Staff

Hello!
 
It's not completely clear what you want to achieve. Perhaps some clarifications are necessary.
 
First of all, it must be clear what a port (in networking) is. Wikipedia provides an outstanding, great, precise definition in article http://en.wikipedia.org/wiki/Port_%28computer_networking%29 :
 
"In computer networking, a port is an application-specific or process-specific software construct serving as a communications endpoint in a computer's host operating system. The purpose of ports is to uniquely identify different applications or processes running on a single computer and thereby enable them to share a single physical connection to a packet-switched network like the Internet. In the context of the Internet Protocol, a port is associated with an IP address of the host, as well as the type of protocol used for communication.
 
The protocols that primarily use ports are the Transport Layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) of the Internet Protocol Suite. A port is identified for each address and protocol by a 16-bit number, commonly known as the port number. The port number, added to a computer's IP address, completes the destination address for a communications session. That is, data packets are routed across the network to a specific destination IP address, and then, upon reaching the destination computer, are further routed to the specific process bound to the destination port number.
 
Note that it is the combination of IP address and port number together that must be globally unique. Thus, different IP addresses or protocols may use the same port number for communication; e.g., on a given host or interface UDP and TCP may use the same port number, or on a host with two interfaces, both addresses may be associated with a port having the same number."
 
Therefore, a port is said to be "open" when all the following conditions are met:
 
1) it exists
2) packets to it are not dropped or rejected by any packet filtering tool
3) the process identified by the port replies
 
Condition 1 seems trivial but please think about it. If there is no process identified by the host by a certain endpoint, there is no endpoint at all. The port does not exist, period. In common language this is one of the cases for which we say that "a port is closed".
 
When you remotely forward a port on our system, the VPN server will take care to forward packets to your VPN IP address:port number so you will be able to have listening services (i.e. processes identified by a unique endpoint) behind our NAT. Thus:
 
- if your service does not run, our servers forward packets but your system will not reply because it does not know which process it should send the packets to: "the port is closed".
- if your service runs, but a packet filtering tool on your system rejects or drops packets, the port does exist but it is again "closed"
- if your service runs and your packet filtering tool does not reject or drop packets it, but the port is not forwarded on our system, the VPN servers will drop the incoming packets from the Internet: the port is once again "closed" (from the external "Internet point of view")
- if your service runs, your packet filtering tool does not intercept packets to it, and the port is remotely forwarded on our system, the port is "open"
 
The problem you cite with Windows is probably due to the fact that by default a lot of processes (identified by an endpoint on the host) run without the user awareness, therefore a lot of ports "are open" by default. If the process associated to the port has one or more vulnerabilities, it may become the target of an attack: by sending packets to that port (i.e. by communicating with the vulnerable processes) an attacker could exploit such vulnerabilities for various purposes, including taking root control of the machine where such process runs (with privileges escalation, or with some intentional overflow just to make two random examples). Hence the basic rule: not running processes that you do not need is the first, simplest way to "close a port", even before than setting up a packet filtering tool.
 
When you're connected to our service, by default "all ports are closed". This means that the VPN server will not forward anything to your VPN IP. However, this does not mean that ALL of your host ports "are closed". For example, if your computer is behind a router NAT (very common case), AND you have processes running on the computer and listening to the physical network card AND you forward ports on your router matching the same endpoint of those processes, packets can reach those processes through that other forwarded ports. In general, when you are connected to a VPN server you should not forward ports on the router. Not only it is useless, because the VPN tunnel bypasses your router NAT as well as your ISP NAT (if any), but it is also potentially dangerous. In particular if you forward the SAME port numbers both on the VPN and on your router, and you have a process listening to those ports, correlation attacks become possible.
 
Kind regards

What is the difference between protocols?

UDP is a connectionless protocol, so during the handshake it is not always possible to do an effective error correction. As a result, when there's high ping or low quality line during the OpenVPN login, the handshake may fail, although you could see no significant problem after (if) the connection is established.
TCP is capable of handling these problems.

On the other hand, UDP is more efficient once the connection is established. OpenVPN also implements a basic packets error correction even in UDP (only after the tunnel is established).

If you experience problems with VoIP video/audio conversations when connected to the VPN through a TCP port, a typical case for which a difference may be visible (VoIP over TCP - for example UDP over TCP -  is clearly inferior to VoIP over UDP because TCP implements ARQ, UDP does not), then go for an UDP connection.

