Staff

Websites: http://www.telecinco.es/

AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES.

The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction.

Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union.

The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure.

Given all of the above, we repute that these acts:

- are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights;
- are an attack against the Internet infrastructure and the cyberspace;
- are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired;

and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses.

In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time.

Kind regards
AirVPN admins

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in the Czech Republic is available: Alioth.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
Alioth accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Alioth supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in the Czech Republic is available: Alioth.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
Alioth accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Alioth supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in the Czech Republic is available: Alioth.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
Alioth accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Alioth supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in the Czech Republic is available: Alioth.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
Alioth accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Alioth supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Do you allow p2p? How can I optimize performance of eMule and BitTorrent with AirVPN?

Yes, p2p is allowed, as well as any other protocol. Currently p2p is a set of the most efficient protocols to share and access information on the Internet. We do not discriminate against any protocol.

To obtain the best performance with a BitTorrent client or an eMule client, log your account in our web site and proceed to remotely forward a port from the menu "Client Area"->"Forwarded ports". Pick a port or let the system choose an available one for you. Pick "TCP & UDP". Remember the port number.

Then, configure the "Port used for incoming connections" (also called "Listening port") in your BitTorrent client so that it matches the port number you have just forwarded remotely. On eMule, go to "Options"->"Connection" tab. Write in both fields of "Client ports" the number of the port that you have forwarded. Disable UPnP, NAT-PMP and any possible automatic port mapping feature that can modify the listening port. 
If you run uTorrent or any other software with bandwidth management, make sure to disable such management (such as uTP in uTorrent).

In this way your clients will be able to accept incoming connections from the Internet, enhancing performance in several cases and making initial seeding possible. This procedure can be performed just once and for all, as long as you don't wish to change port(s) on your clients. On BitTorrent clients, make sure to disable the option to pick random ports at every startup.

If you forward a port for a p2p torrent client, do NOT remap it to a different local port and make sure that the torrent client port matches the remotely forwarded port number, otherwise your client will communicate to trackers (if you use them) and DHT the wrong port: torrent clients will communicate to trackers and DHT the port number you have configured in them. As a result, you will get no incoming packets from the swarm and the torrent client network status token will remain yellow.

IMPORTANT: do NOT forward on your router the same ports you use on your Bittorrent or eMule client (or any other listening service) while connected to the VPN. Doing so exposes your system to correlation attacks and potentially causes uncencrypted packets to be sent outside the tunnel from your client.

Hello!
 
We're sorry to inform you that according to the following message from UrDN http://www.urdn.com.ua/ all the servers in the Kiev datacenter, including AirVPN servers, have been illegally stolen by Ukrainian "security services" SBU and should be released only after payment of a bribe.
 
We have no way to verify this message unfortunately, but in any case our servers, as you probably know, do not contain any log and/or any database and/or any sensitive information.
 
Therefore, Procyon and Theemim will not come back anytime soon, as UrDN declares that they will not pay any bribe/ransom to get back the servers.
 
If the message is truthful, we would like to express our complete solidarity with UrDN and condemn the acts of the Ukrainian "security services" SBU which would be identical to those of a criminal organization.

Kind regards
AirVPN Staff
 

No.

Hello!
 
We're glad to inform you that Eddie developer has put this issue as a priority for the next Eddie release.
 
Kind regards

Hello!
 
We're glad to inform you that Eddie developer has put this issue as a priority for the next Eddie release.
 
Kind regards

HOW TO FORWARD PORTS TO YOUR DEVICES WITH IPTABLES
 
You need to create a basic DNAT on your router. Remember that the router GUI forwards ports from the WAN to LAN. When connected to the VPN you must forward ports from TUN to LAN. Therefore, it is imperative that you do NOT forward ports in the GUI of the router.
 
Assuming that:
destIP is the IP address of the destination device port is the port you wish to forward to that device tun1 is the tun interface of your router (please check! on some routers it can be tun0, on Tomato it can be tun11) you need to forward both TCP and UDP packets you need to add the following rules. Please note that the following rules do NOT replace your already existing rules, you just have to add them.
 
iptables -I FORWARD -i tun1 -p udp -d destIP --dport port -j ACCEPT
iptables -I FORWARD -i tun1 -p tcp -d destIP --dport port -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport port -j DNAT --to-destination destIP
iptables -t nat -I PREROUTING -i tun1 -p udp --dport port -j DNAT --to-destination destIP
 
Note: if your router firmware iptables supports the multiport module you can use --match option to make your rules set more compact. Please see here, thanks to Mikeyy https://airvpn.org/topic/14991-asuswrt-merlin-multiple-ports/?do=findComment&comment=31221
 
Kind regards

You provide Remote Port Forwarding, what is it?
 
