Staff

epoair wrote: Hello! No, Bittorrent clients are not able to bypass the TUN/TAP interface with their default configuration. uTorrent might try to do that with various systems (which can be disabled, like uTP), but all our tests have showed that it does not succeed. In a non-throttled, ideal environment, and on big swarms rich of seeds, you should normally have better performance with p2p than any other protocol. Better performance and higher efficiency are of course among the strongest features of BitTorrent. Anyway, for additional security, please perform a check on this website: http://checkmytorrentip.com/ You should carefully check that your real IP address is never leaked during the test. We're looking forward to hearing from you. Kind regards

thigger wrote: Hello! Thank you for the warning. Remote forwarding is enabled both for TCP and UDP ports. You should be able to see that TCP packets for your web server have the correct header when they reach it (confirmed by the correct web server answers). We'll anyway look into this. Which server are you connected to? Can you please elaborate about UDP packets? UDP is a connectionless protocol, and http and https are not expected to be run over UDP, so why should your web server receive UDP packets? We're looking forward to hearing from you. Kind regards

thigger wrote: Hello! Sorry, this question remained unanswered in the previous message. Torrent clients and any other listening service are not getting multiple connections from the same IP address, they see the real origin IP address. When you see packets coming from one of our VPN servers, the "original" header is encrypted together with the payload (otherwise your ISP could see the real origin with DPI). That's why you observe all packets coming from the entry-IP address of the VPN server you're connected to. The packets are decrypted by your OpenVPN before they arrive to the listening service. You can easily verify by monitoring the traffic on your TUN/TAP interface, instead of your Ethernet or wireless interface. An excellent tool to do that is Wireshark. Kind regards

Hello! Yes, it's normal. You connect to a VPN server IP address (entry-IP) and you are visible on the Internet with another IP address (the exit-IP of the same server). It is not mandatory for OpenVPN (or any VPN in general) to have its clients connected to an IP address and get out with another (i.e entry-IP and exit-IP may be the same, as it happens in almost every VPN service), anyway this is an addition, completely transparent for clients, that we have made few months ago to enhance the anonymity layer (it makes correlation attacks harder and has the benefit to avoid out-of-the-tunnel unencrypted transmissions between two clients connected to the same server which communicate to each other). NAT and masquerading do all the job, so that your listening services (web server, torrent client...) are reachable from the outside (on the forwarded port(s)) and can respond properly to the incoming packets. When you receive an incoming TCP connection, you should see a packet directed to your TUN IP address (assigned by the VPN DHCP - see also https://airvpn.org/index.php?option=com_content&view=article&id=74&Itemid=141). Just a question, why do you say that you see connections coming from an address "similar to the entry-IP"? The incoming connections to your TUN interface should come from the entry-IP address. For example, on Lyra, you should see TCP IN of the type 62.x.x.85:-->10.x.x.x: (you can see your exit-IP just watching at the address reported in the bottom central box of our website while you are connected to a VPN server). Do not hesitate to contact us for any further information. Kind regards

Kitnick wrote: Hello! Very well! Please do not hesitate to contact us for any further information. Kind regards

Hello! The logs look ok, perhaps there's too much lag between our german server and the TOR relay. Try changing server. Also, can you please test a connection over an external http-proxy? See this thread for details: https://airvpn.org/index.php?option=com_kunena&Itemid=55&func=view&catid=3&id=1256 Kind regards

Hello! Yes, Air over TOR has been successfully tested repeatedly. Please make sure that you use a TCP port for connection to an AirVPN server (check the line "proto tcp" in the configuration file). Can you please send us the logs of failed connection attempts? Kind regards

@Kitnick Ok, support from now on transferred to e-mail. You'll receive a reply soon. Kind regards [EDIT] Please note that the problem has been detected from your log files. Unfortunately you gave an invalid e-mail address, so we can't send you via e-mail the solution. We paste it here: The first part of the log shows an "AUTH_FAILED" problem (maybe the connection was too lagged, it may happen with an http proxy) which anyway is solved in the second connection attempt displayed on the log. The second part is significant because it shows a failure in the "route.exe add" Windows command. If the command fails, like it happened, your traffic can't be routed inside the encrypted tunnel (you can see the failure on all the lines reporting "route addition failed [...] accessis denied"). FlushIPNetTable failed as well for the same reason. Under Windows, this problem usually is caused by a lack of privileges for OpenVPN. Please make sure that you launch OpenVPN with administrator privileges (so that it can modify the route) and also that OpenVPN was properly installed (the installer must be launched with administrator privileges too). Finally, please check that the TUN/TAP adapter has been properly installed (Windows might complain about unsigned drivers). Kind regards

