Staff

Hello! Log in the website and pick menu "Member area", item "Access without our client". Choose your favourite server and port, accept the ToS and the Privacy Policy. Leave the proxy combobox to "None" if you don't need to run OpenVPN over a proxy. The system will prepare the archive air.zip and let you download it. Inside the archive you will find all the files needed by Tunnelblick. You can generate as many configurations as you wish and install them in Tunnelblick in order to switch easily from one server/port to another. FAQ, also useful to use AirVPN services at their best, are available here: https://airvpn.org/faq Please do not hesitate to contact us for any further information or support. Kind regards

Hello! The AirVPN over TOR uses OpenVPN ability to perform connections over SOCKS (or HTTP) proxies. When you perform Air over TOR connection, all your traffic, including that generated by applications not configured to use TOR, will be routed over AirVPN over TOR. The TOR nodes will see OpenVPN encrypted traffic, our VPN servers will see the IP address of the TOR exit-node (partition of trust). So Air servers won't know your IP address not even while you are connected. For additional details please see: https://airvpn.org/tor and http://openvpn.net/index.php/open-source/documentation/howto.html#http Flash and Java enable an adversary to run (in the target's system) programs which may try to reveal and send to the adversary sensitive information, including but not limited to your real IP address. These attacks have been proven to be successful when a proxy is used, but not an OpenVPN based VPN. However, Flash and Java malicious "applets" may try to exploit several system vulnerabilities (especially on Windows) in order to try a "privilege escalation". If in doubt, never use Flash or Java if/when you need to send or receive critically sensitive data. Do it only if you perfectly know what you're doing. In general, to the best of the knowledge of the current admin writing this reply, Flash and Java based attacks have never proven to be successful when they are run inside a well configured sandbox or virtual machine where the host is connected to an OpenVPN based VPN. Please prevent leak of packets in case of accidental disconnection by setting appropriate firewall rules. Browse our forum for additional information, or give us information about your OS and firewall for support on how to do it. Logging of IP/data is not enabled on our VPN servers. In order to perform ex-post (never ex-ante, of course: we can't give information we don't have) investigations, appropriate steps may be taken in case of alleged violations of the ECHR through our services, if the allegation comes from a jurisdictional competent authority. Specific cases for which we are willing to cooperate with jurisdictional competent authorities are alleged human trafficking, child exploitation, privacy violations, copyright enforcement through privacy violations (please note, copyright enforcement, NOT alleged infringement) and in general any violation of fundamental human rights. For those specific alleged violations we would not appeal against a proper request from a jurisdictional competent authority. Kind regards

Hello! Please use Sirius, Google considers the exit-IP address of Vega as from Hong Kong. We can't do anything about this mistake. Only Google makes this mistake. Kind regards

Hello! No problems at all. With Comodo, the procedure is simple and fast. When you connect to AirVPN, regardless of the server you're connected to, your TUN/TAP adapter is DHCP-assigned an IP address in the range specified by our Technical Specs page. https://airvpn.org/specs/ Therefore, in order to block a program to send out packets when you're not connected to Air, just block (for any program you wish) any outgoing packet NOT coming from range 10.4.0.0->10.9.255.255, from any port to any port. Comodo supports both IP ranges (without need of CIDR notation) and the NOT operator. Open you Comodo control center, click on the tab "Firewall", select "Network Security Policy", click on the tab "Application Rules". Detect the application you want to block when not connected to Air, or add it in the list through the "Browse" command, right-click on the application entry, select "Edit rule" (or "Add rule" if the application has no rules), and define the rule as you can see in the attached image. Leave "Source Port" and "Destination Port" to "Any". Please do not hesitate to contact us for any further information. Kind regards

Hello! Can you please send us the connection logs (right-click on the Air dock icon, then select "Logs", finally "Copy to clipboard" and paste here). Also, what are your OS and .NET framework versions? Finally, can you please try a connection without the Air client and send us the OpenVPN logs? Kind regards

Hello! Your account is authorized to access all the servers. Please make sure that you launch the AirVPN client with administrator privileges and that no software blocks it. Also, can you please send us the logs (after a connection attempt, right-click on Air dock icon, select "Logs", then "Copy to clipboard" and paste here)? We're looking forward to hearing from you. Kind regards

