Jump to content
Not connected, Your IP: 3.88.16.192

Search the Community

Showing results for tags 'SSL'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 42 results

  1. Hey, I am using airvpn to hide tor usage. Of course I don't want the network that I am using to know I am using a vpn either... Does the ssl/ssh tunnel remedy this or could the isp still figure out im using a vpn? How can I conceal my traffic as best as possible? thanks in advance
  2. Hi guys, I've subscribed to the Airvpn service about 4 months ago and I'm very happy with it. Nevertheless, as a Linux user (currently Lubuntu 16.04) which isn't using the client option, it was becoming somewhat annoying to turn on and turn off the openvpn and the stunnel in different terminals every time. Few days ago I sat and wrote a small CLI script in python, that is automating the process of connecting and disconnecting to the Airvpn service. The script can be found here: https://github.com/hemulin/airvpn_toggler Simply put, what it does is: When turning on - 1) Scanning the configs files folder and asking you from which country you wish to exit 2) After you choose a country, it turns on the stunnel as a background process and waiting for it to finish the initialization 3) After the stunnel init has finished, it turns on the openvpn as a background process and waiting for it to finish init. 4) After the openvpn has finished its init, the script validates that the external IP has changed and if yes, adding a system tray indicator to show it is connected. When turning off - 1) Killing the system tray indicator, the openvpn and the stunnel processes. 2) Validating that the external IP has changed. Currently it is working well for me, but I still consider it to be a "work in progress", so (1) I still improves it and (2) Feel free to ask for features (and of course, forks and pull requests are welcome). Cheers, Hemulin
  3. Hi Forum, I am new to the AirVPN Service. It got my attention because it is one of the few service offering many alternative connection options if an ISP, Admin or Firewall blocks VPN connections. One of which would be the SSL Tunnel for Port 443. Using the recommended server option this connection works but I tried to connect to a server in Europe, for example all German servers as well as one in Austria and the connection failed. Switching to one in Canada the connection worked flawlessly. Now even some servers in Canada do not work. What can cause this issue? I have attached my log files. AirVPN_20160621_122918.txt
  4. Hi All, I have a Debian Apache Server running on a machine under my home network. I have a opnevpn client and a AirVPN host running especially for the server. But all the incoming connections over ports 80 (http) and 443 (https) are not accessible now from the publicly assigned IP address by AirVPN. I have tried port forwarding some arbitary port >2048 to internal port 443 using Remote Port Forwarding and it works fine. But now I wanted to have a SSL certificate provided by https://letsencrypt.org/ but their client only checks and updates the certificates over SSL port 443 and that is true for all the SSL certificate providers. Is there any I can get the requests go through the VPN?
  5. Will it ever be possible for us to hide our connections to AirVPN on our mobile devices using OpenVPN over SSL and SSH in the future via Eddie or some other mobile solution?
  6. Hello, since a few days I get weird disconnections when I'm going via a SSL Tunnel. Why's that and am I compromised after this disconnection? Thanks in advance for your help!
  7. Hi, As the title says, I can only connect with the SSH or SSL tunnel. I'm on Windows 10, using the Eddie client, trying to connect to a Dutch server. When I try to connect with UDP over port 443, it times out at the "Checking Route" stage. Honestly, I don't really mind because I tunnel over SSH or SSL anyway, but I'm curious if this is a known issue with a solution. Thanks for any help!