@daicec Hello! You are not authorized to access the VPN servers. You need a premium subscription: https://airvpn.org/index.php?option=com_content&view=article&id=70&Itemid=132 We also accept Bitcoin: http://bitcoincodes.com/index.php?unit=store&op=browse&cat=10 and Liberty Reserve (please contact us for LR payments). Kind regards

@kitnick Hello! Attempt #3 failed because you specified a proxy which was not running (127.0.0.1:8118). Attemp #4 and #5 failed because of misplacement of user.crt, user.key and ca.crt files. When you put them in a different folder you have to specify the path on the corresponding .ovpn configuration file. Our configuration generator creates an .ovpn file which expects to find those files in the same directory you put the air.ovpn file itself. Attempt #6 failed because you specified a proxy which was not running (127.0.0.1:8080). Attempt #7 is ok. Our server sees you connecting from the http-proxy 78.133.146.136, while the proxy sees encrypted traffic from you directed to the VPN server, or coming from the VPN server and directed to you. You get out to the Internet with the VPN server exit-IP address. You can check this by browsing our website and watching at the address shown in the central box in the bottom part of the home page. Attempt #2 and #8 failed perhaps because of the http-proxy being down or too lagged. Now let's get a step back to see why Attempt #1 failed. Please try a connection only with the OpenVPN GUI (no TOR, no proxy) and please send us the complete logs. Please do not send an edited version, like the final part only. Then, try a connection with the AirVPN client alone (no proxy, no TOR, do not run OpenVPN GUI) and send again the logs (you can access the logs by right-clicking on the dock icon and selecting "Logs"; then you can copy them to the clipboard by clicking on the "Copy to clipboard" button in the middle of the bottom part of the logs window). We're looking forward to hearing from you. Kind regards

Kitnick wrote: Hello! First of all, can you please try a direct connection to one of our servers, just to see if it goes through without TOR? If it fails, please send us the logs of the attempted connection. If you can connect directly, when you wish to connect over TOR please make sure that when you have the "proxy" option enabled, you connect to a TCP port (you can pick the connection port by selecting the "Modes" tab in the Air client main window). If the above fails too, can you please try to connect directly with the OpenVPN client in order to determine whether it's a problem related to the Air client in your system? Just generate the appropriate configuration in the website with menu "Member"->"Connect without our client". Make sure to compile the "proxy" option, download the air.zip file, copy all the files inside it and paste them into the OpenVPN configuration directory (on Win 7 C:\Program Files (x86)\OpenVPN\config in a default installation). After you have launched OperaTOR (or any equivalent setup for TOR), run OpenVPN GUI, right-click on the dock icon and select "air"-->"Connect". Finally, the following is a currently working http proxy to perform connection tests without TOR: IP address 78.133.146.136 port 8080 Just insert in the air.ovpn configuration file the following line to make tests (do not launch OperaTOR, this is just a connection of AirVPN over http-proxy): http-proxy 78.133.146.136 8080 and make sure that you have the line proto tcp in the configuration file. We're looking forward to hearing from you. Kind regards

swami28 wrote: Hello! Can you please give us the exact error messages? What is your OS? Instructions for connection can be found in menu "More"-->"Access with...". Pick the appropriate entry according to your operative system. Looking forward to hearing from you. Kind regards

balthazett wrote: Hello! Thanks for the feedback. A few hours ago Sirius OpenVPN daemon on port 443 UDP suffered a problem. Therefore Sirius was reachable on ports 53 TCP/UDP, 80 TCP/UDP and 443 TCP, but not 443 UDP. Now it is fixed. Please do not hesitate to contact us for any further issue. Kind regards AirVPN admins

srajbr wrote: Hello! You need to subscribe a premium plan, please see https://airvpn.org/index.php?option=com_content&view=article&id=70&Itemid=132 Do not hesitate to contact us for any further information. Kind regards

Hello! During December the 24th, delivery time of gift coupons is accelerated to 2 hours from payment receipt. Kind regards AirVPN admins

@gzz Hello! We are working on that. Packets arte properly forwarded to clients, but some Linux boxes (including Ubuntu and Debian distros) do not answer to those packets. Windows (any version), Mac OSX and Android do not have this problem. We will keep you posted. Kind regards AirVPN admins

