Search the Community

Hey guys, So I spent the last few hours or so trying to figure out this bug I was getting while starting AirVPN, and I wanted to share my results in case some poor soul comes across this seemingly obscure situation in the future. I'll do bullet points as to try not to talk too much: AirVPN was working greatI installed Visual Studio 2013 ProAirVPN then stops working immediately after installI notice there are a few new network adaptersMUCH MUCH later I found that by uninstalling a feature called Hyper-V, which (I'm only guessing) came with Visual Studio, did the "Driver installation failed" error stop and I was able to connectSo yeah... I spent some time digging through the source and then utilizing the newly installed VS to compile and debug the lines surrounding the error. Well, I had never heard of Hyper-V before and so all I wanted was AirVPN to work with my current adapter situation. I thought it was because one C# library function was returning adapter descriptions that AirVPN wasn't expecting. But even when I tried forcing it to one of the 10 available adapters (some of which were labelled TAP) yieled pretty much the same result every time. I now think it was due to the bridging that Hyper-V forced upon me, and since my issue is resolved I don't care to look into this further. Tl;dr: Check if Hyper-V is installed in your Windows features. If so, uninstall it, reboot, and re-run AirVPN. If Hyper-V isn't installed try this: https://airvpn.org/topic/13126-driver-installation-failed/ Here's what my adapters looked like before uninstalling Hyper-V: Here's an image that shows how to uninstall Hyper-V:

I'm trying to connect to AirVPN under Arch Linux via NetworkManager/OpenVPN. It connects successfully (it shows a padlock), but if I go to http://ipleak.net/ I can still see both my ISP public IP and my ISP DNS server. I followed this guide (even if it's for Ubuntu). You can find the relevant logs from the "journalctl" command in the attachment.

Hello, Trying to connect from iPad to UK (area) proxy servers per instructions here https://airvpn.org/ios/ Connection not established, throws "Connection timeout", I've tried "Advanced Options", "Resolved hosts in .ovpn file" and "All servers for area or region" as per here https://airvpn.org/topic/10000-connection-timeout/ OpenVPN log attached (openvpn.txt). Any suggestions most appreciated. Thanks! Swain openvpn.txt

Hi, Basically I have trouble connecting to AirVPN. Im using a fairly new build if that does matter (DD-WRT v24-sp2 (10/06/14) kongac - build 25015M-SP1) AirVPN works with viscosity in windows with the same basic settings (some openvpn configuration)The router worked with PrivateInternetAccess VPN service, so it the problem SHOULD not be the client on the dd wrt routerWhat I tryed: Different TLS Cipers (None, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-AES-128-CBC-SHA)Keeping the TSL Auth Key emptyAdding or leaving additional config: resolv-retry infinite persist-key persist-tun remote-cert-tls server explicit-exit-notify 5 VPN Log Client: WAIT Local Address: Remote Address: Clientlog: 20141020 19:04:16 I OpenVPN 2.3.4 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Oct 6 2014 20141020 19:04:16 I library versions: OpenSSL 1.0.1i 6 Aug 2014 LZO 2.08 20141020 19:04:16 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 20141020 19:04:16 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 20141020 19:04:16 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 20141020 19:04:16 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 20141020 19:04:16 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 20141020 19:04:16 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:04:16 I UDPv4 link local: [undef] 20141020 19:04:16 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'state' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'status 2' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:04:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:04:53 D MANAGEMENT: CMD 'log 500' 20141020 19:04:53 MANAGEMENT: Client disconnected 20141020 19:05:16 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:05:16 N TLS Error: TLS handshake failed 20141020 19:05:16 I SIGUSR1[soft tls-error] received process restarting 20141020 19:05:16 Restart pause 2 second(s) 20141020 19:05:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:05:18 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:05:18 I UDPv4 link local: [undef] 20141020 19:05:18 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'state' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'status 2' 20141020 19:06:11 MANAGEMENT: Client disconnected 20141020 19:06:11 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:06:11 D MANAGEMENT: CMD 'log 500' 20141020 19:06:18 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:06:18 N TLS Error: TLS handshake failed 20141020 19:06:18 I SIGUSR1[soft tls-error] received process restarting 20141020 19:06:18 Restart pause 2 second(s) 20141020 19:06:20 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:06:20 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:06:20 I UDPv4 link local: [undef] 20141020 19:06:20 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:07:20 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:07:20 N TLS Error: TLS handshake failed 20141020 19:07:20 I SIGUSR1[soft tls-error] received process restarting 20141020 19:07:20 Restart pause 2 second(s) 20141020 19:07:22 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:07:22 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:07:22 I UDPv4 link local: [undef] 20141020 19:07:22 I UDPv4 link remote: [AF_INET]109.201.152.238:443 20141020 19:08:22 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:08:22 N TLS Error: TLS handshake failed 20141020 19:08:22 I SIGUSR1[soft tls-error] received process restarting 20141020 19:08:22 Restart pause 2 second(s) 20141020 19:08:24 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:08:24 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:08:24 I UDPv4 link local: [undef] 20141020 19:08:24 I UDPv4 link remote: [AF_INET]109.201.154.189:443 20141020 19:09:24 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:09:24 N TLS Error: TLS handshake failed 20141020 19:09:24 I SIGUSR1[soft tls-error] received process restarting 20141020 19:09:24 Restart pause 2 second(s) 20141020 19:09:26 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:09:26 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:09:26 I UDPv4 link local: [undef] 20141020 19:09:26 I UDPv4 link remote: [AF_INET]46.166.186.216:443 20141020 19:10:27 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:10:27 N TLS Error: TLS handshake failed 20141020 19:10:27 I SIGUSR1[soft tls-error] received process restarting 20141020 19:10:27 Restart pause 2 second(s) 20141020 19:10:29 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:10:29 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:10:29 I UDPv4 link local: [undef] 20141020 19:10:29 I UDPv4 link remote: [AF_INET]109.201.154.162:443 20141020 19:11:29 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:11:29 N TLS Error: TLS handshake failed 20141020 19:11:29 I SIGUSR1[soft tls-error] received process restarting 20141020 19:11:29 Restart pause 2 second(s) 20141020 19:11:31 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:11:31 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:11:31 I UDPv4 link local: [undef] 20141020 19:11:31 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:12:31 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:12:31 N TLS Error: TLS handshake failed 20141020 19:12:31 I SIGUSR1[soft tls-error] received process restarting 20141020 19:12:31 Restart pause 2 second(s) 20141020 19:12:33 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:12:33 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:12:33 I UDPv4 link local: [undef] 20141020 19:12:33 I UDPv4 link remote: [AF_INET]46.166.188.198:443 20141020 19:13:33 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20141020 19:13:33 N TLS Error: TLS handshake failed 20141020 19:13:33 I SIGUSR1[soft tls-error] received process restarting 20141020 19:13:33 Restart pause 2 second(s) 20141020 19:13:35 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20141020 19:13:35 Socket Buffers: R=[172032->131072] S=[172032->131072] 20141020 19:13:35 I UDPv4 link local: [undef] 20141020 19:13:35 I UDPv4 link remote: [AF_INET]109.201.135.220:443 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'state' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'status 2' 20141020 19:13:48 MANAGEMENT: Client disconnected 20141020 19:13:48 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20141020 19:13:48 D MANAGEMENT: CMD 'log 500' 19700101 01:00:00 ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote nl.privateinternetaccess.com 443 comp-lzo yes tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 DD WRT Configurations

