Jump to content
Not connected, Your IP: 3.81.89.248

Search the Community

Showing results for tags 'OPENVPN'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 193 results

  1. Hello I a new user and would like to know how to set up an SSH tunnel with OpenVPN in my Mac with Viscosity App. I generated these files and imported them all to the Viscosity: https://cl.ly/aeTZ/Captura_de_Tela_2015-04-14_as_18.17.12.png [Or attached file!] I can connect via UDP-443 _ but I can't connect through SSH _-53. What am I doing wrong? I think I'm connected with OpenVPN but without the SSH tunnel. How should I do?
  2. Hello! ubuntu 14.04LTS Is there a simple way to bypass the vpn for plex or rather a specific port? I need a direct connection to my dedicated server for plex. Any help is very much appreciated. Thx! edit: I found a simple solution for ubuntu. Now, I use an ubuntu lxc-container for everything that I want to do with AirVPN (openvpn). The main system does not connect to AirVPN, thus I can easily establish a direct connection with my plex server. I know this should be possible with firewall rules and routes, but this is a good option for me.
  3. Good day, First of all I am running Ubuntu 14.04 on my laptop. What I want to achiev is to connect to tor via Airvpn. (That's the safest setup way, am I right?). Problems that I occure: To connect to Tor, I need to setup proxy in Airvpn client. Ant then use data in Tor configuration and achieve connection. Airvpn client without proxy setting works flawless. After I turn on proxy (socks5), I cant connect to server, I get reconnect loop, log: I 2015.03.09 11:03:54 - AirVPN client version: 2.8.8, System: Linux, Name: Ubuntu 14.10 \n \l, Architecture: x86 . 2015.03.09 11:03:54 - Reading options from /home/vibe/.airvpn/AirVPN.xml . 2015.03.09 11:03:56 - Data Path: /home/vibe/.airvpn . 2015.03.09 11:03:56 - App Path: /usr/lib/AirVPN . 2015.03.09 11:03:56 - Executable Path: /usr/lib/AirVPN/AirVPN.exe . 2015.03.09 11:03:56 - Command line arguments (1): path="/home/vibe/.airvpn" . 2015.03.09 11:03:57 - Operating System: Unix 3.16.0.23 - Linux Q 3.16.0-23-generic #31-Ubuntu SMP Tue Oct 21 18:00:35 UTC 2014 i686 i686 i686 GNU/Linux . 2015.03.09 11:03:57 - Updating systems & servers data ... I 2015.03.09 11:03:57 - OpenVPN Driver - Found I 2015.03.09 11:03:57 - OpenVPN - Version: OpenVPN 2.3.2 (/usr/sbin/openvpn) I 2015.03.09 11:03:57 - SSH - Version: OpenSSH_6.6.1p1 Ubuntu-8, OpenSSL 1.0.1f 6 Jan 2014 (/usr/bin/ssh) I 2015.03.09 11:03:57 - SSL - Version: stunnel 5.02 (/usr/bin/stunnel4) I 2015.03.09 11:03:57 - IPV6: Available ! 2015.03.09 11:03:57 - Ready . 2015.03.09 11:03:57 - Updating systems & servers data ..., 1° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:57 - Updating systems & servers data ..., 2° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:57 - Updating systems & servers data ..., 3° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:57 - Updating systems & servers data ..., 4° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:57 - Updating systems & servers data ..., 5° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:58 - Updating systems & servers data ..., 6° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:58 - Updating systems & servers data ..., 7° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:03:58 - Updating systems & servers data ..., 8° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) W 2015.03.09 11:03:58 - Cannot retrieve systems & servers data. Please retry later or contact us for help. (CUrl is not installed on this system, and it's required for SOCKS proxy.) I 2015.03.09 11:04:49 - Session starting. I 2015.03.09 11:04:49 - Installing tunnel driver F 2015.03.09 11:04:50 - Only TCP protocol is allowed with a proxy. . 2015.03.09 11:04:58 - Updating systems & servers data ... . 2015.03.09 11:04:58 - Updating systems & servers data ..., 1° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 2° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 3° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 4° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 5° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 6° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 7° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:04:58 - Updating systems & servers data ..., 8° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) W 2015.03.09 11:04:58 - Cannot retrieve systems & servers data. Please retry later or contact us for help. (CUrl is not installed on this system, and it's required for SOCKS proxy.) I 2015.03.09 11:05:12 - Session starting. I 2015.03.09 11:05:12 - Installing tunnel driver I 2015.03.09 11:05:12 - Retrieving manifest W 2015.03.09 11:05:12 - Unable to retrieve systems & servers data. Continue anyway with the old data. . 2015.03.09 11:05:12 - Updating systems & servers data ... I 2015.03.09 11:05:12 - Checking authorization ... . 2015.03.09 11:05:12 - Updating systems & servers data ..., 1° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:12 - Updating systems & servers data ..., 2° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:12 - Checking authorization ..., 1° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:12 - Updating systems & servers data ..., 3° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:12 - Checking authorization ..., 2° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:12 - Updating systems & servers data ..., 4° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Checking authorization ..., 3° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Updating systems & servers data ..., 5° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Checking authorization ..., 4° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Updating systems & servers data ..., 6° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Checking authorization ..., 5° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Updating systems & servers data ..., 7° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Checking authorization ..., 6° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Updating systems & servers data ..., 8° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) W 2015.03.09 11:05:13 - Cannot retrieve systems & servers data. Please retry later or contact us for help. (CUrl is not installed on this system, and it's required for SOCKS proxy.) . 2015.03.09 11:05:13 - Checking authorization ..., 7° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:13 - Checking authorization ..., 8° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) W 2015.03.09 11:05:13 - Authorization check failed, continue anyway ({1]) ! 2015.03.09 11:05:13 - Connecting to Grafias (Netherlands, Amsterdam) I 2015.03.09 11:05:13 - DNS of the system will be updated to VPN DNS (ResolvConf method) . 2015.03.09 11:05:13 - OpenVPN > OpenVPN 2.3.2 i686-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Dec 1 2014 . 2015.03.09 11:05:13 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 . 2015.03.09 11:05:13 - OpenVPN > NOTE: the current --script-security setting may allow this configuration to call user-defined scripts . 2015.03.09 11:05:13 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file . 2015.03.09 11:05:13 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2015.03.09 11:05:13 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2015.03.09 11:05:13 - OpenVPN > Socket Buffers: R=[87380->131072] S=[16384->131072] . 2015.03.09 11:05:13 - OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock] . 2015.03.09 11:05:13 - OpenVPN > TCP connection established with [AF_INET]127.0.0.1:9150 . 2015.03.09 11:05:13 - OpenVPN > socks_handshake: server asked for username/login auth but we were not provided any credentials . 