Staff

Hello!
 
Actually we think that zhang888 is totally right.
 
On top of that, we would like to add that, even if an add-on were totally reliable for some browser, solving the so called "WebRTC leak" at browser level could be a false or partial solution. We would recommend solutions at firewall level, like our Eddie "Network Lock".
 
Please see here for explanations of the above and for further considerations:
http://www.clodo.it/blog/an-alternative-approach-to-so-called-webrtc-leaks
 
Kind regards

Hello,

we have insert ddl-warez.in in our anti-geo-blocking service.

Can you try again and confirm that it works now  ?

Kind regards
 

Website: http://www.nbc.com/
Official NBC site for primetime, daytime and late night television shows. Television (TV) network includes soap opera, reality shows and more. Find additional information on the official NBC TV site.

Status: OK
Native: US servers.
Routing: All other servers.

Website: http://www.deezer.com/
Deezer is a web-based music streaming service. It allows users to listen to music on various devices online or offline.
 
Status: OK
Native: All server except US and NL
Routing: US and NL, to FR route.

Website: http://www.alice.tv/
Italian TV Streaming
 
Status: OK
Routing: All servers to IT route.

AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES.

The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction.

Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union.

The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure.

Given all of the above, we repute that these acts:

- are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights;
- are an attack against the Internet infrastructure and the cyberspace;
- are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired;

and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses.

In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time.

Kind regards
AirVPN admins

A very odd conclusion on the basis of what you have reported... On the contrary, all the leaks up to now confirm that NSA is not able to crack ciphers currently used by our service. That's exactly why they need backdoors or directly the keys. If you further read between the lines you'll also see what tremendous effort is putting NSA to bypass encryption, never to crack encryption directly, except for very special cases with very specific ciphers. They know the math very well.
 
Kind regards

What is the difference between protocols?

UDP is a connectionless protocol, so during the handshake it is not always possible to do an effective error correction. As a result, when there's high ping or low quality line during the OpenVPN login, the handshake may fail, although you could see no significant problem after (if) the connection is established.
TCP is capable of handling these problems.

On the other hand, UDP is more efficient once the connection is established. OpenVPN also implements a basic packets error correction even in UDP (only after the tunnel is established).

If you experience problems with VoIP video/audio conversations when connected to the VPN through a TCP port, a typical case for which a difference may be visible (VoIP over TCP - for example UDP over TCP -  is clearly inferior to VoIP over UDP because TCP implements ARQ, UDP does not), then go for an UDP connection.

In general, you should always try an UDP connection if your ISP allows it and you don't experience any problem during the handshake.
However, TCP is mandatory if you need a proxy to reach the Internet. VPN over TOR connections require a TCP connection.

Variety of ports (53, 80, 443) is an additional option to try to bypass country or ISPs blocks, or bandwidth management. When OpenVPN connections are disrupted by your ISP (this happens for sure in China and Iran) then you need OpenVPN over SSL or OpenVPN over SSH supported by every AirVPN server and requiring, again, TCP.

Yes. 2.10.0, 2.10.1 and 2.10.2 have not been promoted to Stable. The only candidate which made it is 2.10.3.
 
Kind regards

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.10.

2.10 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments
 
Integration with Windows 10 has been greatly improved as well.
 
Eddie 2.10 includes important bug fixes and changes meeting users' requests and preferences.
Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html

Upgrade is strongly recommended.

Just like previous version 2.9, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux and OS X users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is not handled anymore as a generic connection to a socks proxy, but it is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 )

As far as we know, Eddie is the first and currently the only OpenVPN wrapper that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor

We recommend that you upgrade Eddie as soon as possible.

Eddie 2.10 for GNU Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.10 for Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.10 for OS X Mavericks and Yosemite only can be downloaded here: https://airvpn.org/macosx

PLEASE NOTE: Eddie 2.10 package includes an OpenVPN version re-compiled by us from OpenVPN 2.3.8 source code with OpenSSL 1.0.2d for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328

Eddie overview is available here: https://airvpn.org/software
Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock
Eddie 2.10.x is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client


Kind regards & datalove
AirVPN Staff

Hello,
 
the connectivity issue is resolved.
 
the Hadar server is online now.
 