Hi everyone, I know there have been speculatory threads on VM in the past, but I wanted to post some findings in case anyone finds them useful. I have a 152Mbps connection from VM in the UK and have noticed the following: Using the Superhub 2 and OpenVPN (443, UDP) gives a hard cap around 3MB/sec over ethernetUsing the Superhub 2 and OpenVPN (443, UDP) gives full speed on 5GHz wifiUsing an old PC running pfSense beta with the Superhub 2 in modem only mode removes the 'cap' and allows full speeds regardless of connection method I had been very frustrated by the 3MB/sec limit, especially when downloading torrents over OpenVPN (port 443, UDP or TCP) using a cat6e desktop PC. The limit applied in Windows and Linux equally and I'd eventually tracked down the issue to the Superhub 2. After switching into modem only mode and connecting through the pfSense box, I was able to get full speed regardless of the OS, and connection method (wireless or ethernet). Having switched back temporarily to the Superhub 2 in router mode (to set up a media streamer on the TV) I once again encountered the cap when downloading a Linux torrent (Elementary OS Freya Beta 1). This time I was running Eddie rather than OpenVPN GUI so I switched the connection to SSL Tunnel 443 and voila - full speeds! So either VM are throttling OpenVPN connections, or there's a bug in the SH2 which interferes with the handling of OpenVPN connections. Given VM's history of throttling and capping I would generally suspect the former to be true. However, I have noticed that even with normal OpenVPN connections (443, UDP) I get full speed over wifi but the cap returns when switching to ethernet. It seems the SH2 has (yet another) bug or issue in routing OpenVPN connections, and changing its firewall settings etc has no effect. Anyone on VM experiencing issues with low speeds would probably see good results from switching to the SSL tunnel. I'd be interested to hear back from anyone else having problems with their SH to see if this helps others. I could always stick to the pfSense box of course, but it's an old desktop which uses a lot of energy compared to a small consumer router box. My network isn't complicated enough to warrant the pfSense box unless it's essential - which now, with the SSL tunnel, it isn't.

Hi All. I am a noob if it goes about VPN. I have installed AirVpn client and I try to connect to a server in Netherland, but just after I'm connected client disconnects and tries to reconnect. Any ideas what cause it? I work on Windows 7 Enterprise 64bit. I'm attaching my log. Thank you for your help. I 2014.10.19 00:52:16 - Session starting.! 2014.10.19 00:52:16 - Checking environment! 2014.10.19 00:52:17 - Checking authorization! 2014.10.19 00:52:17 - Connecting to Grafias (Netherlands, Amsterdam). 2014.10.19 00:52:17 - OpenVPN > OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [iPv6] built on Aug 18 2014. 2014.10.19 00:52:17 - OpenVPN > library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05. 2014.10.19 00:52:17 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100. 2014.10.19 00:52:17 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file. 2014.10.19 00:52:17 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:17 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:17 - OpenVPN > Socket Buffers: R=[8192->8192] S=[64512->64512]. 2014.10.19 00:52:17 - OpenVPN > UDPv4 link local: [undef]. 2014.10.19 00:52:17 - OpenVPN > UDPv4 link remote: [AF_INET]62.212.72.175:443. 2014.10.19 00:52:17 - OpenVPN > TLS: Initial packet from [AF_INET]62.212.72.175:443, sid=127a7e95 c34d41a3. 2014.10.19 00:52:18 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org. 2014.10.19 00:52:18 - OpenVPN > Validating certificate key usage. 2014.10.19 00:52:18 - OpenVPN > ++ Certificate has key usage 00a0, expects 00a0. 2014.10.19 00:52:18 - OpenVPN > VERIFY KU OK. 2014.10.19 00:52:18 - OpenVPN > Validating certificate extended key usage. 2014.10.19 00:52:18 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication. 2014.10.19 00:52:18 - OpenVPN > VERIFY EKU OK. 2014.10.19 00:52:18 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org. 2014.10.19 00:52:21 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key. 2014.10.19 00:52:21 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:21 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key. 2014.10.19 00:52:21 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication. 2014.10.19 00:52:21 - OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA. 2014.10.19 00:52:21 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]62.212.72.175:443. 2014.10.19 00:52:23 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1). 2014.10.19 00:52:24 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.4.0.1,comp-lzo no,route 10.4.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.4.19.230 10.4.19.229'. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: LZO parms modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: route options modified. 2014.10.19 00:52:24 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified. 2014.10.19 00:52:24 - OpenVPN > do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0. 2014.10.19 00:52:24 - OpenVPN > open_tun, tt->ipv6=0. 2014.10.19 00:52:24 - OpenVPN > TAP-WIN32 device [Połączenie lokalne 3] opened: \\.\Global\{BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2}.tap. 2014.10.19 00:52:24 - OpenVPN > TAP-Windows Driver Version 9.9. 2014.10.19 00:52:24 - OpenVPN > Notified TAP-Windows driver to set a DHCP IP/netmask of 10.4.19.230/255.255.255.252 on interface {BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2} [DHCP-serv: 10.4.19.229, lease-time: 31536000]. 2014.10.19 00:52:24 - OpenVPN > Successful ARP Flush on interface [31] {BADF76DC-0AFB-4AEC-9AE7-AD0F2616AAE2}. 2014.10.19 00:52:29 - OpenVPN > TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 62.212.72.175 MASK 255.255.255.255 192.168.1.254. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - OpenVPN > C:\Windows\system32\route.exe ADD 10.4.0.1 MASK 255.255.255.255 10.4.19.229. 2014.10.19 00:52:29 - OpenVPN > ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4. 2014.10.19 00:52:29 - OpenVPN > Route addition via IPAPI succeeded [adaptive]. 2014.10.19 00:52:29 - Starting Management Interface. 2014.10.19 00:52:29 - OpenVPN > Initialization Sequence Completed! 2014.10.19 00:52:29 - Flushing DNSW 2014.10.19 00:52:30 - Tunnel not ready, interface status: Down. 2014.10.19 00:52:30 - OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100! 2014.10.19 00:52:30 - Disconnecting. 2014.10.19 00:52:30 - Management - Send 'signal SIGTERM'. 2014.10.19 00:52:30 - OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info. 2014.10.19 00:52:30 - OpenVPN > MANAGEMENT: CMD 'signal SIGTERM'. 2014.10.19 00:52:30 - OpenVPN > SIGTERM received, sending exit notification to peer. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 10.4.0.1 MASK 255.255.255.255 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 62.212.72.175 MASK 255.255.255.255 192.168.1.254. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > C:\Windows\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.4.19.229. 2014.10.19 00:52:35 - OpenVPN > Route deletion via IPAPI succeeded [adaptive]. 2014.10.19 00:52:35 - OpenVPN > Closing TUN/TAP interface. 2014.10.19 00:52:35 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting. 2014.10.19 00:52:35 - Connection terminated.I 2014.10.19 00:52:37 - Cancel requested.I 2014.10.19 00:52:37 - Session terminated.