  8. I'm with Virgin Media in the UK, on 160/12 cable. Last year I had a spate of low speed (3MB/sec hard cap) which I initially blamed on throttling of OpenVPN as I could hit full speed on my naked ISP connection. After some investigation I found it was actually a bug in the ISP supplied router, so I switched to my own and the problem went away. Lately however, I'm having a hard speed cap problem and it really looks like issues caused by either VM's use of DPI and/or OpenVPN throttling/shaping at ISP level. VM operate a whitelist for shaping, so unless the protocol is whitelisted it's shaped by default. VM categorically and publicly deny any form of throttling, shaping or interference with OpenVPN connections. I've been using an Ubuntu torrent as a speed benchmark as it's multi-threaded, consistently very fast, and can be used off-VPN without fear of legal issues. I have tested every port and protocol in Eddie, as well as via Viscosity (to rule out Eddie issues). I also tried the same tests with several other well respected VPN providers with good networks and the results were consistent across them all, Air included. Note that I am using MB/sec in its proper format, meaning megabytes per second. 1MB/sec = 8Mbps. All results are for the same Ubuntu 15.04 x64 torrent downloaded in the latest qBittorrent v3.2.3 on Mac OS X (also verified on Linux, PCBSD and Windows 8.1 Pro). As well as checking against multiple VPN companies, multiple OpenVPN software and multiple operating systems, I also reproduced the results on multiple machines (mid 2012 MacBook Pro and my FX8350 / 16GB DDR3 / Samsung Evo 850 sad / Radeon R9 380 gfx desktop). I repeated the tests with several ethernet cables (to rule out cable issues), as well as with *machine* > router > modem and *machine* > modem (to rule out firmware or routing issues). Every time, regardless of the variable, the results below were consistent. ISP : 19MB/sec OpenVPN 53 UDP : 2MB/sec OpenVPN (all other ports in turn) UDP : 5MB/sec OpenVPN (all ports) TCP : 4 - 5 MB/sec OpenVPN + SSH 22 : 2MB/sec OpenVPN + SSH 80 (or 53) : 13 - 18 MB/sec (lower in peak times, high off-peak) OpenVPN + SSL 443 : 13 - 18 MB/sec (lower in peak times, high off-peak) As we can see, generally SSL and SSH masking the OpenVPN connection allows almost full line speed (minus the encryption overheads). That's great. As soon as it's a bare OpenVPN connection the speeds cap out at around 33% of what they should be. Bare OpenVPN TCP is a little slower than UDP (as you'd expect) but otherwise in accordance with the general 5MB/sec cap experienced on UDP. The only exceptions are UDP:53 and SSH:22 which are both heavily restricted to around 2MB/sec. Now to my mind, knowing what I do of VM's shaping and DPI systems, this would only make sense if they were interfering with OpenVPN either by purposefully throttling it, or else their DPI system is messing up the connection. They further seem to restrict SSH:22 and UDP:53 by protocol but not by port. This actually makes sense, as all other Eddie combinations are quite random whereas SSH:22 (SSH) and UDP:53 (DNS) are established network traffic protocols and thus could be singled out for listing in the shaping systems. If we reverse the protocol/port (to give SSH 53 and UDP 22) we once again obfuscate the tunnel and go back to full speeds! I also get a lot of decrypt/replay errors in the logs on every single port for 'normal' OpenVPN. As soon as I hide the OpenVPN in either SSL or SSH the errors simply don't occur. Ever. This suggests that the extra tunnel is hiding the OpenVPN tunnel from being shaped, or else the DPI process in and of itself is breaking OpenVPN and causing the packets to arrive out of order. Maybe that in and of itself can hurt speed? So there you go. Sorry for the long post but it's an interesting (if thoroughly frustrating and annoying) issue. What do you gurus think? Given I have worked to change the variables one at a time to rule out issues with AirVPN (different providers), the router and/or its firmware (direct connection to modem, bypassing router), wireless issues (used ethernet directly) and OS limits or bugs (used multiple OSs) I can't see anything is left... except issues with the ISP shaping/throttling or else their DPI breaking things. I posted a thread very similar to this in VM's support forums, but for a whole week it has gone unanswered by any staff. Interestingly it is the only thread on the forum to have been ignored. Make of that what you wish. I await your replies with interest. Thanks in advance for reading.
  9. Hi Everyone, I am currently trying to run AirVPN through an SSL Tunnel on port 443 as my default setting; however I don't show that port as open on my machine. It shows AirVPN running on port 50080. Is there a problem? Why isn't SSL Tunnel working? Thanks
  10. Hi, Is there any development going on to enable SSH or SSL tunnels on Android to avoid DPI in China? Some other providers already have this service on Android. Thanks,
  11. One user descriped a way how to bypass the great firewall in china: https://airvpn.org/topic/11134-ssh-or-ssl-tunnel-on-android/?p=21319 Why isn't android supported officially? If the devs decide to support this I will make an video which would explain this feature and how to install it.