Kind regards
 

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.10.

2.10 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments
 
Integration with Windows 10 has been greatly improved as well.
 
Eddie 2.10 includes important bug fixes and changes meeting users' requests and preferences.
Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html

Upgrade is strongly recommended.

Just like previous version 2.9, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux and OS X users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is not handled anymore as a generic connection to a socks proxy, but it is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 )

As far as we know, Eddie is the first and currently the only OpenVPN wrapper that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor

We recommend that you upgrade Eddie as soon as possible.

Eddie 2.10 for GNU Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.10 for Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.10 for OS X Mavericks and Yosemite only can be downloaded here: https://airvpn.org/macosx

PLEASE NOTE: Eddie 2.10 package includes an OpenVPN version re-compiled by us from OpenVPN 2.3.8 source code with OpenSSL 1.0.2d for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328

Eddie overview is available here: https://airvpn.org/software
Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock
Eddie 2.10.x is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client


Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.10.

2.10 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments
 
Integration with Windows 10 has been greatly improved as well.
 
Eddie 2.10 includes important bug fixes and changes meeting users' requests and preferences.
Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html

Upgrade is strongly recommended.

Just like previous version 2.9, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux and OS X users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is not handled anymore as a generic connection to a socks proxy, but it is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 )

As far as we know, Eddie is the first and currently the only OpenVPN wrapper that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor

We recommend that you upgrade Eddie as soon as possible.

Eddie 2.10 for GNU Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.10 for Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.10 for OS X Mavericks and Yosemite only can be downloaded here: https://airvpn.org/macosx

PLEASE NOTE: Eddie 2.10 package includes an OpenVPN version re-compiled by us from OpenVPN 2.3.8 source code with OpenSSL 1.0.2d for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328

Eddie overview is available here: https://airvpn.org/software
Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock
Eddie 2.10.x is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client


Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.10.

2.10 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments
 
Integration with Windows 10 has been greatly improved as well.
 
Eddie 2.10 includes important bug fixes and changes meeting users' requests and preferences.
Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html

Upgrade is strongly recommended.

Just like previous version 2.9, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux and OS X users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is not handled anymore as a generic connection to a socks proxy, but it is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 )

As far as we know, Eddie is the first and currently the only OpenVPN wrapper that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor

We recommend that you upgrade Eddie as soon as possible.

Eddie 2.10 for GNU Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.10 for Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.10 for OS X Mavericks and Yosemite only can be downloaded here: https://airvpn.org/macosx

PLEASE NOTE: Eddie 2.10 package includes an OpenVPN version re-compiled by us from OpenVPN 2.3.8 source code with OpenSSL 1.0.2d for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328

Eddie overview is available here: https://airvpn.org/software
Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock
Eddie 2.10.x is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client


Kind regards & datalove
AirVPN Staff

Hello,
 
there is a pinned topic in this very same forum pertaining to the issue, have a look at it.
https://airvpn.org/topic/14829-can-only-connect-to-the-internet-browser-through-airvpn
 
Kind regards

HOW TO FORWARD PORTS TO YOUR DEVICES WITH IPTABLES
 
You need to create a basic DNAT on your router. Remember that the router GUI usually forwards ports from the WAN to LAN. When connected to the VPN you must forward ports from TUN interface to the final destination. Therefore, it is important that you do not forward ports through the GUI of the router.
 
Assuming that:
destIP is the IP address of the destination device port is the port you wish to forward to that device tun1 is the tun interface of your router (please check! on some routers it can be tun0, on Tomato it can be tun11) you need to forward both TCP and UDP packets you need to add the following rules. Please note that the following rules do NOT replace your already existing rules, you just have to add them.
 
iptables -I FORWARD -i tun1 -p udp -d destIP --dport port -j ACCEPT
iptables -I FORWARD -i tun1 -p tcp -d destIP --dport port -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport port -j DNAT --to-destination destIP
iptables -t nat -I PREROUTING -i tun1 -p udp --dport port -j DNAT --to-destination destIP
 
Note: if your router firmware iptables supports the multiport module you can use --match option to make your rules set more compact. Please see here, thanks to Mikeyy https://airvpn.org/topic/14991-asuswrt-merlin-multiple-ports/?do=findComment&comment=31221
 
Kind regards

A very odd conclusion on the basis of what you have reported... On the contrary, all the leaks up to now confirm that NSA is not able to crack ciphers currently used by our service. That's exactly why they need backdoors or directly the keys. If you further read between the lines you'll also see what tremendous effort is putting NSA to bypass encryption, never to crack encryption directly, except for very special cases with very specific ciphers. They know the math very well.
 
