Staff

Hello! Sure, it all depends on what you want to achieve. We were asked how to block a specific program and we answered accordingly. About trojans, generally it does not make a big difference if they can get out through the tunnel or not, a VPN will not protect you against trojans which send out data without your knowledge (see also Terms of Service, point 1). Chrome must be a "trusted application" in Comodo in order to be able to send and receive data. As usual, you can define further customized rules for any program, including Chrome. Please do not hesitate to contact us for any further information or support. Kind regards

Hello! Advanced options might appear only when you "Apply settings", see the DD-WRT wiki here: http://www.dd-wrt.com/wiki/index.php/OpenVPN#Enable_OpenVPN_in_the_Router According to DD-WRT developers and community, all the DD-WRT web GUI interface with firmware withOpenVPN flavor have the option to pick encryption type. We can't confirm that, since we don't have all the routers in the world, but it appears strange that such a lack would have gone unnoticed. Please keep us posted. Kind regards

Hello! Please note that you should block outgoing packets NOT in the range 10.4.0.0->10.9.255.255. If you blocked outgoing packets in that range, it was normal that uTorrent could not work with VPN connection. If you wish to block incoming packets not coming from our VPN server, just block anything to your Ethernet or WiFi interface not coming from Air server entry-IP address (also note that entry-IP and exit-IP are different; you can find the entry-IP with our configuration generator or with the Air client). Finally, we strongly recommend NOT to use any Symantec/Norton product on Windows systems: http://www.matousec.com/projects/proactive-security-challenge-64/results.php not even on 32-bit Windows system: http://www.matousec.com/projects/proactive-security-challenge/results.php#products-ratings Kind regards

Hello! Do you mean Comodo? If so, the rules are identical with any Comodo version of the last year. The screenshot is taken from Comodo Internet Security Premium 5.10.228257.2253, free version (it should be up to date). Kind regards

Hello! We are confident that the following thread will help you. We would anyway recommend that you replace Windows 7 firewall with Comodo Firewall (free edition is just fine). https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142 Please do not hesitate to contact us for any further information. Kind regards

Hello! Yes, we confirm that our servers push routes so that ALL the traffic will go in the encrypted tunnel. About your Usenet provider, using the VPN is useful if you wish to hide to that provider your real IP address, just in case... Instead of refusing the push (which might make your OpenVPN client uneasy), you could rewrite the routing table after the connection, or you could rewrite your OpenVPN configuration file. As usual, proceed with caution. Any mistake can destroy your anonymity layer. Some ideas: http://dltj.org/article/openvpn-split-routing/ EDIT: This thread looks better http://forums.openvpn.net/topic8229.html Kind regards

Hello! You should decompress the folder (or navigate into it) and copy the 4 files you see inside. Paste & use them as the configuration, certificates and key for Tunnelblick, according to instructions. Please do not hesitate to contact us for any further information or support. Kind regards

Hello! In a few words, UDP is more efficient, but TCP is mandatory when you want to connect over an http or socks proxy. Also, TCP may be necessary if you find difficulties during the handshake. TCP implements full error correction, and this is at the same time a plus and a minus. Please refer to the FAQ for a more detailed comparison. https://airvpn.org/faq Kind regards

Hello! If there's no way with that firmware to tell OpenVPN to use AES-256-CBC, you should use a script to connect. We can't renounce to strong encryption. Please see here: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1840&limit=6&limitstart=6&Itemid=142#1866 That is a specific setup for your model of router behind another router, and you can easily change it in order to make it suitable for your network. Kind regards

Hello! You will not get the same speed (please see the FAQ for details). We must be clear on this point: adding a VPN hop will unavoidably decrease performance. Since we pick servers on datacenters connected to tier1 providers, the performance decrease in most cases is a fair price to pay for a layer of anonymity and privacy. On the other hand, if your ISP caps certain protocols (for example p2p) you will get a better performance with a VPN on those protocols. We do not discriminate against any protocol and we do not monitor the connections, not even to determine protocols for technical reasons. The only exception to the purest Net Neutrality is the block of outbound port 25 that we are forced to perform to keep the service alive. You can connect as many devices as you wish through your DD-WRT router, you will need just one account that you can use directly on your router. See also https://airvpn.org/ddwrt Please do not hesitate to contact us for any further information. Kind regards

Hello! What are your router models? Are you using the latest DD-WRT firmware available for them? Kind regards

Hello! As far as we can see, that is correct (account "aboooor"). If you repute that your account should be on premium status for some subscription, please do not hesitate to contact us immediately. Kind regards

Hello! The VPN servers have been up and running without any problem (except Omicron for a problem in a Frankfurt datacenter). The frontend experienced severe problems due to another datacenter problem (unstable switches). Please see our messages in the forum. All the problems look resolved now, please do not hesitate to contact us for any further issue. Kind regards