Hello! There is no difference in privacy and logging in any AirVPN servers. Currently there are no laws in the USA and in Sweden which require a VPN service to log online activities. Please do not hesitate to contact us for any further information. Kind regards

Hello! Thank you for your nice words. Yes, it is possible to do it with the Win7 firewall. Please have a look at this thread and do not hesitate to reply if you need further information or support: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1626&Itemid=142 Kind regards

Hello! You will need to configure your FTP server in passive mode (PASV) and perform some configuration. This is an example based on a server which listens to port 21 and supports passive mode. First of all, make sure you use an FTP daemon which allows you to specify a range of ports which the FTP server will use. You will need to configure the server to listen to: - port 21 (used to initiate the connection from any FTP client) - a range of high numbered (>=2048) ports. The range must be large enough to handle different simultaneous passive connections. After connection to port 21, the client initiates TCP data connection to random port specified by server with the command PORT. Let's assume, as an example, that you use ProFTPd and you want a range of 10 ports to handle 10 simultaneous passive connections. In the example, the range is 58120-58129. EDIT: our new port forwarding interface will let you determine immediately a range of contiguous available ports. Furthermore, as of July 2023 new accounts have 5 ports available by default: https://airvpn.org/forums/topic/56405-port-forwarding-availability-change/ If you need more ports please contact us. Configure it with the directive [NOTE: edited from previous mistyping]: PassivePorts 58120 58129 Now, log in our website, and forward a random port, making sure to remap it to your local port 21. Let's call this port X_Port_Number. Make also sure you select "TCP" as protocol. Now forward all ports from 58120 to 58129, protocol TCP. Do not remap them to any local port. Launch your FTP service. Now it should be reachable from any client supporting passive mode (all modern clients support it) on: ftp:// server exit-IP address>: If you wish to use sftp as well, proceed to forward an additional port, TCP protocol, and remap it to your local port 22 (or the port you will configure on your server for sftp). The client does not need to forward any port, because in passive mode it's the client the one that initiates the connection according to the PORT command of the server. Using active mode is possible. In this case you will have to ponder different issues. With active mode, the client connects from a random unprivileged port n >= 1024 to the FTP server's command port 21. Then, the client starts listening to port n+1 and sends the command PORT n+1 to the FTP server. The server then connects back to the client's specified data port from its local data port, which is port 20. Active mode basically transfers most of port issues on the client side. Please do not hesitate to contact us for any further information. Kind regards

Hello! We are informing the Air client programmer of the issue and we are looking into it. Can you please try a connection directly with OpenVPN and tell us whether it's successful? Also, can you please tell us the version of the OS you're using? We're looking forward to hearing from you. Kind regards

Hello! No, it's not normal. Do you have to reboot because of a non-recoverable crash or because of "connectivity lost"? When you stop OpenVPN, it deletes the previous routing table additions ("route add"), no reboot should ever be necessary. However, if you stop OpenVPN with a "kill -9" then your routing table might not be restored and you "lose connectivity". The network-manager, anyway, should fix your issue. You can find it in the menu "Enter", then click on "Linux". Direct link https://airvpn.org/linux Kind regards

Hello! Excellent, all the problems are solved. The AUTH_FAILED error you see was probably due to a double connection attempt (remember that you can't double-connect an account). Now that you have made sure that OpenVPN works, you can cofigure a GUI for additional comfort of usage. In our website you can find instructions for network-manager. Please do not hesitate to contact us for any further information. Kind regards

Thread up as a reminder. Kind regards

Hello! So, to summarize and simplify: cd /home/mikkelmcl/air sudo openvpn --config air.ovpn --log-append airvpn.log Wait a minute until the connection is established, then browse to https://airvpn.org. Check the central box in the bottom of the page. If it's green and says "Connected!" then you have successfully connected. From now on you might like to use some graphical user interface for OpenVPN if you don't feel comfortable with command lines. On the contrary, if the central box is red and says "Not connected", send us the airvpn.log file. Since it requires root privileges to be accessed, open it with sudo nano airvpn.log If the nano editor is not installed, install it with sudo aptitude install nanoor use your favourite editor, or copy to clipboard with xclip as said before. We're looking forward to hearing from you. Kind regards