  12. Security researchers have developed an application called pacumen to analyze encrypted traffic. With the information provided by it an attacker can find out if a certain (specified) application is communicating behind an encrypted connection. This analysis technique is called a side channel attack. In pacumen, you create a classifier (detection rules for the application you'd like to uncover in the traffic) and a pcap file with sniffed traffic (preferably covering hours of length). It then starts analyzing it and calculates a value, representing the similarity of the analyzed traffic with the specified rules. For example: The researchers tried to uncover usage of Skype inside an SSH tunnel and were quite successful. The same thing can be done with any other protocol, let's say, to see if some user is using Facebook over HTTPS. Or identifying BitTorrent inside OpenVPN. China and Iran could theoretically use it to uncover OpenVPN over SSH/SSL. Countermeasures are padding of all packets and/or sending contant dummy packets. Note that both of them would lower performance of tunnels drastically.
  13. Yesterday I saw that SSL was available in the config generator. I downloaded the new config file but am unable to connect. Can anybody tell me what might be the problem based on my OpenVPN connection log? If you need any other information please let me know. EDIT I just noticed stunnel.exe on the SSL page. Is there a guide to doing this SSL thing somewhere on the forums? I've been able to connect successfully after running stunnel. I ran this command from a command prompt in Windows 7: stunnel "AirVPN_US-Alkaid_SSL-443.ssl" Do I need to run this program each time I wish to connect via SSL? Also, when I am done, do I just close out the window or is there a specific way I should shut it down?
  14. Since SSL and SSH both use a double layer of encryption, I am wondering if this hides my download totals (bytes going to my PC) from my provider? My guess is not but I would appreciate confirmation. Thank you P.
  15. Hi all, I have just finished configuring the SSL tunnel for AirVPN under Linux (Ubuntu). I think the guide at https://airvpn.org/ssl/ needs to be updated. If you use apt-get install stunnel Ubuntu will install stunnel4, but the softlink which is used in stunnel "AirVPN <..> - SSL <..>.ssl" points at version stunnel3. So first, go to /usr/bin/ and change the softlink to point at stunnel4 instead of 3: sudo -ln -s /usr/bin/stunnel4 /usr/bin/stunnel [EDIT from Staff: the correct command is "sudo ln ..."] Second point is, stunnel needs to know where the ssl certificate is located, if you don't point it to the right directory, the connection will end with the error: End of section stunnel: SSL server needs a certificate So to get rid of this, you have to go to /etc/stunnel and create a file stunnel.conf (also check the README there for more infos) and in it insert 2 lines: cert=/path/to/pemkey=/path/to/keyLast but not least you have to generate a stunnel private key: openssl req -new -x509 -days 365 -nodes Just remember to put it in the folder, which is listed in the stunnel.conf file. Now you should be able to run the connection through a tunnel Because I'm not a Linux wiz, I have used help from the following guides: Google http://serverfault.com/questions/424619/stunnel-not-reading-configuration-file http://www.onsight.com/faq/stunnel/stunnel-faq-a.html https://www.stunnel.org/pipermail/stunnel-users/2011-September/003261.html
  16. Hi, I'm new to SSL. I'm using Viscosity and i know is compatible with SSL. I'm following these instructions http://my.hostvpn.com/knowledgebase/30/Stunnel-with-OpenVPN-or-Viscosity-on-Mac-OS-X.html. I've already installed stunnel, i marked "Bundle with executables" and generated the files. Now i have 5 files: AirVPN_GB-Nashira_SSL-443 AirVPN_GB-Nashira_SSL-443.ssl AirVPN_GB-Nashira_UDP-443 openvpn stunnelI don't understand for what is needed this command "./stunnel "AirVPN <..> - SSL <..>.ssl"" that i found here https://airvpn.org/ssl/ So i have the 5 files, stunnel installed, and Viscosity. Now? In my country a direct OpenVPN connection is possible. Should i use SSL or SSH. Sorry but i tried to find a guide on this site.