Hi, Yesterday i subscribed for a 3 day AIRVPN plan. I installed "openvpn-install-2.3.4-I002-x86_64.exe" and generated config files with USA and UK servers having ports TCP 443 alone. Everytime i try connecting it gives a TLS handshake error. My PC is connected to our organisation's firewall, Fortiguard which filters our Internet connection. It has only port 80(TCP) and 443(TCP) opened [ checked it through Nmap tool ]. All other ports are closed. OS- windows 7 64 bit. Here is my log, Fri Oct 03 13:13:10 2014 Warning: cannot open --log file: C:\Program Files\OpenVPN\log\AirVPN_United-States_TCP-443.log: Access is denied. (errno=5) Fri Oct 03 13:13:10 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [iPv6] built on Jun 5 2014 Fri Oct 03 13:13:10 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05 Fri Oct 03 13:13:10 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25343 Fri Oct 03 13:13:10 2014 Need hold release from management interface, waiting... Fri Oct 03 13:13:10 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25343 Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'state on' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'log all on' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'hold off' Fri Oct 03 13:13:10 2014 MANAGEMENT: CMD 'hold release' Fri Oct 03 13:13:10 2014 Control Channel Authentication: tls-auth using INLINE static key file Fri Oct 03 13:13:10 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 03 13:13:10 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Oct 03 13:13:10 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Oct 03 13:13:10 2014 MANAGEMENT: >STATE:1412322190,RESOLVE,,, Fri Oct 03 13:13:11 2014 Attempting to establish TCP connection with [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 MANAGEMENT: >STATE:1412322191,TCP_CONNECT,,, Fri Oct 03 13:13:11 2014 TCP connection established with [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 TCPv4_CLIENT link local: [undef] Fri Oct 03 13:13:11 2014 TCPv4_CLIENT link remote: [AF_INET]149.255.33.154:443 Fri Oct 03 13:13:11 2014 MANAGEMENT: >STATE:1412322191,WAIT,,, Fri Oct 03 13:14:11 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Fri Oct 03 13:14:11 2014 TLS Error: TLS handshake failed Fri Oct 03 13:14:11 2014 Fatal TLS error (check_tls_errors_co), restarting Fri Oct 03 13:14:11 2014 SIGUSR1[soft,tls-error] received, process restarting Fri Oct 03 13:14:11 2014 MANAGEMENT: >STATE:1412322251,RECONNECTING,tls-error,, Fri Oct 03 13:14:11 2014 Restart pause, 5 second(s) Fri Oct 03 13:14:16 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,RESOLVE,,, Fri Oct 03 13:14:16 2014 Attempting to establish TCP connection with [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,TCP_CONNECT,,, Fri Oct 03 13:14:16 2014 TCP connection established with [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 TCPv4_CLIENT link local: [undef] Fri Oct 03 13:14:16 2014 TCPv4_CLIENT link remote: [AF_INET]149.255.33.154:443 Fri Oct 03 13:14:16 2014 MANAGEMENT: >STATE:1412322256,WAIT,,, and this repeats.. What i found out is, i opened Ultrasurf Proxy [which is the only proxy software that works bypassing Fortiguard in my organisation] and connected to its proxy and then tried connecting AirVPN and voila, it got connected without an problem to an USA server. After i disconnected Ultrasurf, AirVPN couldn't connect back. !!! I also installed Eddie 2.6 and tried connecting with "protocol TCP 443" selected from preferences, but couldn't connect. I even tried SSL 443 but couldn't connect here is my log, Sat Oct 04 13:04:27 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [sSL (OpenSSL)] [LZO] [PKCS11] [iPv6] built on Jun 5 2014 Sat Oct 04 13:04:27 2014 library versions: OpenSSL 1.0.1h 5 Jun 2014, LZO 2.05 Enter Management Password: Sat Oct 04 13:04:27 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Sat Oct 04 13:04:27 2014 Need hold release from management interface, waiting... Sat Oct 04 13:04:28 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'state on' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'log all on' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'hold off' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'hold release' Sat Oct 04 13:04:28 2014 MANAGEMENT: CMD 'proxy NONE ' Sat Oct 04 13:04:29 2014 Control Channel Authentication: tls-auth using INLINE static key file Sat Oct 04 13:04:29 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Oct 04 13:04:29 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Oct 04 13:04:29 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Sat Oct 04 13:04:29 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 Sat Oct 04 13:04:29 2014 MANAGEMENT: >STATE:1412408069,TCP_CONNECT,,, Sat Oct 04 13:04:30 2014 TCP: connect to [AF_INET]127.0.0.1:1413 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED) Sat Oct 04 13:04:30 2014 SIGUSR1[soft,init_instance] received, process restarting Sat Oct 04 13:04:30 2014 MANAGEMENT: >STATE:1412408070,RECONNECTING,init_instance,, Sat Oct 04 13:04:30 2014 Restart pause, 5 second(s) Sat Oct 04 13:04:35 2014 MANAGEMENT: CMD 'proxy NONE ' Sat Oct 04 13:04:36 2014 Socket Buffers: R=[8192->8192] S=[8192->8192] Sat Oct 04 13:04:36 2014 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 Sat Oct 04 13:04:36 2014 MANAGEMENT: >STATE:1412408076,TCP_CONNECT,,, Sat Oct 04 13:04:37 2014 TCP: connect to [AF_INET]127.0.0.1:1413 failed, will try again in 5 seconds: Connection refused (WSAECONNREFUSED) Sat Oct 04 13:04:37 2014 SIGUSR1[soft,init_instance] received, process restarting Sat Oct 04 13:04:37 2014 MANAGEMENT: >STATE:1412408077,RECONNECTING,init_instance,, Sat Oct 04 13:04:37 2014 Restart pause, 5 second(s) I did raise a support ticket and their reply was, There is no communication between your node and the VPN servers. You are maybe behind a proxy. If so, OpenVPN can connect over a proxy. You need to know proxy type, proxy listening port and IP address (or reachable host name), authentication type (if any), authentication credentials (if any). Then you can generate a configuration file with such parameters (tick "Advanced Mode" in the Configuration Generator and fill in the proxy parameters). If you think you are not behind a proxy, try a connection of OpenVPN over SSL. In our client Eddie you can quickly test OpenVPN over SSL by clicking "AirVPN" button, selecting "Preferences", clicking "Protocols" tab, selecting "SSL Tunnel - Port 443" and clicking "Save". Eddie supports OpenVPN connections over a proxy as well (they can be configured in the "Proxy" tab). Kind regards AirVPN Support Team But i would like to point out that, i could communicate with AirVPN servers when using Ultrasurf and my internet connection dowsn't go through a proxy. Kindly can anyone help me out.