2015.03.09 11:05:13 - OpenVPN > SIGTERM[soft,init_instance] received, process exiting ! 2015.03.09 11:05:13 - Disconnecting . 2015.03.09 11:05:13 - Connection terminated. I 2015.03.09 11:05:16 - Checking authorization ... . 2015.03.09 11:05:16 - Checking authorization ..., 1° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 2° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 3° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 4° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 5° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 6° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 7° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) . 2015.03.09 11:05:16 - Checking authorization ..., 8° try failed (CUrl is not installed on this system, and it's required for SOCKS proxy., with 'socks' proxy and 'none' auth) W 2015.03.09 11:05:16 - Authorization check failed, continue anyway ({1]) I 2015.03.09 11:05:16 - Cancel requested. ! 2015.03.09 11:05:16 - Session terminated. By the way how to access Tor line in Airvpn->Preferences->Protocols? Off problem topic question - would openvpn increase security or solve problem? (Sorry newbie) Have a nice day, amen1337 P.S.: Sorry for poor English
  4. Hey guys, So I spent the last few hours or so trying to figure out this bug I was getting while starting AirVPN, and I wanted to share my results in case some poor soul comes across this seemingly obscure situation in the future. I'll do bullet points as to try not to talk too much: AirVPN was working greatI installed Visual Studio 2013 ProAirVPN then stops working immediately after installI notice there are a few new network adaptersMUCH MUCH later I found that by uninstalling a feature called Hyper-V, which (I'm only guessing) came with Visual Studio, did the "Driver installation failed" error stop and I was able to connectSo yeah... I spent some time digging through the source and then utilizing the newly installed VS to compile and debug the lines surrounding the error. Well, I had never heard of Hyper-V before and so all I wanted was AirVPN to work with my current adapter situation. I thought it was because one C# library function was returning adapter descriptions that AirVPN wasn't expecting. But even when I tried forcing it to one of the 10 available adapters (some of which were labelled TAP) yieled pretty much the same result every time. I now think it was due to the bridging that Hyper-V forced upon me, and since my issue is resolved I don't care to look into this further. Tl;dr: Check if Hyper-V is installed in your Windows features. If so, uninstall it, reboot, and re-run AirVPN. If Hyper-V isn't installed try this: https://airvpn.org/topic/13126-driver-installation-failed/ Here's what my adapters looked like before uninstalling Hyper-V: Here's an image that shows how to uninstall Hyper-V:
  5. I'm trying to connect to AirVPN under Arch Linux via NetworkManager/OpenVPN. It connects successfully (it shows a padlock), but if I go to http://ipleak.net/ I can still see both my ISP public IP and my ISP DNS server. I followed this guide (even if it's for Ubuntu). You can find the relevant logs from the "journalctl" command in the attachment.
  6. Hi All. I am a noob if it goes about VPN. I have installed AirVpn client and I try to connect to a server in Netherland, but just after I'm connected client disconnects and tries to reconnect. Any ideas what cause it? I work on Windows 7 Enterprise 64bit. I'm attaching my log. Thank you for your help. I 2014.10.19 00:52:16 - Session starting.! 2014.10.19 00:52:16 - Checking environment! 2014.10.19 00:52:17 - Checking authorization! 2014.10.19 00:52:17 - Connecting to Grafias (Netherlands, Amsterdam). 2014.10.19 00:52:17 - OpenVPN > OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 18 2014. 2014.10.19 00:52:17 - OpenVPN > library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05. 2014.10.19 00:52:17 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100. 2014.10.19 00:52:17 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file. 2014.10.19 00:52:17 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:17 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:17 - OpenVPN > Socket Buffers: R=[8192->8192] S=[64512->64512]. 2014.10.19 00:52:17 - OpenVPN > UDPv4 link local: [undef]. 2014.10.19 00:52:17 - OpenVPN > UDPv4 link remote: [AF_INET]62.212.72.175:443. 2014.10.19 00:52:17 - OpenVPN > TLS: Initial packet from [AF_INET]62.212.72.175:443, sid=127a7e95 c34d41a3. 2014.10.19 00:52:18 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org. 2014.10.19 00:52:18 - OpenVPN > Validating certificate key usage. 2014.10.19 00:52:18 - OpenVPN > ++ Certificate has key usage 00a0, expects 00a0. 2014.10.19 00:52:18 - OpenVPN > VERIFY KU OK. 2014.10.19 00:52:18 - OpenVPN > Validating certificate extended key usage. 2014.10.19 00:52:18 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication. 2014.10.19 00:52:18 - OpenVPN > VERIFY EKU OK. 2014.10.19 00:52:18 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org. 2014.10.19 00:52:21 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key. 2014.10.19 00:52:21 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:21 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key. 2014.10.19 00:52:21 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:21 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA. 2014.10.19 00:52:21 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]62.212.72.175:443. 2014.10.19 00:52:23 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1). 2014.10.19 00:52:24 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.19.230 10.4.19.229'. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: LZO parms modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: route options modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified. 2014.10.19 00:52:24 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0. 2014.10.19 00:52:24 - OpenVPN > open_tun, tt->ipv6=0. 2014.10.19 00:52:24 - OpenVPN > TAP-WIN32 device [Połączenie lokalne 3] opened: \\.\Global\{BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2}.tap. 2014.10.19 00:52:24 - OpenVPN > TAP-Windows Driver Version 9.9. 2014.10.19 00:52:24 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.19.230/255.255.255.252 on interface {BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2} [DHCP-serv: 10.4.19.229, lease-time: 31536000]. 2014.10.19 00:52:24 - OpenVPN > Successful ARP Flush on interface [31] {BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2}. 2014.10.19 00:52:29 - OpenVPN > TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 62.212.72.175 MASK 255.255.255.255 192.168.1.254. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - Starting Management Interface. 2014.10.19 00:52:29 - OpenVPN > Initialization Sequence Completed! 2014.10.19 00:52:29 - Flushing DNSW 2014.10.19 00:52:30 - Tunnel not ready, interface status: Down. 2014.10.19 00:52:30 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100! 2014.10.19 00:52:30 - Disconnecting. 2014.10.19 00:52:30 - Management - Send 'signal SIGTERM'. 2014.10.19 00:52:30 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info. 2014.10.19 00:52:30 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'. 2014.10.19 00:52:30 - OpenVPN > SIGTERM received, sending exit notification to peer. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 10.4.0.1 MASK 255.255.255.255 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 62.212.72.175 MASK 255.255.255.255 192.168.1.254. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > Closing TUN/TAP interface. 2014.10.19 00:52:35 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting. 2014.10.19 00:52:35 - Connection terminated.I 2014.10.19 00:52:37 - Cancel requested.I 2014.10.19 00:52:37 - Session terminated.