@slammin_bulu_whack Hello! Yes, your assumption is not purely hypothetical. It may happen to any VPN provider anywhere in the world, not only in the USA. Let's be clear, if the action is authorized by a judge under alleged, direct or indirect, violations of human rights (in particular human trafficking, child exploitation, export of monitoring technology) we will fully cooperate with the authorities. First of all, no account data are kept on the VPN servers, and anyway we encourage not to use identity disclosing information in your accounts with us. With a seized, offline server, forensic analysts work would be impaired. Much more effective would be real time wiretapping on the servers. This, potentially, might be done not only by legal agencies, but also by criminal organizations, although it might be difficult to cover their traces. For this reason, as we have said in the statement you cite, we strongly recommend to use AirVPN over TOR if you need to send critical information (for example, a whistleblower who sends something to a journalist), and to encrypt those information. In this way, even real time wiretapping would be ineffective to disclose both origin of the transmission and content information. Using AirVPN over TOR instead of TOR alone has a series of significant advantages, amongst which to solve the problem of malicious TOR relays (the traffic is still encrypted when passing through a TOR relay, and the TOR relay can't see the final destination IP of your communications). Also, AirVPN (thanks to OpenVPN) supports VPN over http-proxy. In this case, you have to use the TCP protocol and you will be able to establish an AirVPN over proxy connection. The proxy server will see your real IP but not the real destination, our servers will not see your real IP address. Furthermore, the packets payload will still be encrypted by OpenVPN when passing through the proxy node. Another scenario with physical access to the server is the possible correlation between account codes and IP address. Suppose that you connect via AirVPN over TOR to one of our servers to send critical data. Then, you connect with the same account to the same server but without TOR. At this point, it is possible to correlate your previous connection over TOR with this new one connection (same account code), disclosing therefore your real IP address to those who have physical access to the server and are wiretapping in real time. So, for critical transmissions, you should also take into consideration to use a specific account, aimed to be used only with AirVPN over TOR, even only one time for additional security, so that it would be impossible to make correlations between account codes and your real IP address, even with real time wiretapping. Trial free codes available on Twitter or sent by us via e-mail are perfect for this purpose (they have a maximum duration of 4 days). Just make sure that you use an e-mail account which can't be exploited to reveal your identity and perform the registration and the activation on our website via TOR. Please do not hesitate to contact us for any further information. Kind regards P.S. Vega is not with Leaseweb.

balthazett wrote: Hello! It's a temporary down, it's in the "shadow" servers now. Shadow servers are servers that are working but are hidden. Their purpose is to be always ready in case of emergency. Kind regards

anonimus1105 wrote: Hello! Ok, but when you have inserted those messages you had to be connected because they came from inside our infrastructure. Even this last quoted message comes from inside Air infrastructure, so you were connected while writing it. Can we assume therefore that the problem is solved? We're looking forward to hearing from you. Kind regards

Hello! Yes, there will be new servers. Unfortunately, Mexico and China are not appropriate locations for a service like AirVPN. In China there are very many issues related to privacy, active monitoring and censorship. The infrastructure in Mexico heavily needs further development. We will anyway review the situation in Asia very soon. Kind regards

privado wrote: Hello! Sure, please contact us in private (menu "Support"->"Contact us") for those inquiries. Kind regards

Hello! This is a collection of articles appeared online about AirVPN. The Guardian: http://www.guardian.co.uk/technology/blog/2011/sep/26/technology-links-newsbucket Privacy International: https://www.privacyinternational.org/blog/enjoy-internet-freedom-and-anonymity-terms-and-conditions-apply with a further comment by Eric King, Human Rights and Technology Advisor, Privacy International: https://www.privacyinternational.org/blog/enjoy-internet-freedom-and-anonymity-terms-and-conditions-apply#comment-190 TorrentFreak: https://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/ IT World: http://www.itworld.com/security/206429/who-trust-your-secrets-some-vpn-anonymity-providers-sound-noble-others-are-just-icky The Atlantic Wire: http://www.theatlanticwire.com/technology/2011/09/lulzsec-hacker-exposed-service-he-thought-would-hide-him/42895/ Kind regards AirVPN admins

privado wrote: Hello! It's difficult to say why, without further details about configuration differences in the private networks. Thank you for your patience. We are going to refund you your monthly subscription (your access will be granted anyway until the expiration date). You might want to review your problem even in the DD-WRT support forum and wiki, given that we don't have access to an E2000 router and to the unknown DSL modem/router. We will keep on our commitment to improve our customer service. Kind regards

Hello! If you're looking for some original gift for privacy aware friends and relatives, we are now offering gift coupons for 1 month, 3 months and 1 year premium subscription to AirVPN. The coupons are alphanumerical codes that, when inserted in our website, give immediate premium activation without further payment or delay. They have no expiration date set and are delivered in 4-8 hours. The person with the coupon just has to select the corresponding plan (1 month, 3 months and 1 year) and type in the coupon for immediate activation to premium status. You can decide the name of the coupon, up to 16 characters, and then give it to the person you wish to make the present. If you're interested, please do not hesitate to contact us https://airvpn.org/index.php?option=com_alfcontact&Itemid=105 Kind regards

@privado Hello! Now there are no visible errors on the log. During the 4 minutes the E2000 was connected to a VPN server, could you manage to do anything (like pinging some servers...)? Kind regards