I've been using this service for some time, here I have a few questions to the admins 1. Do you plan to enable DNSSEC on your DNS service (10.4.0.1)? 2. Do you plan to enable IPv6 at exits and inside the tunnel? And as transport protocol? I think recent versions of OpenVPN can do that easier than before (but I haven't tested myself). 3. Can you make it possible to disable/renew user keys and certificates and have 3 of them at a time, one for every allowed device? Now I don't know how to act if I leak my key.

Hi everyone, I would like to have my digital ocean VM use a VPN for its outgoing http requests. I am using openVPN on Ubuntu 14.04.1 LTS (GNU/Linux 3.5.0-48-generic x86_64). Got the files AirVPN_Europe_TCP-53.ovpn ca.crt ta.key user.crt user.key in one directory. VPN is using TCP protocol on port 53. Also tried with UDP, same problem also copied the files to /etc/openvpn/ to try to run it via openvpn start. If I do that, I get the output: root@tr:/home# sudo service openvpn start * Starting virtual private network daemon(s)... ..but nothing happens. curl http://www.ipchicken.com still reveals the servers ip If I directly run root@tr:/etc/openvpn# sudo openvpn AirVPN_Europe_TCP-53.ovpn Thu Sep 18 09:42:35 2014 OpenVPN 2.3.2 i686-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Feb 4 2014 Thu Sep 18 09:42:35 2014 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Thu Sep 18 09:42:35 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Sep 18 09:42:35 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Sep 18 09:42:35 2014 Socket Buffers: R=[87380->131072] S=[87380->131072] Thu Sep 18 09:42:35 2014 Attempting to establish TCP connection with [AF_INET]95.211.186.65:53 [nonblock] Thu Sep 18 09:42:36 2014 TCP connection established with [AF_INET]95.211.186.65:53 Thu Sep 18 09:42:36 2014 TCPv4_CLIENT link local: [undef] Thu Sep 18 09:42:36 2014 TCPv4_CLIENT link remote: [AF_INET]95.211.186.65:53 Thu Sep 18 09:42:36 2014 TLS: Initial packet from [AF_INET]95.211.186.65:53, sid=d5ee74c0 46f1dcfd Thu Sep 18 09:42:36 2014 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Thu Sep 18 09:42:36 2014 Validating certificate key usage Thu Sep 18 09:42:36 2014 ++ Certificate has key usage 00a0, expects 00a0 Thu Sep 18 09:42:36 2014 VERIFY KU OK Thu Sep 18 09:42:36 2014 Validating certificate extended key usage Thu Sep 18 09:42:36 2014 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Thu Sep 18 09:42:36 2014 VERIFY EKU OK Thu Sep 18 09:42:36 2014 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Thu Sep 18 09:42:37 2014 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Sep 18 09:42:37 2014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Sep 18 09:42:37 2014 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Sep 18 09:42:37 2014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Sep 18 09:42:37 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA Thu Sep 18 09:42:37 2014 [server] Peer Connection Initiated with [AF_INET]95.211.186.65:53 Thu Sep 18 09:42:39 2014 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Thu Sep 18 09:42:40 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.9.0.1,comp-lzo no,route 10.9.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.9.0.254 10.9.0.253' Thu Sep 18 09:42:40 2014 OPTIONS IMPORT: timers and/or timeouts modified Thu Sep 18 09:42:40 2014 OPTIONS IMPORT: LZO parms modified Thu Sep 18 09:42:40 2014 OPTIONS IMPORT: --ifconfig/up options modified Thu Sep 18 09:42:40 2014 OPTIONS IMPORT: route options modified Thu Sep 18 09:42:40 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Thu Sep 18 09:42:40 2014 ROUTE_GATEWAY 178.62.192.1/255.255.192.0 IFACE=eth0 HWADDR=04:01:28:70:e1:01 Thu Sep 18 09:42:40 2014 TUN/TAP device tun0 opened Thu Sep 18 09:42:40 2014 TUN/TAP TX queue length set to 100 Thu Sep 18 09:42:40 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Sep 18 09:42:40 2014 /sbin/ip link set dev tun0 up mtu 1500 Thu Sep 18 09:42:40 2014 /sbin/ip addr add dev tun0 local 10.9.0.254 peer 10.9.0.253 Thu Sep 18 09:42:40 2014 /sbin/ip route add 95.211.186.65/32 via 178.62.192.1 Thu Sep 18 09:42:40 2014 /sbin/ip route add 0.0.0.0/1 via 10.9.0.253 Thu Sep 18 09:42:40 2014 /sbin/ip route add 128.0.0.0/1 via 10.9.0.253 Write failed: Broken pipe After that the VM is just completely down / frozen and I need to restart it. Really no clue on whats going wrong here and have been on this for hours. Any idea?