  7. Hi everyone, I know there have been speculatory threads on VM in the past, but I wanted to post some findings in case anyone finds them useful. I have a 152Mbps connection from VM in the UK and have noticed the following: Using the Superhub 2 and OpenVPN (443, UDP) gives a hard cap around 3MB/sec over ethernetUsing the Superhub 2 and OpenVPN (443, UDP) gives full speed on 5GHz wifiUsing an old PC running pfSense beta with the Superhub 2 in modem only mode removes the 'cap' and allows full speeds regardless of connection method I had been very frustrated by the 3MB/sec limit, especially when downloading torrents over OpenVPN (port 443, UDP or TCP) using a cat6e desktop PC. The limit applied in Windows and Linux equally and I'd eventually tracked down the issue to the Superhub 2. After switching into modem only mode and connecting through the pfSense box, I was able to get full speed regardless of the OS, and connection method (wireless or ethernet). Having switched back temporarily to the Superhub 2 in router mode (to set up a media streamer on the TV) I once again encountered the cap when downloading a Linux torrent (Elementary OS Freya Beta 1). This time I was running Eddie rather than OpenVPN GUI so I switched the connection to SSL Tunnel 443 and voila - full speeds! So either VM are throttling OpenVPN connections, or there's a bug in the SH2 which interferes with the handling of OpenVPN connections. Given VM's history of throttling and capping I would generally suspect the former to be true. However, I have noticed that even with normal OpenVPN connections (443, UDP) I get full speed over wifi but the cap returns when switching to ethernet. It seems the SH2 has (yet another) bug or issue in routing OpenVPN connections, and changing its firewall settings etc has no effect. Anyone on VM experiencing issues with low speeds would probably see good results from switching to the SSL tunnel. I'd be interested to hear back from anyone else having problems with their SH to see if this helps others. I could always stick to the pfSense box of course, but it's an old desktop which uses a lot of energy compared to a small consumer router box. My network isn't complicated enough to warrant the pfSense box unless it's essential - which now, with the SSL tunnel, it isn't.
  8. Hi, Basically I have trouble connecting to AirVPN. Im using a fairly new build if that does matter (DD-WRT v24-sp2 (10/06/14) kongac - build 25015M-SP1) AirVPN works with viscosity in windows with the same basic settings (some openvpn configuration)The router worked with PrivateInternetAccess VPN service, so it the problem SHOULD not be the client on the dd wrt routerWhat I tryed: Different TLS Cipers (None, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-AES-128-CBC-SHA)Keeping the TSL Auth Key emptyAdding or leaving additional config: resolv-retry infinite persist-key persist-tun remote-cert-tls server explicit-exit-notify 5 VPN Log Client: WAIT Local Address: Remote Address: Clientlog: 20141020 19:04:16 I OpenVPN 2.3.4 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 6 2014 20141020 19:04:16 I library versions: OpenSSL 1.0.1i 6 Aug 2014 LZO 2.08 20141020 19:04:16 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 20141020 19:04:16 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 20141020 19:04:16 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 20141020 19:04:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:04:16 I UDPv4 link local: [undef] 20141020 19:04:16 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'status 2' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'log 500' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:05:16 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:05:16 N TLS Error: TLS handshake failed 20141020 19:05:16 I SIGUSR1[soft tls-error] received process restarting 20141020 19:05:16 Restart pause 2 second(s) 20141020 19:05:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:05:18 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:05:18 I UDPv4 link local: [undef] 20141020 19:05:18 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'status 2' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'log 500' 20141020 19:06:18 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:06:18 N TLS Error: TLS handshake failed 20141020 19:06:18 I SIGUSR1[soft tls-error] received process restarting 20141020 19:06:18 Restart pause 2 second(s) 20141020 19:06:20 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:06:20 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:06:20 I UDPv4 link local: [undef] 20141020 19:06:20 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:07:20 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:07:20 N TLS Error: TLS handshake failed 20141020 19:07:20 I SIGUSR1[soft tls-error] received process restarting 20141020 19:07:20 Restart pause 2 second(s) 20141020 19:07:22 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:07:22 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:07:22 I UDPv4 link local: [undef] 20141020 19:07:22 I UDPv4 link remote: [AF_INET]109.201.152.238:443 20141020 19:08:22 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:08:22 N TLS Error: TLS handshake failed 20141020 19:08:22 I SIGUSR1[soft tls-error] received process restarting 20141020 19:08:22 Restart pause 2 second(s) 20141020 19:08:24 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:08:24 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:08:24 I UDPv4 link local: [undef] 20141020 19:08:24 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:09:24 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:09:24 N TLS Error: TLS handshake failed 20141020 19:09:24 I SIGUSR1[soft tls-error] received process restarting 20141020 19:09:24 Restart pause 2 second(s) 20141020 19:09:26 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:09:26 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:09:26 I UDPv4 link local: [undef] 20141020 19:09:26 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:10:27 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:10:27 N TLS Error: TLS handshake failed 20141020 19:10:27 I SIGUSR1[soft tls-error] received process restarting 20141020 19:10:27 Restart pause 2 second(s) 20141020 19:10:29 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:10:29 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:10:29 I UDPv4 link local: [undef] 20141020 19:10:29 I UDPv4 link remote: [AF_INET]109.201.154.162:443 20141020 19:11:29 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:11:29 N TLS Error: TLS handshake failed 20141020 19:11:29 I SIGUSR1[soft tls-error] received process restarting 20141020 19:11:29 Restart pause 2 second(s) 20141020 19:11:31 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:11:31 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:11:31 I UDPv4 link local: [undef] 20141020 19:11:31 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:12:31 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:12:31 N TLS Error: TLS handshake failed 20141020 19:12:31 I SIGUSR1[soft tls-error] received process restarting 20141020 19:12:31 Restart pause 2 second(s) 20141020 19:12:33 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:12:33 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:12:33 I UDPv4 link local: [undef] 20141020 19:12:33 I UDPv4 link remote: [AF_INET]46.166.188.198:443 20141020 19:13:33 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:13:33 N TLS Error: TLS handshake failed 20141020 19:13:33 I SIGUSR1[soft tls-error] received process restarting 20141020 19:13:33 Restart pause 2 second(s) 20141020 19:13:35 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:13:35 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:13:35 I UDPv4 link local: [undef] 20141020 19:13:35 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'status 2' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'log 500' 19700101 01:00:00 ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote nl.privateinternetaccess.com 443 comp-lzo yes tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 DD WRT Configurations