Hello! Thank you, we're very pleased to know that our service meets your expectations and requirements. About mobile VPN, thanks to OpenVPN we already provide support for Android. Furthermore, although we do not provide support for a jailbreak, jailbroken iPhones and iPads can run OpenVPN too and are perfectly compatible with our service. Whether Apple will be allowed to continue its 'war' against free & open source software depends only on its customers. Kind regards

UPDATE: the problem has been fixed. Hello! We're sorry to inform you that due to a network outage in a datacenter in Frankfurt, Omicron is currently not reachable. You can follow the events here: http://leasewebnoc.com/status.php?i=770 We apologise for the inconvenience. Luckily our infrastructure is largely redundant so it will keep up with the guaranteed bandwidth with the other servers. We will keep you posted. Kind regards

Hello! If you find it difficult to connect with the Air client, please use OpenVPN directly. The issue is due to a major problem in a datacenter. If it will not be solved within a few hours by the provider, we will move our frontend away from it and solve the issue in any case. Kind regards

Hello! You can generate all the files you need with our configuration generator, menu "Member Area"->"Access without our client". The generator will prepare an archive according to your preferences and let you download it. Please do not hesitate to contact us for any further information or support. Kind regards

UPDATE: the problems have been fixed on the datacenter Hello! There are currently technical problems in one of the datacenters where some of our servers are located (NOT VPN servers) which affect only the AirVPN client behavior and the data provided by the real time servers monitor. You might sporadically experience failed connections during the "Checking" phase of the Air client. We underline that the problem does not affect any VPN server. The issues should be resolved soon. In the meantime we kindly ask you to connect directly with OpenVPN if you can't connect with the Air client. Please do not hesitate to contact us for any further information or support. Kind regards

Hello! There are currently technical problems in one of the datacenters where some of our servers are located (NOT VPN servers) which affect only the AirVPN client behaviour and the data provided by the real time servers monitor. We underline that the problem does not affect any VPN server. The issues should be resolved soon, in the meantime we kindly ask you to try again or to connect directly with OpenVPN. Please do not hesitate to contact us for any further information. Kind regards

Hello! Please see https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715 and subsequent messages on this very same thread. Currently Comodo Firewall is the only software firewall for 64-bit Windows systems which passes important leak tests, so it is highly recommended not to trust any other software firewall. Kind regards

Hello! When you launched AirVPN for the first time in the new system, did you allow it to install OpenVPN? Can you please tell us exactly when the error message appears, and also send us the attempted connection logs (just right-click on the Air dock icon and select "Logs", then click on "Copy to clipboard")? We're looking forward to hearing from you. Kind regards

Hello! Probably because you launch it before connecting to an AirVPN server. Make sure that you first connect to a VPN server and only then you launch the client (and any other program). Do not forget that the new routing table will have no effect for already established connections. Feel free to let us know whether the above fixes the issue. Kind regards

Hello! We have received this e-mail from one of our customers and we gladly re-publish it here, because we think it may be helpful for anybody running a DD-WRT router behind other routers. The example configuration is with Vega, you can easily change that according to your favorite server and port. ====================================== Hi Guys, I just thought I'd let you know I figured it all out. The DD-WRT I have is the latest generic openvpn (DD-WRT v24-sp2 (08/07/10) vpn) installed on an old WRT54G v2.0. My ISP's router is a DLink BCM96358 which is pretty locked down. I reset to defaults, turned on syslog, set the VPN settings as per your help page, and used the following startup script (containing what you generated for me) - date 032601152012 sleep 30 echo "client dev tun proto tcp remote 69.163.36.66 443 resolv-retry infinite nobind ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key ns-cert-type server cipher AES-256-CBC comp-lzo verb 3" > /tmp/openvpncl/myopenvpn.conf ( sleep 20 ; killall openvpn ; /usr/sbin/openvpn --config /tmp/openvpncl/myopenvpn.conf --route-up /tmp/openvpncl/route-up.sh --down /tmp/openvpncl/route-down.sh --daemon ) & The date is necessary because otherwise the system date is in 1970 and the certs don't work. The other key is the sleep statements. Nothing works if the init processes too fast. I also had to add a line to the firewall rule too for the wireless to work - iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE iptables -t nat -A POSTROUTING -o tap0 -j MASQUERADE This gives me a VPN behind my DD-WRT and non-VPN behind the ISP router. Cheers.

@allanmills Hello! The error issued by ifconfig is normal, you have no tap interface, our setup use the tun interface. About the core of your issue, it is likely that since your interface changed from eth0 to wlan0, your script/config may still be using the old interface. There are several articles that can point you to the right direction: https://duckduckgo.com/?q=ping%3A+sendmsg%3A+operation+not+permitted Please do not hesitate to contact us for any further information and support. Kind regards

Hello! Can we put [sOLVED] in the thread subject, for future references? Kind regards