Search the Community

I've noticed that the number of public WiFi operators making AirVPN unuseable is increasing. To be honest, I don't think it is specifically AirVPN being targeted. I can establish an outbound tunnel quickly and easily, but am then unable to connect to anything via the tunnel. When I look at the stats, the packet counters just stop incrementing. So far I've seen this behaviour with: BT WiFi (any flavour) - Never workedO2 WiFi (certain branded outlets, including Sainsbury, Asda)The Cloud (just started recently).Other providers (including my home broadband, guest wireless at work and (I think) IKEA) work fine so I think the config which comes directly from OpenVPN anyway is OK. Are they likely to be inspecting the traffic and discarding it because it's encrypted, or can it be resolved by reducing frame size, and/or using a different AirVPN transport?

Hi, I am used to using *sudo openvpn --config file.ovpn* and will not switch to use any GUI. However after switching to Ubuntu 16.04 LTS I cannot connect to AirVPN - the log looks like connection succeeded but I have no internet connection. Could you please point me to a tutorial on how to connect from terminal? I cannot find any. ~/AirVPN$ sudo openvpn --config germany.ovpn Mon Mar 27 09:40:44 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [iPv6] built on Feb 2 2016Mon Mar 27 09:40:44 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08Mon Mar 27 09:40:44 2017 Control Channel Authentication: tls-auth using INLINE static key fileMon Mar 27 09:40:44 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:44 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:44 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]Mon Mar 27 09:40:44 2017 UDPv4 link local: [undef]Mon Mar 27 09:40:44 2017 UDPv4 link remote: [AF_INET]178.162.198.112:2018Mon Mar 27 09:40:46 2017 TLS: Initial packet from [AF_INET]178.162.198.112:2018, sid=5f8e2f65 10b9f080Mon Mar 27 09:40:46 2017 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgMon Mar 27 09:40:46 2017 Validating certificate key usageMon Mar 27 09:40:46 2017 ++ Certificate has key usage 00a0, expects 00a0Mon Mar 27 09:40:46 2017 VERIFY KU OKMon Mar 27 09:40:46 2017 Validating certificate extended key usageMon Mar 27 09:40:46 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationMon Mar 27 09:40:46 2017 VERIFY EKU OKMon Mar 27 09:40:46 2017 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgMon Mar 27 09:40:47 2017 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyMon Mar 27 09:40:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:47 2017 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyMon Mar 27 09:40:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:47 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSAMon Mar 27 09:40:47 2017 [server] Peer Connection Initiated with [AF_INET]178.162.198.112:2018Mon Mar 27 09:40:49 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Mon Mar 27 09:40:49 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.30.0.1,comp-lzo no,route-gateway 10.30.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.30.0.155 255.255.0.0'Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: timers and/or timeouts modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: LZO parms modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ifconfig/up options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: route options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: route-related options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedMon Mar 27 09:40:49 2017 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=wlp2s0 HWADDR=48:51:b7:b2:37:2fMon Mar 27 09:40:49 2017 TUN/TAP device tun0 openedMon Mar 27 09:40:49 2017 TUN/TAP TX queue length set to 100Mon Mar 27 09:40:49 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0Mon Mar 27 09:40:49 2017 /sbin/ip link set dev tun0 up mtu 1500Mon Mar 27 09:40:49 2017 /sbin/ip addr add dev tun0 10.30.0.155/16 broadcast 10.30.255.255Mon Mar 27 09:40:49 2017 /sbin/ip route add 178.162.198.112/32 via 192.168.0.1Mon Mar 27 09:40:49 2017 /sbin/ip route add 0.0.0.0/1 via 10.30.0.1Mon Mar 27 09:40:49 2017 /sbin/ip route add 128.0.0.0/1 via 10.30.0.1Mon Mar 27 09:40:49 2017 Initialization Sequence Completed

read through thread after thread and i can't solve this... i need DNS to work both within and outside of the VPN (using a different connection), but when the tunnel connection is active, i want to use only the DNS provided by the Air servers mint 18.1/opendns process should be straight forward: config gen > advanced > resolve host names > generate > change 'opvn' extensions to 'conf' and dump files in /etc/openvpn router (tomato): advanced > DHCP/DNS > 'Use internal DNS' ??? i don't know, but doesn't seem to work without this selected - 'Use received DNS with user-entered DNS' ??? i don't know OS: connection editor > IPV4 > method: tried 'automatic' and 'automatic (addresses only)' - no DNS servers added to the IPV4 tab (shouldn't need any since domains were resolved when i gen'd the config's?) so when i restart openvpn and connect to the connection i created, i expect that no DNS lookup should be needed to reach the VPN because the IP's were resolved when i gen'd the config files - and after i connect, i should be using the VPN DNS, however i cannot even connect to the servers adding 10.4.0.1 to resolv.conf does not survive a reboot and nothing else i've tried works the only way i can connect seems to be to set 'method' to 'automatic' in the connection editor and use the random DNS servers configured in the router - so when i go to ipleak.net, i'm connected to the VPN, but the DNS is not provided by the VPN server