  9. Hi, Yesterday i subscribed for a 3 day AIRVPN plan. I installed "openvpn-install-2.3.4-I002-x86_64.exe" and generated config files with USA and UK servers having ports TCP 443 alone. Everytime i try connecting it gives a TLS handshake error. My PC is connected to our organisation's firewall, Fortiguard which filters our Internet connection. It has only port 80(TCP) and 443(TCP) opened [ checked it through Nmap tool ]. All other ports are closed. OS- windows 7 64 bit. Here is my log, Fri Oct 03 13:13:10 2014 Warning: cannot open --log file: C:\Program Files\OpenVPN\log\AirVPN_United-States_TCP-443.log: Access is denied. (errno=5) Fri Oct 03 13:13:10 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [iPv6] built on Jun 5 2014 Fri Oct 03 13:13:10 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05 Fri Oct 03 13:13:10 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343 Fri Oct 03 13:13:10 2014 Need hold release from management interface, waiting... Fri Oct 03 13:13:10 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343 Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'state on' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'log all on' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'hold off' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'hold release' Fri Oct 03 13:13:10 2014 Control Channel Authentication: tls-auth using INLINE static key file Fri Oct 03 13:13:10 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 03 13:13:10 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 03 13:13:10 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Oct 03 13:13:10 2014 MANAGEMENT: >STATE:1412322190,RESOLVE,,, Fri Oct 03 13:13:11 2014 Attempting to establish TCP connection with [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 MANAGEMENT: >STATE:1412322191,TCP_CONNECT,,, Fri Oct 03 13:13:11 2014 TCP connection established with [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 TCPv4_CLIENT link local: [undef] Fri Oct 03 13:13:11 2014 TCPv4_CLIENT link remote: [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 MANAGEMENT: >STATE:1412322191,WAIT,,, Fri Oct 03 13:14:11 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Fri Oct 03 13:14:11 2014 TLS Error: TLS handshake failed Fri Oct 03 13:14:11 2014 Fatal TLS error (check_tls_errors_co), restarting Fri Oct 03 13:14:11 2014 SIGUSR1[soft,tls-error] received, process restarting Fri Oct 03 13:14:11 2014 MANAGEMENT: >STATE:1412322251,RECONNECTING,tls-error,, Fri Oct 03 13:14:11 2014 Restart pause, 5 second(s) Fri Oct 03 13:14:16 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,RESOLVE,,, Fri Oct 03 13:14:16 2014 Attempting to establish TCP connection with [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,TCP_CONNECT,,, Fri Oct 03 13:14:16 2014 TCP connection established with [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 TCPv4_CLIENT link local: [undef] Fri Oct 03 13:14:16 2014 TCPv4_CLIENT link remote: [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,WAIT,,, and this repeats.. What i found out is, i opened Ultrasurf Proxy [which is the only proxy software that works bypassing Fortiguard in my organisation] and connected to its proxy and then tried connecting AirVPN and voila, it got connected without an problem to an USA server. After i disconnected Ultrasurf, AirVPN couldn't connect back. !!! I also installed Eddie 2.6 and tried connecting with "protocol TCP 443" selected from preferences, but couldn't connect. I even tried SSL 443 but couldn't connect here is my log, Sat Oct 04 13:04:27 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [iPv6] built on Jun 5 2014 Sat Oct 04 13:04:27 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05 Enter Management Password: Sat Oct 04 13:04:27 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Sat Oct 04 13:04:27 2014 Need hold release from management interface, waiting... Sat Oct 04 13:04:28 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'state on' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'log all on' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'hold off' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'hold release' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'proxy NONE ' Sat Oct 04 13:04:29 2014 Control Channel Authentication: tls-auth using INLINE static key file Sat Oct 04 13:04:29 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Oct 04 13:04:29 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Oct 04 13:04:29 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Sat Oct 04 13:04:29 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 Sat Oct 04 13:04:29 2014 MANAGEMENT: >STATE:1412408069,TCP_CONNECT,,, Sat Oct 04 13:04:30 2014 TCP: connect to [AF_INET]127.0.0.1:1413 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED) Sat Oct 04 13:04:30 2014 SIGUSR1[soft,init_instance] received, process restarting Sat Oct 04 13:04:30 2014 MANAGEMENT: >STATE:1412408070,RECONNECTING,init_instance,, Sat Oct 04 13:04:30 2014 Restart pause, 5 second(s) Sat Oct 04 13:04:35 2014 MANAGEMENT: CMD 'proxy NONE ' Sat Oct 04 13:04:36 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Sat Oct 04 13:04:36 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 Sat Oct 04 13:04:36 2014 MANAGEMENT: >STATE:1412408076,TCP_CONNECT,,, Sat Oct 04 13:04:37 2014 TCP: connect to [AF_INET]127.0.0.1:1413 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED) Sat Oct 04 13:04:37 2014 SIGUSR1[soft,init_instance] received, process restarting Sat Oct 04 13:04:37 2014 MANAGEMENT: >STATE:1412408077,RECONNECTING,init_instance,, Sat Oct 04 13:04:37 2014 Restart pause, 5 second(s) I did raise a support ticket and their reply was, There is no communication between your node and the VPN servers. You are maybe behind a proxy. If so, OpenVPN can connect over a proxy. You need to know proxy type, proxy listening port and IP address (or reachable host name), authentication type (if any), authentication credentials (if any). Then you can generate a configuration file with such parameters (tick "Advanced Mode" in the Configuration Generator and fill in the proxy parameters). If you think you are not behind a proxy, try a connection of OpenVPN over SSL. In our client Eddie you can quickly test OpenVPN over SSL by clicking "AirVPN" button, selecting "Preferences", clicking "Protocols" tab, selecting "SSL Tunnel - Port 443" and clicking "Save". Eddie supports OpenVPN connections over a proxy as well (they can be configured in the "Proxy" tab). Kind regards AirVPN Support Team But i would like to point out that, i could communicate with AirVPN servers when using Ultrasurf and my internet connection dowsn't go through a proxy. Kindly can anyone help me out.
  10. I've been using this service for some time, here I have a few questions to the admins 1. Do you plan to enable DNSSEC on your DNS service (10.4.0.1)? 2. Do you plan to enable IPv6 at exits and inside the tunnel? And as transport protocol? I think recent versions of OpenVPN can do that easier than before (but I haven't tested myself). 3. Can you make it possible to disable/renew user keys and certificates and have 3 of them at a time, one for every allowed device? Now I don't know how to act if I leak my key.
  11. "Some events happen whether we want them to or not." This is a quote taken from a sign in the game Antichamber. It will appear on the wall of signs in the starting room after visiting 20 rooms in total. And if you think of it, it's an event you cannot circumvent, you cannot visit the 19th room and then suddenly proceed to the 21st. This principle is valid for a variety of things, birthdays for example. One of those events that happen whether we want them to or not is an annual subscription coming to an end. Because of that I would like to publish my own opinion on AirVPN, my story, my thoughts, my experiences. -- The beginnings -- It all began in 2012. The whole year I was downloading and seeding things using BitTorrent. I used a private russian tracker which wasn't as known to german companies as Rutor, a public russian tracker. Because of the fact that my tracker is private I believed I wouldn't get caught using BitTorrent as fast as other people get caught for using public trackers. And in fact, since my registration in 2008 I never got any letters. A few days before New Year's Eve I finally got caught seeding a movie. In February 2013 we got a letter from a law office with information about torrent name and hash, date and time, client, IP. The consequences: No more torrents for now. And I made my first research on how to continue torrenting without a fuss. I heard about VPNs, read about how they work and which companies usually stand behind them. Didn't do anything else but making plans for the future. -- Snowden! -- The second stage began shortly after Snowden's leaks. I was concerned about what the NSA knew about me and my surroundings and I think I wasn't all alone with that. I even forgot my torrents for a moment because of this. The idea of subscribing to a VPN provider suddenly was of importance. At the same time I was still struggling with replacing movie torrents by searching