"Remote port forwarding" forwards traffic coming from the Internet to our VPN server ports to a specified local port of your client.

By default, your account has no forwarded ports, and this is good as long as you don't wish to have a service reachable from the Internet. For example, suppose that you want to run a web server behind our VPN, or that you wish to receive incoming connections to your BitTorrent client in order to improve p2p performance, or to seed a file. Without at least one remotely forwarded port, your service could not be reached from the outside, because our VPN server would reject the proper packets to your service.

Usually this is a good security measure against attacks, but it prevents your services to be reached from the Internet.

When you remotely forward an inbound port, our servers will open that port (TCP, UDP or both, according to your selection) and will properly forward incoming packets to you on that port. The service will be reachable from the exit-IP address of the VPN server your system is connected to.

You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048.

You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when the port is already reserved. More details about it here below.

Once you reserve an inbound remote port for your account, you have two options:

1) Leave the "Local" field empty. In this case, packets arriving to the VPN server exit-IP address port n will be forwarded to your machine IP address inbound local port with the very same number n

2) Fill in the "Local" field with a different port number x. In this case packets arriving to port n will be forwarded to your system inbound local port x.

In both cases you need to reach the service on the VPN server exit-IP address port n.


IMPORTANT: do NOT forward on your router the same ports you use on your listening services while connected to the VPN. Doing so exposes your system to correlation attacks and potentially causes unencrypted packets to be sent outside the tunnel from your client. However, if you connect a router (for example DD-WRT, Tomato based firmware router) an additional step is required, please see https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/  
NOTE: you can't reach your listening service(s) through the VPN server exit-IP address from the very same machine that's running it/them and is connected to a VPN server, or from any other machine connected to that same VPN server.

What is a VPN?

VPN is an acronym of Virtual Private Network. Our VPN extends the private network across the Internet. It enables your computer (the "client") to send and receive data across the Internet through dedicated nodes ("the VPN servers") as if those data were an integral part of the private network. This is achieved through a point-to-point OpenVPN (in routing mode) connection. The connection is encrypted and each packet is authenticated both by your client and our servers, so that nobody (including your ISP) between your computer and the VPN server can see the data you transmit and receive, the real origin and destinations of such data, and, last but not least, can inject forged packets into your stream of data. The picked encryption cipher meets higher-than-military security requirements. 
Additionally, when your client has established a point-to-point encrypted connection (often referred to as "the tunnel"), your data will "get to the Internet" without any reference to your real IP address, which is simply no more inside the packets. Anybody on the Internet will therefore see your packets as coming from our VPN servers exit-IP addresses, not from your real IP address, protecting you against privacy intruders and other malignant entities, such as sniffers in public WiFi hot-spots, hi-jackers, profilers and disturbed "copyright trolls".
 
You don't need to configure applications to use "the tunnel", because our servers perform a set of route and default gateway pushes that your client accepts: your applications are "tunneled" transparently. OpenVPN encapsulates your packets inside an UDP or TCP stream, therefore all same or higher layer protocols are supported, making a VPN a profoundly different and highly superior solution to any http or socks proxy.

You provide Remote Port Forwarding, what is it?
 
"Remote port forwarding" forwards traffic coming from the Internet to our VPN server ports to a specified local port of your client.

By default, your account has no forwarded ports, and this is good as long as you don't wish to have a service reachable from the Internet. For example, suppose that you want to run a web server behind our VPN, or that you wish to receive incoming connections to your BitTorrent client in order to improve p2p performance, or to seed a file. Without at least one remotely forwarded port, your service could not be reached from the outside, because our VPN server would reject the proper packets to your service.

Usually this is a good security measure against attacks, but it prevents your services to be reached from the Internet.

When you remotely forward an inbound port, our servers will open that port (TCP, UDP or both, according to your selection) and will properly forward incoming packets to you on that port. The service will be reachable from the exit-IP address of the VPN server your system is connected to.