Kind regards

A very odd conclusion on the basis of what you have reported... On the contrary, all the leaks up to now confirm that NSA is not able to crack ciphers currently used by our service. That's exactly why they need backdoors or directly the keys. If you further read between the lines you'll also see what tremendous effort is putting NSA to bypass encryption, never to crack encryption directly, except for very special cases with very specific ciphers. They know the math very well.
 
Kind regards

What is Dynamic DNS?
"Dynamic DNS or DDNS is a method of updating, in real time, a Domain Name System (DNS) to point to a changing IP address on the Internet. This is used to provide a persistent domain name for a resource that may change location on the network."
Wikipedia, http://en.wikipedia.org/wiki/Dynamic_DNS
 
Premium Members can choose up to 20 names in their Forwarded Ports page, accessible from the left tabs of their "Client Area".
 
Just for comfort, a name is associated to a forwarded port.

When a Premium member connects to an Air VPN server, the .airdns.org DNS record is updated to the exit-IP address of that server. Therefore, be aware that this service may be unusable when you establish multiple connections to different servers from different devices with the same account (in such cases, you need to point directly to the exit-IP address of the server, or use some third-party DDNS which you manually set).

This service can be useful when you need a domain name, which must be persistent across all Air VPN servers, for a service you need to run "behind Air VPN". For example: if you want to host a game server, you can communicate to the players the DNS name and freely switch Air VPN servers.

Notes:TTL (Time-To-Live) is one hour. If you change VPN server, one hour may be needed before other users can resolve correctly your domain name. A longer time might be necessary: some public DNS (for example Google DNS) sometimes ignore TTL in their caching system.DNS are created or updated when a connection to an Air server is performed. They are deleted only if you disable the system (i.e. you delete the name from the forwarded ports panel). The latest IP address is NOT removed during disconnection or connection retry.

You provide Remote Port Forwarding, what is it?
 
"Remote port forwarding" forwards traffic coming from the Internet to our VPN server ports to a specified local port of your client.

By default, your account has no forwarded ports, and this is good as long as you don't wish to have a service reachable from the Internet. For example, suppose that you want to run a web server behind our VPN, or that you wish to receive incoming connections to your BitTorrent client in order to improve p2p performance, or to seed a file. Without at least one remotely forwarded port, your service could not be reached from the outside, because our VPN server would reject the proper packets to your service.

Usually this is a good security measure against attacks, but it prevents your services to be reached from the Internet.

When you remotely forward an inbound port, our servers will open that port (TCP, UDP or both, according to your selection) and will properly forward incoming packets to you on that port. The service will be reachable from the exit-IP address of the VPN server your system is connected to.

You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048.

You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when the port is already reserved. More details about it here below.

Once you reserve an inbound remote port for your account, you have two options:

1) Leave the "Local" field empty. In this case, packets arriving to the VPN server exit-IP address port n will be forwarded to your machine IP address inbound local port with the very same number n

2) Fill in the "Local" field with a different port number x. In this case packets arriving to port n will be forwarded to your system inbound local port x.

In both cases you need to reach the service on the VPN server exit-IP address port n.


IMPORTANT: do NOT forward on your router the same ports you use on your listening services while connected to the VPN. Doing so exposes your system to correlation attacks and potentially causes unencrypted packets to be sent outside the tunnel from your client. However, if you connect a router (for example DD-WRT, Tomato based firmware router) an additional step is required, please see https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/  
NOTE: you can't reach your listening service(s) through the VPN server exit-IP address from the very same machine that's running it/them and is connected to a VPN server, or from any other machine connected to that same VPN server.

A very odd conclusion on the basis of what you have reported... On the contrary, all the leaks up to now confirm that NSA is not able to crack ciphers currently used by our service. That's exactly why they need backdoors or directly the keys. If you further read between the lines you'll also see what tremendous effort is putting NSA to bypass encryption, never to crack encryption directly, except for very special cases with very specific ciphers. They know the math very well.
 