for a good movie streaming service in Germany but no one was able to match my needs. I tried Watchever as the most interesting provider (cheap, easy to use, good streaming quality) but many movies just weren't there. Lovefilm (now Amazon Prime Instant Video) was even worse, and Maxdome's pricing was a catastrophe. -- The final decision -- It was August 2013 by now. I started gathering information about VPN providers and access software and tried out a few of them, including faceless.me and ipredator. That's when I discovered TorrentFreak and their article "Which are the best anonymous VPN providers?" - first contact with AirVPN though it didn't receive much attention for now. It was after I read the updated "Review: Is your VPN service really anonymous?" I noticed AirVPN. I did some research on their reputation on the internet and finally registered. A few days later (I still didn't have a client so I spent those days with gathering information on that) I asked for a trial period to see if things would work for me and received a reply two days later.. ... I was concerned about whether my client really worked because I didn't notice any change in speed after connecting. There is no better first impression, really. I subscribed to AirVPN on September 5, 2013. -- First impressions and the forums -- Many things surprised me a lot, especially the status page with status information on bandwidth usage and connected clients, and the forums. I figured: If there's a forum, then you're not just a client, you're getting invited to be part of a community. So I wanted to integrate myself into that community, too, and started writing regularly, trying to help people with their connection problems. I also published some guides about how I use AirVPN. Most of the community is still anonymous and that's okay. I personally didn't like being anonymous all the time, so I opened myself a bit. That way people don't get a feeling as if they would talk to someone with a question mark head (reference to Anonymous hacker's sign ). I made my profile publicly aviable and published my birthday, my location and some of my interests there. Staff is reading the forums, too. They help where they can, though it sometimes can take some time to get a reply from them. This too applies to the Support Desk. But I always keep in mind that day by day more and more people register and become a customer. The more customers, the more time you'd need to reply to all of them. Antichamer sign quote: "Patience has it's own rewards." -- The servers-- Server's aviability and stability depends on the data center. Some servers are really good, able to be called 100% aviable such as the german servers I was using, in 2013 it mainly was Tauri, others sometimes had high packet loss issues and line problems. I occasionally used servers in America and the Netherlands for a few hours and didn't have problems, either. I find it nice to have many connection modes aviable though I never used any other than UDP port 443. But there were users who reported poor performance with it. Switching to another port solved the problem for most of them - an excellent example why this is a nice feature. Additionally, every server accepts specially secured connections - OpenVPN over SSL and SSH. The goal is an encrypted OpenVPN tunnel inside the encrypted SSH/SSL tunnel in order to prevent Deep Packet Inspection currently used by China for example. This way it's easier to connect from inside China and circumvent their Great Firewall. I never needed that feature, that's why I cannot write anything but descriptive terms about it. -- The client -- AirVPN has an own open source client which I never used. I'm using another open source client, Securepoint OpenVPN, and posted an introduction to it. As far as I remember, when I registered AirVPN's client was in a very bad condition. Earlier this year it has been changed, now people are getting more and more satisfied with it. -- Additional features -- Initially I wrote about the status page and the forums being two extremely useful additional features. Also notable is the remote port forwarding feature similar to the port forwarding feature on a router. Working good despite some seldomly occuring flaws.the speed test feature able to calculate how fast your AirVPN connection ("In-Tunnel speed") is in comparison to your real internet connection ("Out-Tunnel speed"). Works as good as the port forwarding feature.-- So, is AirVPN really the "air to breathe the real internet"? -- Yes, it is. And no, it isn't. Really nice slogan, by the way. Yes, because you really circumvent geolocation blocks (Netflix, YouTube) and censorship (China's Great Firewall) using AirVPN. Yes, because you prevent eavesdroppers from seeing what you do (encryption feature). And from manipulating your traffic (integrity feature). No, because your real internet connection wouldn't face extra blocking that apply to VPN providers. Just look into the Blocked websites forum. No, because using a VPN provider is based on trust. You trust the provider not to track your usage and not to betray you. -- So, what now? -- Most of the Netflix users might have heard that Netflix will start it's services in Germany next month. After all, I heard so much good things about Netflix that I really want to give it a try. I'm looking forward to subscribe to Netflix like I did with Spotify years ago. Since then I never downloaded a single music torrent again. I'm planning to stop downloading movie torrents, too, but only if Netflix really has everything, in a quality that matches my current internet speed. It that's the case, OpenVPN will be superfluous. But I won't just leave. I'll stay here and try helping people out. After all, I might need AirVPN again if I ever happen to be on vacation. I wouldn't expose my data to a public WiFi hotspot where a nerdy-looking guy with a self-made super laptop is sitting in some dark corner, attempting to grab emails and credentials from the hotel guests' devices.. or if I just want to use Netflix if it's not aviable in the country. "But didn't you write that Snowden was the guy who inspired you to subscribe to AirVPN?" - He was part of the inspiration. But to be honest, it never was my complete intention to hide myself from the NSA or other entities. I subscribed because I nearly was sued for doing what I love and I needed someone to stand in front of me, effectively protecting me from being nearly sued again for doing what I love. Anyway, one month of my subscription is left. And even if it's not the end, I'd like to thank AirVPN for a great service so far and the community for being a great one. 8)
  12. Security researchers have developed an application called pacumen to analyze encrypted traffic. With the information provided by it an attacker can find out if a certain (specified) application is communicating behind an encrypted connection. This analysis technique is called a side channel attack. In pacumen, you create a classifier (detection rules for the application you'd like to uncover in the traffic) and a pcap file with sniffed traffic (preferably covering hours of length). It then starts analyzing it and calculates a value, representing the similarity of the analyzed traffic with the specified rules. For example: The researchers tried to uncover usage of Skype inside an SSH tunnel and were quite successful. The same thing can be done with any other protocol, let's say, to see if some user is using Facebook over HTTPS. Or identifying BitTorrent inside OpenVPN. China and Iran could theoretically use it to uncover OpenVPN over SSH/SSL. Countermeasures are padding of all packets and/or sending contant dummy packets. Note that both of them would lower performance of tunnels drastically.
  13. Hey @all, I'm running AirVPN on my dd-wrt router through server x in location y, and want to change locations/servers for certain websites by running openvpn on windows with a different server/location. I can establish a connection, but the final server/connection remains the one I set on dd-wrt. Any suggestions? Thanks in advance Kind regards
  14. My AirVPN was working for a while then all of a sudden out of nowhere this issue comes along. 1) I open AirVPN 2) I login 3) I select a network 4) Connecting... for a while 5) I'm now logged out back at Step 2 I tried 1) re-installing .net 4.0 2) re-installing openVPN (from both the latest airvpn zip but also the latest from the openvpn website directly) 3) re-installed TAP and re-setup TAP from Windows > "Add a new TAP virtual ethernet adapter" which completes succesfully I'm out of ideas, why is this not working!