You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048.

You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when the port is already reserved. More details about it here below.

Once you reserve an inbound remote port for your account, you have two options:

1) Leave the "Local" field empty. In this case, packets arriving to the VPN server exit-IP address port n will be forwarded to your machine IP address inbound local port with the very same number n

2) Fill in the "Local" field with a different port number x. In this case packets arriving to port n will be forwarded to your system inbound local port x.

In both cases you need to reach the service on the VPN server exit-IP address port n.


IMPORTANT: do NOT forward on your router the same ports you use on your listening services while connected to the VPN. Doing so exposes your system to correlation attacks and potentially causes unencrypted packets to be sent outside the tunnel from your client. However, if you connect a router (for example DD-WRT, Tomato based firmware router) an additional step is required, please see https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/  
NOTE: you can't reach your listening service(s) through the VPN server exit-IP address from the very same machine that's running it/them and is connected to a VPN server, or from any other machine connected to that same VPN server.

Hi,
 
actually throttling of p2p and VPN is what routinely occurs in the European Union. It is illegal, though, to do it if the customer has not been fully and clearly informed on the contract, please see here:
 
https://airvpn.org/topic/10967-slow-airvpn-speeds-050mbs-down-or-less/?do=findComment&comment=15358
 
The new regulation is an additional and nice step forward to Net Neutrality, but it's still weak and actually it still allows various discriminations. However, when the regulation is in force, situation for the EU citizen will be better or equal to the current situation, not worse. Since years ISPs have put encrypted traffic to the slow lane. But since HTTP is being discarded more and more and HTTPS is becoming dominant in the World Wide Web, OpenVPN over SSL to port 443 has always been a perfect patch, because usually ISPs tend to treat pure TLS traffic to port 443 totally equivalent to HTTPS, which you can't throttle too much without impacting 100% of your customers.
 
Kind regards

Hello!
 
Please make sure that you're running client version 2.10.3. Select "AirVPN" -> "About" to check.
 
 
 
Network Lock in Windows activates Windows Firewall so the feature can not be used in any way when a different firewall is active. Running two different firewalls may cause unpredictable behavior because (to put it briefly) you have two programs with same high privileges which compete to modify concurrently the OS packet filtering tables.
 
Kind regards

Website: http://www.marcopolo.tv/
Italian TV Streaming
 
Status: OK
Routing: All servers to IT route.

Website: http://www.cbc.ca
Official CBC television site for Canada
 
Status: OK
Native: CA servers.
Routing: All other servers.

 

Website: http://www.tf1.fr
Official site of French television channels (TF1, TMC, NT1, HD1)


Status: OK
Native: FR servers.
Routing: All other servers.
 

Website: http://www.gazzetta.it
La Gazzetta dello Sport, an Italian sport website and streaming.

Status: OK
Routing: All servers to IT route.
 
Note: if you have an advertising blocker active (like Adblock or uBlock) try to disable it.
This site detect use of this blocker and prevent to see the video.

Website: http://www.alice.tv/
Italian TV Streaming
 
Status: OK
Routing: All servers to IT route.

Website: http://www.leonardo.tv/
Italian TV Streaming
 
Status: OK
Routing: All servers to IT route.

05/06/2014, Funded with 1000€ (1355 USD). https://airvpn.org/mission/

In this forum, the community posts suggestions about projects which would deserve a support (typically monetary support). One topic per project.
Projects must be compatible with AirVPN Mission: https://airvpn.org/mission .
If projects are based on software, the software must be free and open source.

In order to achieve total transparency, we would like to tie this project to AirVPN promotion but at the same time we wish that it is handled by the community to guarantee that it is a real and impartial work. Therefore we aim to build a staff of moderators that don't work with AirVPN Staff and can manage and decide how to distribute the funding availability that AirVPN service can allocate to no-profit projects.
 
EDIT: until now it has not been possible to build a staff of independent moderators. As a consequence, it's the whole community that proposes projects. Anyone can do that. Then, candidate projects are periodically voted by the whole community (only persons writing in the forum are allowed to vote). The typical poll period is 1-2 months, which can vary according to our funds allocation and availability. The supporting funds are delivered to the winning project.
 
Already funded projects can't be proposed again at least for 1 year. Regularly or periodically funded projects can't be proposed.