"Some events happen whether we want them to or not." This is a quote taken from a sign in the game Antichamber. It will appear on the wall of signs in the starting room after visiting 20 rooms in total. And if you think of it, it's an event you cannot circumvent, you cannot visit the 19th room and then suddenly proceed to the 21st. This principle is valid for a variety of things, birthdays for example. One of those events that happen whether we want them to or not is an annual subscription coming to an end. Because of that I would like to publish my own opinion on AirVPN, my story, my thoughts, my experiences. -- The beginnings -- It all began in 2012. The whole year I was downloading and seeding things using BitTorrent. I used a private russian tracker which wasn't as known to german companies as Rutor, a public russian tracker. Because of the fact that my tracker is private I believed I wouldn't get caught using BitTorrent as fast as other people get caught for using public trackers. And in fact, since my registration in 2008 I never got any letters. A few days before New Year's Eve I finally got caught seeding a movie. In February 2013 we got a letter from a law office with information about torrent name and hash, date and time, client, IP. The consequences: No more torrents for now. And I made my first research on how to continue torrenting without a fuss. I heard about VPNs, read about how they work and which companies usually stand behind them. Didn't do anything else but making plans for the future. -- Snowden! -- The second stage began shortly after Snowden's leaks. I was concerned about what the NSA knew about me and my surroundings and I think I wasn't all alone with that. I even forgot my torrents for a moment because of this. The idea of subscribing to a VPN provider suddenly was of importance. At the same time I was still struggling with replacing movie torrents by searching for a good movie streaming service in Germany but no one was able to match my needs. I tried Watchever as the most interesting provider (cheap, easy to use, good streaming quality) but many movies just weren't there. Lovefilm (now Amazon Prime Instant Video) was even worse, and Maxdome's pricing was a catastrophe. -- The final decision -- It was August 2013 by now. I started gathering information about VPN providers and access software and tried out a few of them, including faceless.me and ipredator. That's when I discovered TorrentFreak and their article "Which are the best anonymous VPN providers?" - first contact with AirVPN though it didn't receive much attention for now. It was after I read the updated "Review: Is your VPN service really anonymous?" I noticed AirVPN. I did some research on their reputation on the internet and finally registered. A few days later (I still didn't have a client so I spent those days with gathering information on that) I asked for a trial period to see if things would work for me and received a reply two days later.. ... I was concerned about whether my client really worked because I didn't notice any change in speed after connecting. There is no better first impression, really. I subscribed to AirVPN on September 5, 2013. -- First impressions and the forums -- Many things surprised me a lot, especially the status page with status information on bandwidth usage and connected clients, and the forums. I figured: If there's a forum, then you're not just a client, you're getting invited to be part of a community. So I wanted to integrate myself into that community, too, and started writing regularly, trying to help people with their connection problems. I also published some guides about how I use AirVPN. Most of the community is still anonymous and that's okay. I personally didn't like being anonymous all the time, so I opened myself a bit. That way people don't get a feeling as if they would talk to someone with a question mark head (reference to Anonymous hacker's sign ). I made my profile publicly aviable and published my birthday, my location and some of my interests there. Staff is reading the forums, too. They help where they can, though it sometimes can take some time to get a reply from them. This too applies to the Support Desk. But I always keep in mind that day by day more and more people register and become a customer. The more customers, the more time you'd need to reply to all of them. Antichamer sign quote: "Patience has it's own rewards." -- The servers-- Server's aviability and stability depends on the data center. Some servers are really good, able to be called 100% aviable such as the german servers I was using, in 2013 it mainly was Tauri, others sometimes had high packet loss issues and line problems. I occasionally used servers in America and the Netherlands for a few hours and didn't have problems, either. I find it nice to have many connection modes aviable though I never used any other than UDP port 443. But there were users who reported poor performance with it. Switching to another port solved the problem for most of them - an excellent example why this is a nice feature. Additionally, every server accepts specially secured connections - OpenVPN over SSL and SSH. The goal is an encrypted OpenVPN tunnel inside the encrypted SSH/SSL tunnel in order to prevent Deep Packet Inspection currently used by China for example. This way it's easier to connect from inside China and circumvent their Great Firewall. I never needed that feature, that's why I cannot write anything but descriptive terms about it. -- The client -- AirVPN has an own open source client which I never used. I'm using another open source client, Securepoint OpenVPN, and posted an introduction to it. As far as I remember, when I registered AirVPN's client was in a very bad condition. Earlier this year it has been changed, now people are getting more and more satisfied with it. -- Additional features -- Initially I wrote about the status page and the forums being two extremely useful additional features. Also notable is the remote port forwarding feature similar to the port forwarding feature on a router. Working good despite some seldomly occuring flaws.the speed test feature able to calculate how fast your AirVPN connection ("In-Tunnel speed") is in comparison to your real internet connection ("Out-Tunnel speed"). Works as good as the port forwarding feature.-- So, is AirVPN really the "air to breathe the real internet"? -- Yes, it is. And no, it isn't. Really nice slogan, by the way. Yes, because you really circumvent geolocation blocks (Netflix, YouTube) and censorship (China's Great Firewall) using AirVPN. Yes, because you prevent eavesdroppers from seeing what you do (encryption feature). And from manipulating your traffic (integrity feature). No, because your real internet connection wouldn't face extra blocking that apply to VPN providers. Just look into the Blocked websites forum. No, because using a VPN provider is based on trust. You trust the provider not to track your usage and not to betray you. -- So, what now? -- Most of the Netflix users might have heard that Netflix will start it's services in Germany next month. After all, I heard so much good things about Netflix that I really want to give it a try. I'm looking forward to subscribe to Netflix like I did with Spotify years ago. Since then I never downloaded a single music torrent again. I'm planning to stop downloading movie torrents, too, but only if Netflix really has everything, in a quality that matches my current internet speed. It that's the case, OpenVPN will be superfluous. But I won't just leave. I'll stay here and try helping people out. After all, I might need AirVPN again if I ever happen to be on vacation. I wouldn't expose my data to a public WiFi hotspot where a nerdy-looking guy with a self-made super laptop is sitting in some dark corner, attempting to grab emails and credentials from the hotel guests' devices.. or if I just want to use Netflix if it's not aviable in the country. "But didn't you write that Snowden was the guy who inspired you to subscribe to AirVPN?" - He was part of the inspiration. But to be honest, it never was my complete intention to hide myself from the NSA or other entities. I subscribed because I nearly was sued for doing what I love and I needed someone to stand in front of me, effectively protecting me from being nearly sued again for doing what I love. Anyway, one month of my subscription is left. And even if it's not the end, I'd like to thank AirVPN for a great service so far and the community for being a great one. 8)

Security researchers have developed an application called pacumen to analyze encrypted traffic. With the information provided by it an attacker can find out if a certain (specified) application is communicating behind an encrypted connection. This analysis technique is called a side channel attack. In pacumen, you create a classifier (detection rules for the application you'd like to uncover in the traffic) and a pcap file with sniffed traffic (preferably covering hours of length). It then starts analyzing it and calculates a value, representing the similarity of the analyzed traffic with the specified rules. For example: The researchers tried to uncover usage of Skype inside an SSH tunnel and were quite successful. The same thing can be done with any other protocol, let's say, to see if some user is using Facebook over HTTPS. Or identifying BitTorrent inside OpenVPN. China and Iran could theoretically use it to uncover OpenVPN over SSH/SSL. Countermeasures are padding of all packets and/or sending contant dummy packets. Note that both of them would lower performance of tunnels drastically.

Hey @all, I'm running AirVPN on my dd-wrt router through server x in location y, and want to change locations/servers for certain websites by running openvpn on windows with a different server/location. I can establish a connection, but the final server/connection remains the one I set on dd-wrt. Any suggestions? Thanks in advance Kind regards

Hi to all. Little issue here. i want to cast a video through chromecast to my tv (with apps like crunchyroll or youtube), but when my android phone was air-connected (with openvpn) the chromecast results as "not found" on my network. if i turn off the vpn connection, chromecast return available. instead sending chrome tabs working normally with PC (windows 7). what can i do, any suggestions?

Hi, I installed the Eddie client from the .deb package, but when I try to connect I get the error Driver Installation Failed The logs show an error when I installed the client which says: OpenVPN Driver - Not available however, `open-vpn` and `bridge-utils` are installed. Any suggestions to get it working?