  15. I've been using the Eddie client for a while now but I can not get it to work over ssh or ssl. I keeps disconnecting and reconnect repeating a cycle that creates a bunch of processes. 6/11/2014 - 9:55 PM AirVPN client version: 2.1, System: Linux, Architecture: x64 6/11/2014 - 9:55 PM Reading options from /home/klepto/AIR/AirVPN.xml 6/11/2014 - 9:55 PM Data Path: /home/klepto/AIR 6/11/2014 - 9:55 PM App Path: /home/klepto/AIR 6/11/2014 - 9:55 PM Executable Path: /home/klepto/AIR/airvpn 6/11/2014 - 9:55 PM Command line arguments: 6/11/2014 - 9:55 PM Operating System: Unix 3.14.6.1 - Linux LUNASYLUM 3.14.6-1-ARCH #1 SMP PREEMPT Sun Jun 8 10:08:38 CEST 2014 x86_64 GNU/Linux 6/11/2014 - 9:55 PM OpenVPN Driver - Found 6/11/2014 - 9:55 PM OpenVPN - Version: OpenVPN 2.3.3 (/home/klepto/AIR/openvpn) 6/11/2014 - 9:55 PM SSH - Version: OpenSSH_6.6.1p1, OpenSSL 1.0.1h 5 Jun 2014 (/usr/bin/ssh) 6/11/2014 - 9:55 PM SSL - Version: stunnel 5.01 (/home/klepto/AIR/stunnel) 6/11/2014 - 9:55 PM IPV6: Available 6/11/2014 - 9:55 PM Session starting. 6/11/2014 - 9:55 PM Checking environment 6/11/2014 - 9:55 PM Waiting for latency tests 6/11/2014 - 9:55 PM Checking authorization 6/11/2014 - 9:55 PM Connecting to Pavonis (us) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: stunnel 5.01 on x86_64-unknown-linux-gnu platform 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Reading configuration from file /home/klepto/AIR/a6a54b9427fd348ef37fea2ec7f05b91b6ba82fec6e24e851b036484588e613f.tmp.ssl 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG6[26060]: Initializing service [openvpn] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Configuration successful 6/11/2014 - 9:55 PM OpenVPN > OpenVPN 2.3.3 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Apr 14 2014 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 6/11/2014 - 9:55 PM OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file 6/11/2014 - 9:55 PM OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication /* Removed IP info */ 6/11/2014 - 9:55 PM OpenVPN > Validating certificate key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has key usage 00a0, expects 00a0 6/11/2014 - 9:55 PM OpenVPN > VERIFY KU OK 6/11/2014 - 9:55 PM OpenVPN > Validating certificate extended key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 6/11/2014 - 9:55 PM OpenVPN > VERIFY EKU OK 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org 6/11/2014 - 9:55 PM OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 6/11/2014 - 9:55 PM OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 6/11/2014 - 9:55 PM OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA 6/11/2014 - 9:55 PM OpenVPN > [server] Peer Connection Initiated with [AF_INET]127.0.0.1:53314 6/11/2014 - 9:55 PM OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: LZO parms modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: route options modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 6/11/2014 - 9:55 PM Flushing DNS 6/11/2014 - 9:55 PM Checking route 6/11/2014 - 9:55 PM Connected. 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100 6/11/2014 - 9:55 PM OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info 6/11/2014 - 9:55 PM Disconnecting 6/11/2014 - 9:55 PM Management - Send 'signal SIGTERM' 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: CMD 'signal SIGTERM' 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG6[26063]: Read socket closed (readsocket) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG6[26063]: SSL_shutdown successfully sent close_notify alert 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG3[26063]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG5[26063]: Connection closed: 12137 byte(s) sent to SSL, 15169 byte(s) sent to socket 6/11/2014 - 9:55 PM Connecting to Pavonis (us) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: stunnel 5.01 on x86_64-unknown-linux-gnu platform 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Reading configuration from file /home/klepto/AIR/232ecf01d2847609b6f741c518067d5a8012298972f180adcaed1ec52264c4dc.tmp.ssl 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26081]: Initializing service [openvpn] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Configuration successful 6/11/2014 - 9:55 PM OpenVPN > OpenVPN 2.3.3 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Apr 14 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26084]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES256-SHA (256-bit encryption) 6/11/2014 - 9:55 PM OpenVPN > Socket Buffers: R=[87380->131072] S=[16384->131072] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26084]: Compression: null, expansion: null 6/11/2014 - 9:55 PM OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:34604 [nonblock] 6/11/2014 - 9:55 PM OpenVPN > TCP connection established with [AF_INET]127.0.0.1:34604 6/11/2014 - 9:55 PM OpenVPN > TCPv4_CLIENT link local: [undef] 6/11/2014 - 9:55 PM OpenVPN > TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:34604 6/11/2014 - 9:55 PM OpenVPN > TLS: Initial packet from [AF_INET]127.0.0.1:34604, sid=0eb09504 ef87f7e3 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 6/11/2014 - 9:55 PM OpenVPN > Validating certificate key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has key usage 00a0, expects 00a0 6/11/2014 - 9:55 PM OpenVPN > VERIFY KU OK 6/11/2014 - 9:55 PM OpenVPN > Validating certificate extended key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 6/11/2014 - 9:55 PM OpenVPN > VERIFY EKU OK 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
  16. Hi- this isn't so much a problem as a change I've noticed since upgrading my OS to run OpenVPN Last year was running 2 main devices. Laptop on Ubuntu 9.04 and a tablet on Ice Cream Sandwich. OpenVPN wouldn't run on Ubuntu 9.04 on laptop, had to configure seperately via Network Manager. Worked a treat on laptop, except whenever my connection was disrupted and AirVPN automatically reconnected but to a different server, Facebook and Gmail would go into spasms, lock me out and I'd need to reanswer security questions. It was painful, but I felt safe I could run OpenVPN on my Android tablet, and I don't recall having this reconnection security issue at either site ( but didn't use the tablet much ) I upgraded to Mint last year, was able to install OpenVPN and run my AirVPN acct through it. But I did notice that since then, neither FB or Gmail has had security issues with this when connection drops and is re-established via a different server A colleague suggested that perhaps in the interim AirVPN may have updated it's routing so that reconnects don't cause Facebook/ Gmail to warn about session hijacks, and I should check that first Is this the case? Or is OpenVPN somehow signalling that a VPN is being used with some sites such as Facebook? TIA
  17. Hello. I give up trying to setup a router with DD-WRT. Each time I turn it on I have to configure a new server because it can't connect to the one already set (TLS handshake failed, Certificate is not valid, unreachable address, I get something different each time). I followed the instructions in the site (https://airvpn.org/ddwrt/), downloaded configuration for various servers, but either it takes a long to get one that connects, or can't connect to any US server at all. I'm not blaming anyone here, it's just that it's frustrating. This is the error I'm getting this time> I've connected to this server successfully before. Is there something I'm forgetting to setup on the router so once I can connect to a server and I turn the router off, the settings stay in it and next time it reconnects automatically? Any help or guidance is very much appreciated. Thank you very much in advance.