In general, you should always try an UDP connection if your ISP allows it and you don't experience any problem during the handshake.
However, TCP is mandatory if you need a proxy to reach the Internet. VPN over TOR connections require a TCP connection.

Variety of ports (53, 80, 443) is an additional option to try to bypass country or ISPs blocks, or bandwidth management. When OpenVPN connections are disrupted by your ISP (this happens for sure in China and Iran) then you need OpenVPN over SSL or OpenVPN over SSH supported by every AirVPN server and requiring, again, TCP.

Hello!
 
As we announced repeatedly, there will be no kill switch on Eddie, because forced applications killing is not a safe method for several reasons. On the contrary, there will be a total leaks prevention, to prevent for example packets leaks in case of unexpected VPN disconnection. Eddie 2.5 will include this feature and will be released (unless unforeseen problems come out) during the first half of September (and probably it will be also promoted to "stable", no more beta).
 
Kind regards

Hello!
 
We're very glad to inform you that a new 1 Gbit/s server located in Canada is available: Grumium.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.
 
Just like every other Air server, Grumium supports OpenVPN over SSL and OpenVPN over SSH.
 
As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.
 
Kind regards and datalove
AirVPN Team

Hello!
 
They block dozens of datacenters, entire IP ranges, and whole ranges from residential ISPs. If they need that, they do not look like very skilled hackers.
 
Kind regards

Hello!
 
We don't want to add security to the SSL layer. The SSL layer has the only purpose to encrypt the OpenVPN headers to prevent OpenVPN usage detection, it must not be thought as an additional security layer: the real security lies on the OpenVPN tunnel inside the SSL tunnel. Anyway, AES-128 is robust, even too much for our purposes. Remember that you should use OpenVPN over SSL only when absolutely unavoidable (for example from China, or whenever an ISP tries to block OpenVPN), because with OpenVPN over SSL you add a significant overhead and on top of that you force OpenVPN to work in TCP, while OpenVPN gives out its best performance in UDP.
 
Kind regards

Hello!
 
We're very glad to inform you that a new 1 Gbit/s server located in Canada is available: Grumium.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.
 
Just like every other Air server, Grumium supports OpenVPN over SSL and OpenVPN over SSH.
 
As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.
 
Kind regards and datalove
AirVPN Team

Hello!
 
We're very glad to inform you that a new 1 Gbit/s server located in Canada is available: Grumium.
 
The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.
 
Just like every other Air server, Grumium supports OpenVPN over SSL and OpenVPN over SSH.
 
As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.
 
Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.4beta. Please read the changelogs: https://airvpn.org/services/changelog.php?software=client&format=html

2.4beta version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments

Planned next steps: Network Leaks Protection implementation. It was not possible to implement it in this version, we apologize for the delay. The NLP feature is in advanced development and keeps highest priority, but in the meantime we preferred to optimize the release cycle and deploy a version with some bug fixes and new features and a re-compiled OpenVPN (see note below) for additional security and comfort.
 
Eddie 2.4beta Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.4beta Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.4beta OS X can be downloaded here: https://airvpn.org/macosx
 
PLEASE NOTE: Eddie packages now include an OpenVPN version re-compiled by us with OpenSSL 1.0.1i for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328
Eddie 2.4beta is free and open source software released under GPLv3

Kind regards & datalove
AirVPN Staff

Hello!

Since you only need to access one site bypassing the VPN, the quickest solution is a change to your routing table.

You can proceed as follows:
- determine the IP address(es) of the website you need to connect to bypassing the VPN. Let's call it a.b.c.d
- determine the IP address of the gateway of your physical network adapter (if you are unsure, type on a prompt "ipconfig /all"). Let's call it e.f.g.h

After you have connected to the VPN, open a prompt or a PowerShell with administrator privileges and type the command:

route -p add a.b.c.d e.f.g.h
Please note that the -p flag will make this route permanent, surviving to a reboot. Do not specify "-p" if you don't want it to be permanent. You can remove this route with:

route delete a.b.c.d
Each packet to a.b.c.d will get out unencrypted outside the tunnel.

Warning: proceed with caution. Any mistake might compromise your anonymity layer.

Kind regards

Hello!
 
We inform you that server Hoedus in Canada will be withdrawn due to multiple line and switch problems that occurred repeatedly in the last four weeks. It will be replaced by another server, in the same location, soon.
 