I've been using the Eddie client for a while now but I can not get it to work over ssh or ssl. I keeps disconnecting and reconnect repeating a cycle that creates a bunch of processes. 6/11/2014 - 9:55 PM AirVPN client version: 2.1, System: Linux, Architecture: x64 6/11/2014 - 9:55 PM Reading options from /home/klepto/AIR/AirVPN.xml 6/11/2014 - 9:55 PM Data Path: /home/klepto/AIR 6/11/2014 - 9:55 PM App Path: /home/klepto/AIR 6/11/2014 - 9:55 PM Executable Path: /home/klepto/AIR/airvpn 6/11/2014 - 9:55 PM Command line arguments: 6/11/2014 - 9:55 PM Operating System: Unix 3.14.6.1 - Linux LUNASYLUM 3.14.6-1-ARCH #1 SMP PREEMPT Sun Jun 8 10:08:38 CEST 2014 x86_64 GNU/Linux 6/11/2014 - 9:55 PM OpenVPN Driver - Found 6/11/2014 - 9:55 PM OpenVPN - Version: OpenVPN 2.3.3 (/home/klepto/AIR/openvpn) 6/11/2014 - 9:55 PM SSH - Version: OpenSSH_6.6.1p1, OpenSSL 1.0.1h 5 Jun 2014 (/usr/bin/ssh) 6/11/2014 - 9:55 PM SSL - Version: stunnel 5.01 (/home/klepto/AIR/stunnel) 6/11/2014 - 9:55 PM IPV6: Available 6/11/2014 - 9:55 PM Session starting. 6/11/2014 - 9:55 PM Checking environment 6/11/2014 - 9:55 PM Waiting for latency tests 6/11/2014 - 9:55 PM Checking authorization 6/11/2014 - 9:55 PM Connecting to Pavonis (us) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: stunnel 5.01 on x86_64-unknown-linux-gnu platform 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Reading configuration from file /home/klepto/AIR/a6a54b9427fd348ef37fea2ec7f05b91b6ba82fec6e24e851b036484588e613f.tmp.ssl 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG6[26060]: Initializing service [openvpn] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:35 LOG5[26060]: Configuration successful 6/11/2014 - 9:55 PM OpenVPN > OpenVPN 2.3.3 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Apr 14 2014 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 6/11/2014 - 9:55 PM OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file 6/11/2014 - 9:55 PM OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication /* Removed IP info */ 6/11/2014 - 9:55 PM OpenVPN > Validating certificate key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has key usage 00a0, expects 00a0 6/11/2014 - 9:55 PM OpenVPN > VERIFY KU OK 6/11/2014 - 9:55 PM OpenVPN > Validating certificate extended key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 6/11/2014 - 9:55 PM OpenVPN > VERIFY EKU OK 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org 6/11/2014 - 9:55 PM OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 6/11/2014 - 9:55 PM OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 6/11/2014 - 9:55 PM OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication 6/11/2014 - 9:55 PM OpenVPN > Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 4096 bit RSA 6/11/2014 - 9:55 PM OpenVPN > [server] Peer Connection Initiated with [AF_INET]127.0.0.1:53314 6/11/2014 - 9:55 PM OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: LZO parms modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: route options modified 6/11/2014 - 9:55 PM OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 6/11/2014 - 9:55 PM Flushing DNS 6/11/2014 - 9:55 PM Checking route 6/11/2014 - 9:55 PM Connected. 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: Client connected from [AF_INET]127.0.0.1:3100 6/11/2014 - 9:55 PM OpenVpn Management > >INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info 6/11/2014 - 9:55 PM Disconnecting 6/11/2014 - 9:55 PM Management - Send 'signal SIGTERM' 6/11/2014 - 9:55 PM OpenVPN > MANAGEMENT: CMD 'signal SIGTERM' 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG6[26063]: Read socket closed (readsocket) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG6[26063]: SSL_shutdown successfully sent close_notify alert 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG3[26063]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:42 LOG5[26063]: Connection closed: 12137 byte(s) sent to SSL, 15169 byte(s) sent to socket 6/11/2014 - 9:55 PM Connecting to Pavonis (us) 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: stunnel 5.01 on x86_64-unknown-linux-gnu platform 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Reading configuration from file /home/klepto/AIR/232ecf01d2847609b6f741c518067d5a8012298972f180adcaed1ec52264c4dc.tmp.ssl 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26081]: Initializing service [openvpn] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG5[26081]: Configuration successful 6/11/2014 - 9:55 PM OpenVPN > OpenVPN 2.3.3 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Apr 14 2014 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26084]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES256-SHA (256-bit encryption) 6/11/2014 - 9:55 PM OpenVPN > Socket Buffers: R=[87380->131072] S=[16384->131072] 6/11/2014 - 9:55 PM SSL > 2014.06.11 21:55:46 LOG6[26084]: Compression: null, expansion: null 6/11/2014 - 9:55 PM OpenVPN > Attempting to establish TCP connection with [AF_INET]127.0.0.1:34604 [nonblock] 6/11/2014 - 9:55 PM OpenVPN > TCP connection established with [AF_INET]127.0.0.1:34604 6/11/2014 - 9:55 PM OpenVPN > TCPv4_CLIENT link local: [undef] 6/11/2014 - 9:55 PM OpenVPN > TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:34604 6/11/2014 - 9:55 PM OpenVPN > TLS: Initial packet from [AF_INET]127.0.0.1:34604, sid=0eb09504 ef87f7e3 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org 6/11/2014 - 9:55 PM OpenVPN > Validating certificate key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has key usage 00a0, expects 00a0 6/11/2014 - 9:55 PM OpenVPN > VERIFY KU OK 6/11/2014 - 9:55 PM OpenVPN > Validating certificate extended key usage 6/11/2014 - 9:55 PM OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 6/11/2014 - 9:55 PM OpenVPN > VERIFY EKU OK 6/11/2014 - 9:55 PM OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org

My AirVPN was working for a while then all of a sudden out of nowhere this issue comes along. 1) I open AirVPN 2) I login 3) I select a network 4) Connecting... for a while 5) I'm now logged out back at Step 2 I tried 1) re-installing .net 4.0 2) re-installing openVPN (from both the latest airvpn zip but also the latest from the openvpn website directly) 3) re-installed TAP and re-setup TAP from Windows > "Add a new TAP virtual ethernet adapter" which completes succesfully I'm out of ideas, why is this not working!

Hi- this isn't so much a problem as a change I've noticed since upgrading my OS to run OpenVPN Last year was running 2 main devices. Laptop on Ubuntu 9.04 and a tablet on Ice Cream Sandwich. OpenVPN wouldn't run on Ubuntu 9.04 on laptop, had to configure seperately via Network Manager. Worked a treat on laptop, except whenever my connection was disrupted and AirVPN automatically reconnected but to a different server, Facebook and Gmail would go into spasms, lock me out and I'd need to reanswer security questions. It was painful, but I felt safe I could run OpenVPN on my Android tablet, and I don't recall having this reconnection security issue at either site ( but didn't use the tablet much ) I upgraded to Mint last year, was able to install OpenVPN and run my AirVPN acct through it. But I did notice that since then, neither FB or Gmail has had security issues with this when connection drops and is re-established via a different server A colleague suggested that perhaps in the interim AirVPN may have updated it's routing so that reconnects don't cause Facebook/ Gmail to warn about session hijacks, and I should check that first Is this the case? Or is OpenVPN somehow signalling that a VPN is being used with some sites such as Facebook? TIA