  18. Hi all, I've build a pfsense router myself because I found that speeds were dramatically dropping through my Linksys router (EA6500) or through my client. By building my own router I had more control over the hardware and firmware. I have a 200 Mb/s - 10 Mb/s ISP connection. My router build as follows: Shutlle DS61 V1.1 mini ITX barebone / socket 1155 / 2 x Gbit LAN2 x 4 GB SO DDR3 Kingston HyperXIntel XEON E3-1230 V2 3.10 GHz (has no graphic chip)Kingston 60 GB SSDIn order to get graphics (which I'll need for installation, since the mini ITX motherboard doesn't support an extra graphics card) I bought an old Celeron 2.70 GHz with graphic chip. Now pfsense is installed, I will be using the Celeron for a while in case something goes wrong in pfsense settings and I'll be needing graphics again. So after I'm done with installing packages, setting up everything, I will replace it with the XEON. Speedtest with the Celeron while connected to VPN I think that is pretty impressive since I had around 60 Mb/s - 9.5 Mb/s before I had this router. If you forget about the XEON and keep the Celeron (for 24/7 use, I'll take the XEON also because of it's 'AES NI' instruction within the chipset) it will cost you about 500 dollars or about 370 euro's. The XEON included adds an extra 250 dollars or 195 euro's. This is a better investment than buying any other consumer router with a 600 MHz Broadcom processor. This is a kick ass router! For a proper installation of pfsense I can recommend this video: (good packages: squid, havp, snort (get a paid oinkcode for 27 dollars/year, otherwise you'll have a 10 days delay in updates)) SET UP AIRVPN IN PFSENSE Configure an airvpn *.ovpn file (use a region, airvpn will connect to the best server automatically)From the pfSense interface, navigate to the dropdown menus: System ---> Cert Manager and stay in the first tab.Click the button as seen here to create a new certificate. Give it a description like: cert airvpn. Ensure that "Import an existing certificate authority" is selected. Open the *.ovpn file and copy/paste the first certificate (starting with: -----BEGIN CERTIFICATE----- and ending with: -----END CERTIFICATE-----) into the 1st fieldClick save (leave the orher field empty)Click on the tab Certificates and click on the plus button as seen here Give it a description like: certificate airvpn. Ensure that "Import an existing certificate authority" is selected.Open the *.ovpn file and copy/paste the second certificate (starting with: ---- CERTIFICATE:----- and ending with: -----END CERTIFICATE-----) into the 1st fieldSo in the file it looks like this: -----END CERTIFICATE----- (end of the first certificate we've just imported) </ca> <cert> Certificate: The second copy/paste should start at: Certificate: copy/paste the third certificate (starting with: -----BEGIN CERTIFICATE----- and ending with: -----END CERTIFICATE-----) into the 3d fieldClick saveNavigate to the system dropdown menus: VPN ---> OpenVPNClick the Client tab and click on the Plus buttonFollow below settings in the pictures where: 1. serverhost or host adres can be found in the *.ovpn file ending with probably airvpn.org, 2.The serverport can be found in the top of the *ovpn file as well. Navigate to the system dropdown menus Interfaces ----> (assign) and click on the Plus button -Note in the previous screenshot you will notice a StrongVPN interface. you will NOT have that on your box yet, so dont worry. After clicking on the plus button pfSense will tell you it has successfully added a new interface. the network port name will most likley be named "ovpnc1". Ensure that the new interface is selected as "ovpnc1" (it could be ovpnc2, ovpnc3, etc... depends if you have other ovpn interfaces or not)navigate to the system dropdown menus Interfaces ---> OPT1 (or whatever your new interface from the previous step is) and follow steps in below picture Click saveNavigate to the system dropdown menus System ---> Routing and click on the Plus button Follow the settings in the picture below -Note 1: The ip seen in the picture 208.67.222.222 is the ip of OpenDNS -Note 2: By selecting "Default Gateway", the connection to the internet drops if the VPN connection drops. You'll have to set the WAN as default manually in the case if you need an internet connection. navigate to the system dropdown menus Firewall ---> Rules and click on the LAN tabClick on the Plus button to create a new ruleFollow instructions in the picture below Action: PASS -- Interface: LAN Protocol: ANY Source: LAN Subnet Destination: ANY -- Description: LAN to Internet force through VPN **IMPORTANT**: scroll down to "Gateway" under the "Advanced features" of the rule. Set gateway to your VPN interface (see above picture). After Clicking save, you should see something like this navigate to the system dropdown menus Firewall ---> NAT and click on the Outbound tabenable "Manual Outbound NAT rule generation" and select save. Reboot the router and you're done... If you want to/need to start manually, go to Status -----> Services and click on the Play button next to the VPN interface status. Check Status ------> Dashboard for connections as seen in the picture below (in the WAN section you'll see your ISP's IP, which is connection you're coming from to Airvpn (Note from AirVPN: We inevitably know it. Any reference will be deleted when the connection is closed). Don't worry, you're visible with a different IP on the internet. The reason I choose a XEON is the 10% watt reduction and the AES NI instructions in the chip (AirVPN is 256 bit AES encrypted). This will lower my CPU usage and speed up the process. Below you find a picture with system loads while having 10 torrents running and downloading a large file at full speed from usenet (ssl encrypted)... See the CPU usage on the Celeron. That will change I think with a XEON. Good luck and don't forget to install Snort, HAVP and Squit on your pfsense. Good guides out there on Google... knicker
  19. I just downloaded a new configuration from the config generator. I created one for Asia and one of USA. I used the generator to make the generator create separate files for the keys, certs. The ovpn is set to use port 443. This has worked before. Now it seems to time out. Tue Apr 15 18:23:52 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Apr 15 18:23:52 2014 TLS Error: TLS handshake failed Tue Apr 15 18:23:52 2014 SIGUSR1[soft,tls-error] received, process restarting Here is everything: openvpn Asia443.ovpn Tue Apr 15 18:20:48 2014 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Sep 12 2013 Tue Apr 15 18:20:48 2014 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Apr 15 18:20:48 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Apr 15 18:20:48 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Apr 15 18:20:48 2014 Socket Buffers: R=[212992->131072] S=[212992->131072] Tue Apr 15 18:20:48 2014 UDPv4 link local: [undef] Tue Apr 15 18:20:48 2014 UDPv4 link remote: [AF_INET]119.81.1.123:443 Tue Apr 15 18:21:48 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Apr 15 18:21:48 2014 TLS Error: TLS handshake failed Tue Apr 15 18:21:48 2014 SIGUSR1[soft,tls-error] received, process restarting Tue Apr 15 18:21:48 2014 Restart pause, 2 second(s) Tue Apr 15 18:21:50 2014 Socket Buffers: R=[212992->131072] S=[212992->131072] Tue Apr 15 18:21:50 2014 UDPv4 link local: [undef] Tue Apr 15 18:21:50 2014 UDPv4 link remote: [AF_INET]119.81.1.123:443
  20. Hello!, When connecting on linux via the command 'sudo openvpn AirVPN_America_UDP-443.ovpn' I get the error in the subject line. It appears that I'm connected without problems but just wanted to check. I'm running the latest versions of Arch linux, openvpn, openssl, and have seperated keys/certs from ovpn files. The files are all in my home directory with permissions -rw-r--r-- Thank you for your help
