only if you connect to port 443 UDP: https://airvpn.org/specs Kind regards

Hello! You might like to switch to Comodo (for which full instructions are provided in this forum) or ask for support from G-Data Internet Security support team. And yes, DNS leak is a typical Windows problem, not a Linux or BSD one (Mac OSX has been built on BSD - quite funny in the light of the Apple wars against free and open source software ), because Windows allows each adapter to have its own DNS. Kind regards

@locksmith Hello! There are major problems in the routing table when you're connected to Lyra. Why you have this issue only with Lyra and with no other server is still an "enigma". Can you figure out any difference in the connections? Kind regards

Hello! You should block packets with destination port 53 UDP, not 55, and only from your physical interface. Do not block traffic from your TUN/TAP interface, otherwise your system will not be able to send out DNS queries, not even when connected to the VPN. Kind regards

Hello! In the logs there are hints that the routing table is ignored. In any other server connection logs (the servers with which you have no problems), do you have something like: ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=xx and dwForwardType=x after each route.exe command? Can you please send us the routing table after the connection to Lyra? Can you ping 10.4.0.1 after the connection to Lyra? Can you confirm that the IP address of your router is 192.168.1.254? Kind regards

Hello! We confirm there are no problems on our side with Lyra. Several clients are connected and exchanging data. The server is correctly responding on all ports and properly routing packets. Average load is practically 0. Can you please send us the connection logs? Kind regards

Hello! On top the good solution by worric, if you use the Air client you might like to add to your hosts file the line: 46.105.19.36 airvpn.org This is because when you are not connected to the VPN your system will not be able anymore to perform DNS resolution, preventing Air to connect via SSL to our frontend (airvpn.org). airvpn.exe connects via SSL/TLS to airvpn.org in order to provide some commodities and download certificates, key and generate on the fly a configuration according to your choices. With the addition of that line, your system will not need anymore to send a DNS query to resolve airvpn.org. If you use OpenVPN directly, or any other OpenVPN GUI/wrapper, you don't need that (all the files you need are already in your HDD, while the commodities are available on our website). Kind regards

Hello! To the best of our knowledge you are right. This is a good question to ask to the Bitcoin support. However, a suggestion for the really paranoid people (almost like us ): buy the coupon code with a dedicated wallet only used over TOR and filled with only the exact amount you need, then (once you have received the coupon and you have managed to activate your account) securely delete that wallet. Kind regards

Hello! Please follow the instructions and make sure that your proxy is a SOCKS proxy (not http) and it is running and listening to port 9001 (which is not the default port the SOCKS proxy listens to on the latest TOR browser bundles). https://en.bitcoin.it/wiki/Tor Kind regards

Hello! Currently the recommended bundle by the Tor Project is the Tor Browser Bundle which uses a SOCKS proxy. It's not that the Bitcoin client has TOR integration, however it can be easily configured (in the settings menu) to use a proxy. Anyway, it is not a matter of concern for the Bitcoin client: the problem was that DNS queries for websocket connections were not made by the proxy. You might also like to read here: https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#IkeepseeingthesewarningsaboutSOCKSandDNSandinformationleaks.ShouldIworry The problem about DNS leaks should be taken seriously with Firefox (and perhaps other browsers). For this reason, the Tor Project updated their bundles with a very important security release on May the 4th, 2012: https://blog.torproject.org/blog/new-tor-browser-bundles-security-release Further considerations: https://lists.torproject.org/pipermail/tor-talk/2012-May/024155.html All of the above does not apply if you tunnel over Air over TOR, however we very strongly recommend to keep your Tor bundle up to date just in case you need to use Firefox over TOR without Air. Kind regards