Staff

UPDATE: the problem has been fixed. Hello! We're sorry to inform you that due to a network outage in a datacenter in Frankfurt, Omicron is currently not reachable. You can follow the events here: http://leasewebnoc.com/status.php?i=770 We apologise for the inconvenience. Luckily our infrastructure is largely redundant so it will keep up with the guaranteed bandwidth with the other servers. We will keep you posted. Kind regards

Hello! If you find it difficult to connect with the Air client, please use OpenVPN directly. The issue is due to a major problem in a datacenter. If it will not be solved within a few hours by the provider, we will move our frontend away from it and solve the issue in any case. Kind regards

Hello! You can generate all the files you need with our configuration generator, menu "Member Area"->"Access without our client". The generator will prepare an archive according to your preferences and let you download it. Please do not hesitate to contact us for any further information or support. Kind regards

UPDATE: the problems have been fixed on the datacenter Hello! There are currently technical problems in one of the datacenters where some of our servers are located (NOT VPN servers) which affect only the AirVPN client behavior and the data provided by the real time servers monitor. You might sporadically experience failed connections during the "Checking" phase of the Air client. We underline that the problem does not affect any VPN server. The issues should be resolved soon. In the meantime we kindly ask you to connect directly with OpenVPN if you can't connect with the Air client. Please do not hesitate to contact us for any further information or support. Kind regards

Hello! There are currently technical problems in one of the datacenters where some of our servers are located (NOT VPN servers) which affect only the AirVPN client behaviour and the data provided by the real time servers monitor. We underline that the problem does not affect any VPN server. The issues should be resolved soon, in the meantime we kindly ask you to try again or to connect directly with OpenVPN. Please do not hesitate to contact us for any further information. Kind regards

Hello! Please see https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715 and subsequent messages on this very same thread. Currently Comodo Firewall is the only software firewall for 64-bit Windows systems which passes important leak tests, so it is highly recommended not to trust any other software firewall. Kind regards

Hello! When you launched AirVPN for the first time in the new system, did you allow it to install OpenVPN? Can you please tell us exactly when the error message appears, and also send us the attempted connection logs (just right-click on the Air dock icon and select "Logs", then click on "Copy to clipboard")? We're looking forward to hearing from you. Kind regards

Hello! Probably because you launch it before connecting to an AirVPN server. Make sure that you first connect to a VPN server and only then you launch the client (and any other program). Do not forget that the new routing table will have no effect for already established connections. Feel free to let us know whether the above fixes the issue. Kind regards

Hello! We have received this e-mail from one of our customers and we gladly re-publish it here, because we think it may be helpful for anybody running a DD-WRT router behind other routers. The example configuration is with Vega, you can easily change that according to your favorite server and port. ====================================== Hi Guys, I just thought I'd let you know I figured it all out. The DD-WRT I have is the latest generic openvpn (DD-WRT v24-sp2 (08/07/10) vpn) installed on an old WRT54G v2.0. My ISP's router is a DLink BCM96358 which is pretty locked down. I reset to defaults, turned on syslog, set the VPN settings as per your help page, and used the following startup script (containing what you generated for me) - date 032601152012 sleep 30 echo "client dev tun proto tcp remote 69.163.36.66 443 resolv-retry infinite nobind ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key ns-cert-type server cipher AES-256-CBC comp-lzo verb 3" > /tmp/openvpncl/myopenvpn.conf ( sleep 20 ; killall openvpn ; /usr/sbin/openvpn --config /tmp/openvpncl/myopenvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon ) & The date is necessary because otherwise the system date is in 1970 and the certs don't work. The other key is the sleep statements. Nothing works if the init processes too fast. I also had to add a line to the firewall rule too for the wireless to work - iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE iptables -t nat -A POSTROUTING -o tap0 -j MASQUERADE This gives me a VPN behind my DD-WRT and non-VPN behind the ISP router. Cheers.