  17. Hello! We're very glad to introduce native support for OpenVPN over SSL and OpenVPN over SSH, and a completely re-designed configuration generator which includes exciting, additional AirVPN services and features. Our service becomes more censorship resistant and easier to use with a wide range of OpenVPN GUIs and wrappers. UPDATE OCT 2014: EDDIE CLIENT AirVPN client version 2, codename Eddie, gets out of the beta testing with version 2.6. Free and open source, it is a major breakthrough from client versions 1.x. Available for Linux, Windows and OS X Mavericks and Yosemite. Eddie includes Network Lock, full integrated TOR support for OpenVPN over TOR, support for OpenVPN over SSL and SSH, "intelligent" anti-censorship circumvention technique, "intelligent" VPN servers efficiency and rating calculations and much, much more. https://airvpn.org/topic/12464-eddie-27-available Currently the only open source OpenVPN wrapper in the world which allows OpenVPN over TOR connections without middle boxes or VM on three different OS. NEW SERVICES: OPENVPN OVER SSL - OPENVPN OVER SSH OpenVPN over SSL and OpenVPN over SSH will allow you to bypass OpenVPN connections disruption. Known ISP countries where the disruption takes place are China, Iran, Syria, Egypt. The connection disruption is possible because OpenVPN connections have a typical fingerprint which lets Deep Packet Inspection discern them from pure SSL/TLS connections. Connecting OpenVPN over SSL or OpenVPN over SSH will make your connection undiscernable from pure SSL or SSH connections, rendering DPI fingerprint identification powerless. OpenVPN over SSL/SSH is included in every Premium subscription without any additional payment. Use OpenVPN over SSL/SSH only when necessary: a slight performance hit is the price to pay. The performance hit is kept as low as possible because the "double-tunneling" is performed directly on our servers without additional hops. NEW FEATURES A new system for host resolution (not available for Windows) and dynamic VPN server choice is available. This will let you have OpenVPN configuration files which will try connections to various servers (according to your preferences) if one or more servers are unavailable. A new connection port (2018) is now available on all Air VPN servers. A new, alternative entry-IP address is now available on all Air VPN servers. NEW CONFIGURATION GENERATOR FEATURES - You can now select servers by countries, continents and planets (currently only one planet) or any combination between single servers and countries. - You can now select an alternative entry-IP address. Each Air server has now an additional entry-IP address to help you bypass IP blocking. - You can now choose a wide variety of compressing options: zip, 7zip, tar, tar & gzip, tar & bzip2. - You can now choose not to compress the files and download them uncompressed one by one NEW CONFIGURATION GENERATOR "ADVANCED MODE" FEATURES - Total connection ports range available, including new port 2018 in addition to 53, 80, 443 and (for SSH) 22. - Option to generate non-embedded configuration files, mandatory if you use network-manager as OpenVPN wrapper under Linux or just in case you use any wrapper that does not support embedded with certificates and keys OpenVPN configurations. - Option to generate files and scripts for OpenVPN over SSL/SSH connections by clicking on "Advanced Mode" - Option to select "Windows" or "Linux and others". Make sure you select the correct option according to your OS, because connections over SSL/SSH in Windows require different files than those required for Linux, *BSD and Unix-like / POSIX compliant systems such as Mac OSX. - New options to generate configuration files that support proxy authentication for OpenVPN over a proxy connections, particularly useful if you're behind a corporate or college proxy which requires authentication. A significant example of usage of OpenVPN over a proxy is OpenVPN over TOR: https://airvpn.org/tor Instruction page for OpenVPN over SSL (only if you don't run our client Eddie): https://airvpn.org/ssl Instruction page for OpenVPN over SSH (only if you don't run our client Eddie): https://airvpn.org/ssh Please do not hesitate to contact us for any additional information. Kind regards & Datalove AirVPN admins
×
×
  • Create New...