  21. Hi, As some of you may know, DD-WRT requires at least 8mb of memory (or 4mb if it's a Broadcom chipset) in order to use OpenVPN. However, this is not the end of the world. I use a D-Link DIR-615 which is unsupported by DD-WRT for OpenVPN, but I am able to get it running. Things to know before hand: 1. My router's processor is only 400mhz, and combined with the lack of memory, it means that the maximum speed I am getting is around 6mbps 8mbps. On a normal machine, I get a lot more. This is due to the processor limitations and not due to the implementation. 2. Most problems I have had are to do with permissions. Make sure your uploaded files are all 777 or 755 permissions. 3. This should work on most MIPS routers. I can guarantee that it is working on the DIR-615 and TL941N routers. 4. The OpenVPN package I am using is from November 2011, so it is relatively outdated. I believe it is version 2.2, whereas the current release is 2.3.2. If someone is willing to repackage it and upload the latest version, it may provide better performance. Updated to March 2014! REQUIREMENTS: 1. You need a server. Maybe AirVPN can help in this regard if they would be willing to host the files? On this server, you will host a package called openvpn_pack.tar.gz containing the openvpn config and libraries for ssl and lzo.You will also host a script and your ovpn files. WHY IS THIS THE CASE? My router only has 64kb of NVRAM. This means that I can only store a small amount of data on there before the memory is consumed. The best way to conserve the NVRAM is to wget the needed scripts from a remote server rather than store them on the router itself. If you use all of your NVRAM, you can brick your router.2. You need your .ovpn file generated through the "Enter" section of AirVPN. And we begin: 1. The first step required is to upload the files to your server. Here is a temporary link to download openvpn_pack.tar.gz (855kb). This is not a host for you to use in your script, and is only staying up temporarily for public access. You must download this package and upload it to your own host, unless AirVPN is willing to host it.The following script must be saved as "executeScript.sh" and uploaded to your server: #!/bin/sh cd /tmp/openvpn export LD_LIBRARY_PATH=/lib:/usr/lib:/jffs/lib:/jffs/usr/lib:/jffs/usr/local/lib:/mmc/lib:/mmc/usr/lib:/opt/lib:/opt/usr/lib:/tmp/openvpn/lib cd /tmp/openvpn killall -9 openvpn sleep 2 insmod /tmp/openvpn/lib/tun echo tun.ko bridged killall -9 openvpn /tmp/openvpn/bin/openvpn --config /tmp/openvpn/client/airvpn.ovpn --daemon echo Started the daemon echo Starting loop to update the routing tunup=0 while [ $tunup ] do sleep 1 if ifconfig tun0 then iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE tunup=1 echo Set the routing tables to use the vpn break fi done You must go through this section of AirVPN and generate your ovpn file. NOTE: You can also add the following lines to the end of your ovpn file if you want to debug any errors: status /tmp/var/log/openvpn-status_tap.log log-append /tmp/var/log/openvpn_tap.log mute 20 The first two lines will make logs of the connection in case you need to troubleshoot, and the third line will limit logging repeating problems to conserve memory. You can use notepad to edit the files. Also, in the script I have called this file AirVPN.ovpn. Your filename will be different. You can either change the script to your filename or you can rename your file to AirVPN.ovpn. 2. The second part is to log into your router at 192.168.1.1, or whatever your router's IP address is. 3. Click the "Administration" tab, and then click on the "Commands" tab. 4. Here you will need to input the start up script. The start up script will fetch the required OpenVPN package from your server, extract it, and begin to execute the scripts. This will be run every time the router turns on. You will need to put the following in the Command Shell textbox and click the "Save Startup" button at the bottom. Please note that you must edit the URLs with your own: #!/bin/sh echo "#!/bin/sh rm -f /tmp/openvpn/client/foobar.ovpn echo Removed foobar file while ! ps | grep -q \"udhcpc\"; do sleep 1 done while ! ls /tmp/openvpn/client | grep -q \"foobar\"; do killall -9 wget killall -9 gzip killall -9 tar echo finished kill sequence cd /tmp rm -f ./openvpn_pack.tar.gz rm -f ./openvpn_pack.tar rm -r -f ./openvpn echo Removed the old files wget http://www.yourhost.com/openvpn_pack.tar.gz sleep 10 chmod +x /tmp/openvpn/openvpn_pack.tar.gz sleep 2 gzip -d ./openvpn_pack.tar.gz tar -xf ./openvpn_pack.tar rm ./openvpn_pack.tar echo Finished unpacking the TAR ball wget http://www.yourhost.com/AirVPN.ovpn -O /tmp/openvpn/client/foobar.ovpn #echo \"foobar\" > /tmp/openvpn/client/foobar.ovpn echo Finished with the OVPN files wget http://www.yourhost.com/executeScript.sh -O /tmp/openvpn/runit.sh chmod +x /tmp/openvpn/runit.sh if ls /tmp/openvpn/client | grep -q \"foobar\"; then echo starting the runit script /tmp/openvpn/runit.sh > /tmp/var/log/runit.log & fi done echo done with getting the stuff " > /tmp/get_openvpn.sh chmod +x /tmp/get_openvpn.sh /tmp/get_openvpn.sh > /tmp/var/log/openvpn_script.log & 5. You should now be able to connect to OpenVPN on your router. However, we are not finished. If you go http://www.dnsleaktest.com, you will see that your DNS is leaking. In order to seal the leaks, you must go to the Setup tab on your DD-WRT homepage, and in Basic Setup there will be a section titled "Network Address Server Settings (DHCP)." Here you must set your first DNS as the following: Static DNS 1: 10.4.0.1 Static DNS 2: 10.5.0.1 Static DNS 3: 50.116.23.211 The first two DNS are AirVPN's DNS. The third DNS is one that I have chosen from the OpenNIC project (see here). This is because I have had trouble connecting to AirVPN DNS when I am not connected to the VPN, but before we are able to connect to the VPN we must be able to download the files we uploaded from our server. As a resulted, we need a trusted DNS with reliable up-time for the initial connection. For added security, do not add the third DNS, and instead use one of AirVPN's (ie 10.6.0.1). This will also provide DNS leak protection when browsing as AirVPN's DNS can only be accessed when connected to the VPN. 6. Reboot your router, and wait a minute or so. Then go to http://www.dnsleaktest.com to check that you are completely behind the IP and DNS you want to be behind. And that's pretty much it. There is no GUI and no further details to add. If you followed the procedure correctly, your router should be connected to AirVPN with no DNS leaks. Enjoy. If this tutorial helped you out, and you would like to show your gratitude, then contact AirVPN and tell them you would like to donate for me an extra month (or more?) of VPN access edit: Updated with the latest packages (March 17 2014) for OpenSSL and OpenVPN. You should experience a 20% bandwidth increase with the latest packages.
  22. must have RSA 4096 BIt when it doesnt impact performance and doesnt cost then why not ?? it is never been late to do the right thing other VPN giving RSA 4096 since 2013 and so many more and more higher encryption this is more important than Water after dinner and sex after party must have RSA 4096 Bit encryption guys
  23. Hi there, sorry if this has been posted before but I did search the forum and look at the OpenVPN manual and found nothing of use. Basically I set up AirVPN to run automatically on startup through the 'services' method, so I no longer use the AirVPN client - something I learned on here. What's the easiest way to switch between AirVPN servers without using the client? I've added both config files to the OpenVPN folder, but whenever I try to switch it comes up with 'AUTH FAILED' Thanks
  24. I recently posted a how-to running Transmission in a jail within freenas so the jail is the only thing running through the VPN and ipfw prevents Transmission from connecting to anything other than the VPN. Thought it might help others trying to do the same: http://forums.freenas.org/index.php?threads/how-to-use-openvpn-ipfw-in-a-jail-so-it-only-connects-to-the-vpn.18669/ Cheers
  25. Hi AirVPN team, On the same machine I have windows and ubuntu. On Windows: * Windows 8 Pro * Advanced Firewall used to limit internet traffic to only be through VPN * uTorrent w/ port forwarding * Usually peaks around 2.5mB/s. Max I've seen is 3mB/s+. * Server: Sirius, TCP On Ubuntu: * 12.04 Server (with minimal desktop installed) * UFW used to block all traffic out/in for internet except certain ports through VPN * Transmission w/ port forwarding * Usually peaks around 500kB/s. Max I've seen is 900mB/s. * Server: Sirius, UDP What can I do to increase the speed on Ubuntu? I think it's very odd that this is happening. Other variations are that the disks are different, but both are comparable 7200RPMs. Thanks
×
×
  • Create New...