Kind regards

Hello!
 
A new experimental version 2.10.3 is available.
Bundled with OpenVPN 2.3.8 (OpenSSL 1.0.2d), graphics improvement for better Windows 10 compatibility.

You provide Remote Port Forwarding, what is it?
 
"Remote port forwarding" forwards traffic coming from the Internet to our VPN server ports to a specified local port of your client.

By default, your account has no forwarded ports, and this is good as long as you don't wish to have a service reachable from the Internet. For example, suppose that you want to run a web server behind our VPN, or that you wish to receive incoming connections to your BitTorrent client in order to improve p2p performance, or to seed a file. Without at least one remotely forwarded port, your service could not be reached from the outside, because our VPN server would reject the proper packets to your service.

Usually this is a good security measure against attacks, but it prevents your services to be reached from the Internet.

When you remotely forward an inbound port, our servers will open that port (TCP, UDP or both, according to your selection) and will properly forward incoming packets to you on that port. The service will be reachable from the exit-IP address of the VPN server your system is connected to.

You can forward up to 20 ports simultaneously. You can do that on our website, in your account "Client Area". You can't forward ports lower than 2048.

You can map a remotely forwarded port to a different local port: this is useful for a variety of cases, for example when your service listens to a port lower than 2048 or when the port is already reserved. More details about it here below.

Once you reserve an inbound remote port for your account, you have two options:

1) Leave the "Local" field empty. In this case, packets arriving to the VPN server exit-IP address port n will be forwarded to your machine IP address inbound local port with the very same number n

2) Fill in the "Local" field with a different port number x. In this case packets arriving to port n will be forwarded to your system inbound local port x.

In both cases you need to reach the service on the VPN server exit-IP address port n.


IMPORTANT: do NOT forward on your router the same ports you use on your listening services while connected to the VPN. Doing so exposes your system to correlation attacks and potentially causes unencrypted packets to be sent outside the tunnel from your client. However, if you connect a router (for example DD-WRT, Tomato based firmware router) an additional step is required, please see https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/  
NOTE: you can't reach your listening service(s) through the VPN server exit-IP address from the very same machine that's running it/them and is connected to a VPN server, or from any other machine connected to that same VPN server.

What is the difference between protocols?

UDP is a connectionless protocol, so during the handshake it is not always possible to do an effective error correction. As a result, when there's high ping or low quality line during the OpenVPN login, the handshake may fail, although you could see no significant problem after (if) the connection is established.
TCP is capable of handling these problems.

On the other hand, UDP is more efficient once the connection is established. OpenVPN also implements a basic packets error correction even in UDP (only after the tunnel is established).

If you experience problems with VoIP video/audio conversations when connected to the VPN through a TCP port, a typical case for which a difference may be visible (VoIP over TCP - for example UDP over TCP -  is clearly inferior to VoIP over UDP because TCP implements ARQ, UDP does not), then go for an UDP connection.

In general, you should always try an UDP connection if your ISP allows it and you don't experience any problem during the handshake.
However, TCP is mandatory if you need a proxy to reach the Internet. VPN over TOR connections require a TCP connection.

Variety of ports (53, 80, 443) is an additional option to try to bypass country or ISPs blocks, or bandwidth management. When OpenVPN connections are disrupted by your ISP (this happens for sure in China and Iran) then you need OpenVPN over SSL or OpenVPN over SSH supported by every AirVPN server and requiring, again, TCP.

Hello!
 
Our free and open source client Eddie 2.10.1 Experimental is now available. Feel free to test it, it includes several bugfixes from version 2.9.2 Stable. Remember that it's an experimental version which passed alpha testing but is still in beta testing.
 
If you wish to test it, you can download it in the download page for your system. Click "Other versions" then select "Experimental". Your feedback will be very much appreciated.
 
Changelog:
https://airvpn.org/services/changelog.php?software=client&format=html
 
Kind regards
 
UPDATE 13-Aug-15: Eddie 2.10.3 Experimental is now available https://airvpn.org/topic/14491-eddie-2101-experimental-available/?p=30952