I just downloaded a new configuration from the config generator. I created one for Asia and one of USA. I used the generator to make the generator create separate files for the keys, certs. The ovpn is set to use port 443. This has worked before. Now it seems to time out. Tue Apr 15 18:23:52 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Apr 15 18:23:52 2014 TLS Error: TLS handshake failed Tue Apr 15 18:23:52 2014 SIGUSR1[soft,tls-error] received, process restarting Here is everything: openvpn Asia443.ovpn Tue Apr 15 18:20:48 2014 OpenVPN 2.3.2 x86_64-redhat-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [iPv6] built on Sep 12 2013 Tue Apr 15 18:20:48 2014 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Tue Apr 15 18:20:48 2014 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Apr 15 18:20:48 2014 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Apr 15 18:20:48 2014 Socket Buffers: R=[212992->131072] S=[212992->131072] Tue Apr 15 18:20:48 2014 UDPv4 link local: [undef] Tue Apr 15 18:20:48 2014 UDPv4 link remote: [AF_INET]119.81.1.123:443 Tue Apr 15 18:21:48 2014 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Tue Apr 15 18:21:48 2014 TLS Error: TLS handshake failed Tue Apr 15 18:21:48 2014 SIGUSR1[soft,tls-error] received, process restarting Tue Apr 15 18:21:48 2014 Restart pause, 2 second(s) Tue Apr 15 18:21:50 2014 Socket Buffers: R=[212992->131072] S=[212992->131072] Tue Apr 15 18:21:50 2014 UDPv4 link local: [undef] Tue Apr 15 18:21:50 2014 UDPv4 link remote: [AF_INET]119.81.1.123:443

Hello!, When connecting on linux via the command 'sudo openvpn AirVPN_America_UDP-443.ovpn' I get the error in the subject line. It appears that I'm connected without problems but just wanted to check. I'm running the latest versions of Arch linux, openvpn, openssl, and have seperated keys/certs from ovpn files. The files are all in my home directory with permissions -rw-r--r-- Thank you for your help

must have RSA 4096 BIt when it doesnt impact performance and doesnt cost then why not ?? it is never been late to do the right thing other VPN giving RSA 4096 since 2013 and so many more and more higher encryption this is more important than Water after dinner and sex after party must have RSA 4096 Bit encryption guys

Hi there, sorry if this has been posted before but I did search the forum and look at the OpenVPN manual and found nothing of use. Basically I set up AirVPN to run automatically on startup through the 'services' method, so I no longer use the AirVPN client - something I learned on here. What's the easiest way to switch between AirVPN servers without using the client? I've added both config files to the OpenVPN folder, but whenever I try to switch it comes up with 'AUTH FAILED' Thanks

I recently posted a how-to running Transmission in a jail within freenas so the jail is the only thing running through the VPN and ipfw prevents Transmission from connecting to anything other than the VPN. Thought it might help others trying to do the same: http://forums.freenas.org/index.php?threads/how-to-use-openvpn-ipfw-in-a-jail-so-it-only-connects-to-the-vpn.18669/ Cheers

Hi AirVPN team, On the same machine I have windows and ubuntu. On Windows: * Windows 8 Pro * Advanced Firewall used to limit internet traffic to only be through VPN * uTorrent w/ port forwarding * Usually peaks around 2.5mB/s. Max I've seen is 3mB/s+. * Server: Sirius, TCP On Ubuntu: * 12.04 Server (with minimal desktop installed) * UFW used to block all traffic out/in for internet except certain ports through VPN * Transmission w/ port forwarding * Usually peaks around 500kB/s. Max I've seen is 900mB/s. * Server: Sirius, UDP What can I do to increase the speed on Ubuntu? I think it's very odd that this is happening. Other variations are that the disks are different, but both are comparable 7200RPMs. Thanks

Hello everyone! When I requested a three-day trial of AirVPN's service in September 2013 I was testing a number of VPN clients (e.g. the Air client (which was the very bad condition client, not Eddie), OpenVPN GUI, Viscosity). I too searched the internet for methods to stop torrent programs from working - or at least to block their traffic - when the connection to a VPN breaks. There were some open source programs from SourceForge I tried out and some "commercial" programs I downloaded from TPB to test them out. Most of them simply terminate the processes of torrent clients and relaunch them when a VPN connection is reestablished. I used Viscosity first. Cool client, no problems, stable. But it costs $10. I was just about to purchase it because I didn't find anything better when I used DuckDuckGo again and found an even cooler client: SecurePoint SSL VPN SecurePoint is a german IT security company based in Lüneburg. It's therefore made in Germany. I don't know any user numbers, I just know that it's open source and somehow unknown to many of those using VPN services. In the pictures german localization is used. Don't panic! When you download and install the client, you can choose english as well. When you open the client, a small overview of your connections will be shown with one-click abilities to start your preconfigured profiles. To import a .ovpn file, click on the gear in the bottom right corner > Import. Select your .crypt or .ovpn file, set a profile name in Import as (filename or a name of your choice) and click import. Basically, you can now click on the left square of your new configuration and start the connection. That's it! Thank you for reading.. There are also the client settings which let you enable startup with Windows, add/delete TAP adapters, configure proxy and more. The contect menu of every connection will look like this. Quick Edit and Settings will open the configuration of your selected profile. If you need a GUI for changing the configuration, use Settings. Quick Edit will provide a small editor window in which you can manually edit the .ovpn file. Doing changes here will of course update the GUI version as well. The GUI settings will start with an option to autostart the selected profile after client launch and the abilities to rename the profile and delete stored authentication data (usernames/passwords). The Advanced button opens up the advanced settings (who knew?). As I wrote earlier, this is the GUI for configuring the .ovpn file, any change here will be written into the file itself. If you don't know what these do, I recommend to not touch any settings in General and OS tabs unless you are told to do so by someone here on the forums. Just take a look at the Scripts tab. The client will execute any file or command you enter here before/after connection and disconnection and when errors occur. As it was pointed out in this thread, this is a built-in feature of OpenVPN and therefore guaranteed to work (I mean, they will trigger; it's up to you if the command/file can actually be executed successfully, try it out first!). In client version 2 the Remote tab was introduced. It allows you to quickly enter more IPs you want the client to connect to. In the Advanced tab selecting Random host will cause the client to connect randomly to one of the IPs in the Remote list (and will, of course, update the .ovpn file accordingly). SecurePoint SSL-VPN is open source and can be found on GitHub. v2.0.15 uses OpenVPN v2.3.7 but all the binaries can be manually updated by just replacing them in the client's directory. You can download the client from SourceForge. In the past it was able to also freely download it from SecurePoint's servers, however, now a registration as a reseller is required. [h3]How to manually update used OpenVPN/SSL/LZO versions Download the newest installer for Windows, create a new directory on your desktop and let the installer copy the files into it. In the component selection of the installation, select OpenVPN User-Space Components only. Then you just copy openvpn.exe and all DLL files you see into the bin directory of Securepoint. Make sure to diconnect first since openvpn.exe is used. Then just reconnect and you will see that Securepoint uses new versions of OpenVPN and libraries. Thank you for reading!