Kind regards
AirVPN Staff
 

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Singapore is available: Antares.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Antares supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

@epsilon, Regarding the latest Eddie client, I am not facing any DNS leak issues on either Windows or Mac. DNS leak is typically a Windows OS issue. Nonetheless, In the preferences of the client, Under Advanced->General, ensure the following are set -
1. DNS Switch Mode is Automatic
2. Check if tunnel is using AirVPN DNS is set
3. If on WIndows OS, Enable the force DNS checkbox.
 
It might be possible that when upgrading from 2.3 to 2.4, the previous settings were overwritten. The staff had previously said that from version 2.4 onwards, when upgrading the previous settings will not be lost. So the settings shouldn't be lost when upgrading to 2.5.
 
There is an existing thread on how to fix DNS leaks (meant for users not using the AirVPN client)- https://airvpn.org/topic/9289-dns-leaks-and-how-to-fix-them/. A particular post in it explains nicely what needs to be done to fix DNS leaks (https://airvpn.org/topic/9289-dns-leaks-and-how-to-fix-them/?do=findComment&comment=11603). I am referencing it cuz it helped me understand what a DNS leak meant.

Your account has opened one ticket. An answer to that ticket has been given exactly 1 hour and 14 minutes after it was opened. Please check it out. You can see your account whole tickets history and contents by logging with that account in our web site, clicking "Client Area" from the upper menu and then clicking "Support Tickets" from the left tabs. On top of that courtesy e-mails are sent each time a ticket is updated.
 
Kind regards

What is an API?
AirVPN application programming interface (API) allows our customers to access and control their accounts, using custom written software.

If you need some other kind of API please feel free to write in our forums.

API Syntax
https://airvpn.org/api/?format=<format>&key=<your_api_key>&service=<service_name>&<service_params> (optional, default 'web') is the output format:web : Displays result as web-site page. Useful to understand. json : JSON format. xml : XML format. php : PHP, function serialize() and unserialize(). text : Plain text, key=value for each rows. Nested result grouped with .dot notation in key field. is your API key. Generate a key from API page. If you are already logged in AirVPN website, this is optional. Use the key param if you plan to use our API in scripts. is the service name, look below for additional reference. Any service returns a 'result' field with 'ok' if successful or an 'error' message.

Dates are always in UTC.
Dates that end with "_date" are the dates in the MySql standard format, yyyy-mm-dd hh24:mi:ss.
Dates that end with "_unix" are the dates in UNIX timestamp (integer).


Do not send more than 600 requests every 10 minutes or we will ban your IP address.

Supported methods
GET, curl example: curl "https://airvpn.org/api/?format=json&service=test" POST application/x-www-form-urlencoded, curl example: curl -d "format=json&service=test" -X POST "https://airvpn.org/api/" POST application/json, curl example: curl -d '{"format":"json", "service":"test"}' -H "Content-Type: application/json" -X POST "https://airvpn.org/api/"
Services




Service: userinfo
Access: Member only
Details about yourself, including connection details.

Params: None

Output:userlogin (login name) register_date (date of registration on our website) register_unix (date of registration on our website) premium (boolean, if premium or not) expiration_unix (date of expiration) expiration_date (date of expiration) expiration_days (days to the expiration) last_attempt_unix (date of last attempt to connect to a VPN server) posts (posts in forum) credits (account credit) last_post (date of last post in forum) last_visit_unix (date of last visit on website) last_activity_unix (date of last activity on website) connected (boolean, if connected or not) sessions (array of all sessions, ordered by connected_since)vpn_ip (local IP address assigned, 10.*) exit_ip (exit IP) entry_ip (entry IP) server_name (server name) server_country (server country name) server_country_code (server country code, ISO) server_continent (server continent) server_location (server location) server_bw (server bandwidth: 100 for 100 Mbit/s, 1000 for 1 Gbit/s) bytes_read (read bytes in the current session) bytes_write (written bytes in the current session) connected_since_unix (date of start of the current connection) connected_since_date (date of start of the current connection) speed_read (read bytes per second) speed_write (written bytes per second) connection (it's the first session above, for compatibility)

Service: notification
Access: Member only

Send a message to yourself.
Choose in the notifications options, under Air -> API, if you want to see it in the web site and/or in an e-mail.
Useful to write to yourself an event that needs attention, for example from a script.

Note: key required in any case.
Params:subject body Output: None



Service: disconnect
Access: Member only
Requests a disconnection. If none of the filter parameters are specified, disconnect all sessions of the user.