Hello! Is the file user.crt in the same directory where air.ovpn, ca.crt and user.key are? The error message clearly says that user.crt could not be found. sudo nano airvpn.log just opens the nano editor with su privileges and loads the file airvpn.log. Once inside, you can select the text with the mouse, then right-click and select "Copy". Kind regards

Hello! The air.ovpn configuration file has no absolute path to certificates and key files. Before launching openvpn, either you edit the air.ovpn or you make sure to be in the correct directory, for example cd /home/mikkelmcl/air Kind regards

Hello! Which file? [EDIT] If you refer to airvpn.log, it's because it's generated by openvpn running as su. Access it for example with: sudo nano airvpn.log copy all the content and paste here. Or you could copy & paste through xclip. Examples: If you use the KDE desktop manager: kdesudo xclip airvpn.logthen paste with the central mouse button. If you use the Gnome desktop manager: gksudo xclip airvpn.logthen paste with the central mouse button. Kind regards

Hello! Whoops, sorry, type this: sudo /usr/sbin/openvpn --config /home/mikkelmcl/air/air.ovpn --log-append /home/mikkelmcl/air/airvpn.log Kind regards

Hello! Let's assume that you paste all the 4 files (certificates, key and configuration that you find in air.zip) in a certain directory, let's say /home/mikkelmcl/airvpn Then you might just type: sudo /usr/sbin/openvpn /home/mikkelmcl/airvpn/air.ovpn --log-append /home/mikkelmcl/airvpn/airvpn.log After that, open airvpn.log with any text editor, copy its content and paste here. Kind regards

Hello! Not sure to understand the question. If what you pasted is the output of the command "openvpn", then you have openvpn installed in your Ubuntu box. If you wish to know where it is located, try whereis openvpn If you need to install it, try (as superuser): aptitude install openvpn or you might just upgrade it: aptitude upgrade openvpn Finally please follow the instructions. Remember to generate certificates, configuration and key with "Member Area"->"Access without our client" and paste the 4 files you will find inside the archive air.zip where appropriate. Kind regards

Hello! Please launch OpenVPN with the log or log-append directive. Just put the directives in the air.ovpn configuration file or launch openvpn stating the directive option. For example: sudo openvpn /path-to/air.ovpn --log-append filename You will find the logs in the file . Kind regards

Hello! Can you please tell us which program says "Invalid VPN"? Also, can you please describe all the steps you perform to obtain that message, and send us the OpenVPN connection logs? Kind regards

Hello! Please do not forward your router ports for aMule. They have nothing to do with the problem and they expose your system to dangerous correlation attacks (further details: https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1616&Itemid=142). You should have obtained a "red" token, which underlines the danger. Since you have obtained a "grey token" AND you have forwarded also that port on your router, your service is not reachable neither on your real IP address nor on the AirVPN exit-IP address you're connected to. Your account have further forwarded ports which are on "green" status. Just follow the same procedure for the port which still has a grey token. In particular, please check that the port number and its protocol on aMule match the remotely forwarded port number & protocol. If in doubt: select "TCP & UDP", do not remap to a local port, and just change the port(s) on aMule to match the remotely forwarded port number(s) (leave "Local Port" field empty). Please do not hesitate to contact us for any further information. Kind regards

Hello! A grey token means that your service is not reachable. Please make sure that it is running and that the configured port in aMule matches the remotely forwarded port number, or the remapped local port number, and the protocol type (TCP or UDP). Also, keep in mind that aMule, contrarily to eMule, needs various additional forwarded ports: http://en.wikipedia.org/wiki/aMule Have a look at our FAQ for further details on how to forward ports and to map local ports to remotely forwarded ports: https://airvpn.org/faq Please do not hesitate to contact us for any further information. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in the Netherlands is available: Castor. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificate/key generator (menu "Member Area"->"Access without our client"). The server accepts connections on port 53, 80 and 443 UDP and TCP. As usual, no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN admins