Hi, As some of you may know, DD-WRT requires at least 8mb of memory (or 4mb if it's a Broadcom chipset) in order to use OpenVPN. However, this is not the end of the world. I use a D-Link DIR-615 which is unsupported by DD-WRT for OpenVPN, but I am able to get it running. Things to know before hand: 1. My router's processor is only 400mhz, and combined with the lack of memory, it means that the maximum speed I am getting is around 6mbps 8mbps. On a normal machine, I get a lot more. This is due to the processor limitations and not due to the implementation. 2. Most problems I have had are to do with permissions. Make sure your uploaded files are all 777 or 755 permissions. 3. This should work on most MIPS routers. I can guarantee that it is working on the DIR-615 and TL941N routers. 4. The OpenVPN package I am using is from November 2011, so it is relatively outdated. I believe it is version 2.2, whereas the current release is 2.3.2. If someone is willing to repackage it and upload the latest version, it may provide better performance. Updated to March 2014! REQUIREMENTS: 1. You need a server. Maybe AirVPN can help in this regard if they would be willing to host the files? On this server, you will host a package called openvpn_pack.tar.gz containing the openvpn config and libraries for ssl and lzo.You will also host a script and your ovpn files. WHY IS THIS THE CASE? My router only has 64kb of NVRAM. This means that I can only store a small amount of data on there before the memory is consumed. The best way to conserve the NVRAM is to wget the needed scripts from a remote server rather than store them on the router itself. If you use all of your NVRAM, you can brick your router.2. You need your .ovpn file generated through the "Enter" section of AirVPN. And we begin: 1. The first step required is to upload the files to your server. Here is a temporary link to download openvpn_pack.tar.gz (855kb). This is not a host for you to use in your script, and is only staying up temporarily for public access. You must download this package and upload it to your own host, unless AirVPN is willing to host it.The following script must be saved as "executeScript.sh" and uploaded to your server: #!/bin/sh cd /tmp/openvpn export LD_LIBRARY_PATH=/lib:/usr/lib:/jffs/lib:/jffs/usr/lib:/jffs/usr/local/lib:/mmc/lib:/mmc/usr/lib:/opt/lib:/opt/usr/lib:/tmp/openvpn/lib cd /tmp/openvpn killall -9 openvpn sleep 2 insmod /tmp/openvpn/lib/tun echo tun.ko bridged killall -9 openvpn /tmp/openvpn/bin/openvpn --config /tmp/openvpn/client/airvpn.ovpn --daemon echo Started the daemon echo Starting loop to update the routing tunup=0 while [ $tunup ] do sleep 1 if ifconfig tun0 then iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE tunup=1 echo Set the routing tables to use the vpn break fi done You must go through this section of AirVPN and generate your ovpn file. NOTE: You can also add the following lines to the end of your ovpn file if you want to debug any errors: status /tmp/var/log/openvpn-status_tap.log log-append /tmp/var/log/openvpn_tap.log mute 20 The first two lines will make logs of the connection in case you need to troubleshoot, and the third line will limit logging repeating problems to conserve memory. You can use notepad to edit the files. Also, in the script I have called this file AirVPN.ovpn. Your filename will be different. You can either change the script to your filename or you can rename your file to AirVPN.ovpn. 2. The second part is to log into your router at 192.168.1.1, or whatever your router's IP address is. 3. Click the "Administration" tab, and then click on the "Commands" tab. 4. Here you will need to input the start up script. The start up script will fetch the required OpenVPN package from your server, extract it, and begin to execute the scripts. This will be run every time the router turns on. You will need to put the following in the Command Shell textbox and click the "Save Startup" button at the bottom. Please note that you must edit the URLs with your own: #!/bin/sh echo "#!/bin/sh rm -f /tmp/openvpn/client/foobar.ovpn echo Removed foobar file while ! ps | grep -q \"udhcpc\"; do sleep 1 done while ! ls /tmp/openvpn/client | grep -q \"foobar\"; do killall -9 wget killall -9 gzip killall -9 tar echo finished kill sequence cd /tmp rm -f ./openvpn_pack.tar.gz rm -f ./openvpn_pack.tar rm -r -f ./openvpn echo Removed the old files wget http://www.yourhost.com/openvpn_pack.tar.gz sleep 10 chmod +x /tmp/openvpn/openvpn_pack.tar.gz sleep 2 gzip -d ./openvpn_pack.tar.gz tar -xf ./openvpn_pack.tar rm ./openvpn_pack.tar echo Finished unpacking the TAR ball wget http://www.yourhost.com/AirVPN.ovpn -O /tmp/openvpn/client/foobar.ovpn #echo \"foobar\" > /tmp/openvpn/client/foobar.ovpn echo Finished with the OVPN files wget http://www.yourhost.com/executeScript.sh -O /tmp/openvpn/runit.sh chmod +x /tmp/openvpn/runit.sh if ls /tmp/openvpn/client | grep -q \"foobar\"; then echo starting the runit script /tmp/openvpn/runit.sh > /tmp/var/log/runit.log & fi done echo done with getting the stuff " > /tmp/get_openvpn.sh chmod +x /tmp/get_openvpn.sh /tmp/get_openvpn.sh > /tmp/var/log/openvpn_script.log & 5. You should now be able to connect to OpenVPN on your router. However, we are not finished. If you go http://www.dnsleaktest.com, you will see that your DNS is leaking. In order to seal the leaks, you must go to the Setup tab on your DD-WRT homepage, and in Basic Setup there will be a section titled "Network Address Server Settings (DHCP)." Here you must set your first DNS as the following: Static DNS 1: 10.4.0.1 Static DNS 2: 10.5.0.1 Static DNS 3: 50.116.23.211 The first two DNS are AirVPN's DNS. The third DNS is one that I have chosen from the OpenNIC project (see here). This is because I have had trouble connecting to AirVPN DNS when I am not connected to the VPN, but before we are able to connect to the VPN we must be able to download the files we uploaded from our server. As a resulted, we need a trusted DNS with reliable up-time for the initial connection. For added security, do not add the third DNS, and instead use one of AirVPN's (ie 10.6.0.1). This will also provide DNS leak protection when browsing as AirVPN's DNS can only be accessed when connected to the VPN. 6. Reboot your router, and wait a minute or so. Then go to http://www.dnsleaktest.com to check that you are completely behind the IP and DNS you want to be behind. And that's pretty much it. There is no GUI and no further details to add. If you followed the procedure correctly, your router should be connected to AirVPN with no DNS leaks. Enjoy. If this tutorial helped you out, and you would like to show your gratitude, then contact AirVPN and tell them you would like to donate for me an extra month (or more?) of VPN access edit: Updated with the latest packages (March 17 2014) for OpenSSL and OpenVPN. You should experience a 20% bandwidth increase with the latest packages.