Note: key required in any case.
Params:server - Optional, if specified disconnect only sessions related to this server name. device - Optional, if specified disconnect only sessions related to this device name. Output: None



Service: status
Access: Free
The data available in our https://airvpn.org/status page.

Params: None
Output: Try it. Some fields:server_best is the recommended server bw is the bandwidth used, in mbit/s bw_max is the bandwidth available, in mbit/s users is the number of users servers is the number of servers currentload is a percentage of current load health: Can be ok, warning or error. If a server is in error status, it doesn't accept connection. For example, a low packet loss may cause a warning status, a high packet loss or maintenance may cause an error status. warning: Only exists if health isn't ok, it's the reason.

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.4beta. Please read the changelogs: https://airvpn.org/services/changelog.php?software=client&format=html

2.4beta version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments

Planned next steps: Network Leaks Protection implementation. It was not possible to implement it in this version, we apologize for the delay. The NLP feature is in advanced development and keeps highest priority, but in the meantime we preferred to optimize the release cycle and deploy a version with some bug fixes and new features and a re-compiled OpenVPN (see note below) for additional security and comfort.
 
Eddie 2.4beta Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.4beta Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.4beta OS X can be downloaded here: https://airvpn.org/macosx
 
PLEASE NOTE: Eddie packages now include an OpenVPN version re-compiled by us with OpenSSL 1.0.1i for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328
Eddie 2.4beta is free and open source software released under GPLv3

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.4beta. Please read the changelogs: https://airvpn.org/services/changelog.php?software=client&format=html

2.4beta version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments

Planned next steps: Network Leaks Protection implementation. It was not possible to implement it in this version, we apologize for the delay. The NLP feature is in advanced development and keeps highest priority, but in the meantime we preferred to optimize the release cycle and deploy a version with some bug fixes and new features and a re-compiled OpenVPN (see note below) for additional security and comfort.
 
Eddie 2.4beta Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.4beta Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.4beta OS X can be downloaded here: https://airvpn.org/macosx
 
PLEASE NOTE: Eddie packages now include an OpenVPN version re-compiled by us with OpenSSL 1.0.1i for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328
Eddie 2.4beta is free and open source software released under GPLv3

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new Eddie Air client version has been released: 2.4beta. Please read the changelogs: https://airvpn.org/services/changelog.php?software=client&format=html

2.4beta version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments

Planned next steps: Network Leaks Protection implementation. It was not possible to implement it in this version, we apologize for the delay. The NLP feature is in advanced development and keeps highest priority, but in the meantime we preferred to optimize the release cycle and deploy a version with some bug fixes and new features and a re-compiled OpenVPN (see note below) for additional security and comfort.
 
Eddie 2.4beta Linux can be downloaded here: https://airvpn.org/linux
Eddie 2.4beta Windows can be downloaded here: https://airvpn.org/windows
Eddie 2.4beta OS X can be downloaded here: https://airvpn.org/macosx
 
PLEASE NOTE: Eddie packages now include an OpenVPN version re-compiled by us with OpenSSL 1.0.1i for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328
Eddie 2.4beta is free and open source software released under GPLv3

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Singapore is available: Antares.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Antares supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Joy! I am a picture of feline happiness. Thanks, AirVPN. You guys really rock.

And AirVPN does it again.. Thank you.
 
You've someone on your team that loves space, don't you? The name of the servers and the "by planets" in the config generator

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Singapore is available: Antares.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Antares supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!
We're sorry to inform you that we have received a communication from SoftLayer IBM (owner of the datacenter where we operate our servers in Singapore) telling us that we must block p2p protocols on the servers as a consequence of very few copyright complaints received.
 
If we complied to this request we would prevent VoIP, BitCoin, BitTorrent and many other uses of the servers. This would be an unacceptable inconsistency for the the purposes of our services and a betrayal of a key part of our mission (no discrimination against any protocol, Net Neutrality preservation).
 
Additionally, complying to such requests would silently encourage protocols discriminations and other detrimental practices for an open Internet.
 
We are therefore planning to reject this request, cancel our business relationships with IBM and withdraw the servers in the Singapore datacenter. We are already working to find alternative, network neutral solutions in the Pacific Asia area (as you probably know we already operate a 1 Gbit/s server in Hong Kong), if possible in Singapore itself.
 
Kind regards
AirVPN Staff
 

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Singapore is available: Antares.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Antares supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!
 
We're glad to inform you that we're finalizing agreements for a 1 Gbit/s server in Singapore in a network neutral datacenter.
 
Kind regards