@allanmills Hello! The error issued by ifconfig is normal, you have no tap interface, our setup use the tun interface. About the core of your issue, it is likely that since your interface changed from eth0 to wlan0, your script/config may still be using the old interface. There are several articles that can point you to the right direction: https://duckduckgo.com/?q=ping%3A+sendmsg%3A+operation+not+permitted Please do not hesitate to contact us for any further information and support. Kind regards

Hello! Can we put [sOLVED] in the thread subject, for future references? Kind regards

Hello! We pick datacenters with PoP directly connected to tier1 and tier2 providers, including, in Europe, the "big 4". We're afraid that if your ISP peering is not good, or your ISP is anyway connected to tier3 providers or worse, there's unfortunately nothing that can be done to improve speed. See also the FAQ for further explanations. Just in case your ISP caps certain ports, make sure you have tested also port 53 TCP, port 80 TCP and port 53 UDP. Kind regards

Hello! We once again confirm that CBS is perfectly accessible from Vega and Sirius. Therefore, it remains to be seen what your system is leaking. Please note that to watch CBS with Firefox in Windows, you can't have all plug-ins disabled, because you need Flash. You might monitor your connections with tools like Wireshark to determine if there's a leak of some sort. You can also install Comodo Firewall and block all the outgoing packets not coming from 10.4.0.0->10.4.255.255 IP range to see whether this fixes the issue. See also https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715 Once you are sure that there's no leak from the tunnel, examine carefully the Firefox behaviour. Try different browsers and make sure that the referrer browser string does not contain anything other than english/USA related (you can use the add-on RefControl to do that on Firefox), just in case CBS checks that. Feel free to keep us posted. Kind regards

Hello! Thank you for your subscription. Your choice is just fine and your decision to stay away from PPTP is wise. For further considerations about TCP and UDP ports, please see the FAQ: https://airvpn.org/faq For extremely critical data exchange you might like to know how to use AirVPN over TOR: https://airvpn.org/tor Please do not hesitate to contact us for any further information or support. Kind regards

Hello! CBS is perfectly accessible both from Vega and Sirius. Perhaps you have a leak from some program that disclose that you are not in the USA to the CBS tests. The usual suspects are the browser and its plugins. If you use Windows, avoid Internet Explorer at all costs. Kind regards

Hello! Please connect to your DD-WRT router via Telnet or SSH (http://www.dd-wrt.com/wiki/index.php/SSH) and type the command netstat -nr or route -n Then just copy the output and paste it here. Kind regards

Hello! We are aware that blocking outbound port 25 may be annoying, but leaving it open would cause a quick blacklisting of our servers on most spam detectors with severe consequences for us and all our customers. On the other hand, using an SMPT server which accepts TLS/SSL connections (for example on port 465) is a good practice and it's also extremely simple, so it's not really an issue. An e-mail provider that does not offer such connections should not be taken seriously. Please do not hesitate to contact us for any further information. Kind regards

Hello! Are you able to ping the 10.x.0.1 IP address (for example, if you connect to port 443 UDP, are you able to ping 10.4.0.1)? Could you please publish the routing table after the connection (delete your real IP address for privacy reasons)? Kind regards

Hello! This is a bug of the AEC payment processor (a commercial product) that we use to handle accounts expirations. We have given you back your 6 missing days. We apologize for the inconvenience. Please do not hesitate to contact us for any further information or support. Kind regards

Hello! You have various options, for example connecting the guest OS to the TAP-Win32 adapter via bridging and disabling access to all the other network cards. In this way, if the VPN connection is not established (or drops), the guest OS can't communicate with the Internet. VirtualBox, currently one of the best virtualization packages available, will let you do that with a few clicks. Please refer to the manuals of your virtualization software for additional details, and do not hesitate to contact us for any further information. Kind regards

Hello! Your message has a reply to the e-mail address you specified to receive the answer. Please re-send it if you did not get the reply [EDIT: please make sure that your e-mail address properly receive e-mails] Kind regards

Hello! Can you please see this thread, from here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=2&id=970&limit=6&limitstart=12&Itemid=142#1748 ? Try to apply the suggested fix. We're looking forward to hearing from you. Kind regards

Hello! Thank you for your nice words. We're glad to know that you have managed to have a working and secure setup. If there was a conflict, the message should not have been "syntax error", but something different. Anyway, "block out any"? The rule is "block out all". Kind regards

Hello! About the glitch of the red token on UDP ports, we are still investigating. This does not prevent anyway the correct forwarding of UDP packets. The remaining is not a glitch (please see our previous message). Also, it appears from our tests that everything is working properly. Can you please check that listening services are configured to listen to the matching ports and on the correct network interface? Kind regards

Hello! This is correct. If you leave the remote port field blank and click Add, the system will pick randomly an available port and remap it to the same local port (if the local port field has been left blank) or to the specified local port. Kind regards