Hi, First of all, I'm very happy with the service. AirVPN is simply the best VPN service out there and I am glad to have found you! Running AirVPN on my desktop machines (Win, OSX, Linux) works like a charm either with plain OpenVPN or one of your clients. However, I'm not really sure how I can also use your service on my Linux server to which I connect via ssh. The issue is that as soon as I run openvpn with sudo openvpn --config your_config_file.ovpn naturally the existing ssh connection - as well as any other means to reach my server - gets interrupted. So my use case is that my server should stay reachable publicly as before, but ideally I would like to open a single shell session that gets routed through your VPN for occasional casual browsing or processes which I prefer to use anonymously.. Can I somehow restrict the VPN to only one process? Do you see any other solution for my use case? Best regards!

Hi, I have searched a lot to achieve this. I am looking for a comprehensive step by step (being a novice in this area) to setup a separate Virtual Access point in a DD-WRT router which uses OpenVPN and TOR (This feature is available in latest version of DD-WRT) at the same time. Also I want to ensure that any traffic goes through this VAP only if OpenVPN is up and running. I want to have OpenVPN on port 443 (TCP) due to aggressive DPI by local ISPs for VoIP. Looking to hear from experts I have gone through some guides (no.1 and no.2) but these aren't completely covered or not most relevant.

Hi I've added the following directives to my openVPN client configuration file in order to maximise the VPN throughput on my Ubuntu 16.04 based VPN router/gateway. fast-io nice -20 Starting my VPN with sudo service openvpn restart, initiates the VPN correctly, but the "nice" directive isn't applied. Relavent lines of log are below. Feb 14 12:30:09 srvbuntu ovpn-airvpn[23065]: nice = -20 ... Feb 14 12:30:09 srvbuntu ovpn-airvpn[23065]: fast_io = ENABLED ... Feb 14 12:30:09 srvbuntu ovpn-airvpn[23067]: WARNING: nice -20 failed: Operation not permitted: Operation not permitted (errno=1) If I start the VPN from the CLI using "sudo openvpn airvpn.conf" the "nice" directive is implemented: Tue Feb 14 12:37:25 2017 us=588423 nice -20 succeeded What is preventing the nice directive from being followed when I start it as a service?

So something strange is happening. I am mostly connected to an German Server. Also most Server dont work anyway with Amazon Prime. But at least two i know of do. But that is not the pont. So i have a Zotac Z-Box, setted it up with the pfSense Guide from the Forum here and everything is just good. Full speed, connection encrypted, perfect. No issues, except with Amazon Prime. From time to time, when i watch Amazon Prime on my Smart TV or with an Fire TV SetupBox it kills my router. That means my pfSense router just does not react anymore, i have to press the powerbutton on the device itself to turn it off and turn it on again. And i have no fucking clue, how Amazon Prime is able to kill my router. I mean what is happening that it can do that to the router. Has anybody any clue? Do you need more information? Ask i try to say what i know, but i am no expert in pfSense etc. But i just dont understand how a website can manage to kill a router that it is not reacting anymore.

Hello, I've recently installed OpenVPN for Android (the open-source recommended choice) but I'm concerned about different issues. For instance, this app doesn't autostart at boot / reboot but has to be manually started. BTW Android uses wifi's previous state after reboot : when Wifi was "on" our real IP is visible until OpenVPN is manually started. When it crashes (it happens with the latest version) our real IP gets exposed too. I wonder if it could be possible to configure a firewall (AfWall+ or Droidwall) to block all the traffic excepting the one which transits through OpenVPN for both Wifi and data (3G/4G) ? These two apps are using iptables but I don't know how to write the custom rules matching my requirements. The help and knowledge of some computer savvy members would be appreciated. If it works we could maybe create a tutorial for the "How to" section of this forum ? I've collected several articles regarding Android and iptables but I've no idea how I could adapt all this for AirVPN .ovpn default config file (Europe). https://android.stackexchange.com/questions/14455/how-can-i-block-the-traffic-outside-the-vpn-even-if-the-vpn-is-down https://github.com/ukanth/afwall/wiki/Apps-leak-private-user-data-during-boot https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy https://droidvpn.com/page/stopping-leaks-with-droidwall-when-using-droidvpn-8/ https://airvpn.org/faq/software_lock/ Any idea ? Thanks

Here: https://airvpn.org/specs/ is stated that each AirVPN server has its own DNS server. Why is that? Why are the DNS servers protocol and port specific? Why not give just one? Is that arbitrary or does it serve a purpose besides load balancing? What will happen if I use for example UDP Port 53 for my VPN connection and 10.9.0.1 as my DNS server instead of the listed 10.8.0.1?

Hi, I exactly followed all steps for creating a VPN on Synology. I have established a successful VPN connection - which is visible on in my AirVPN client area > overview page. The thing is that I cannot access the internet (Download Manager) - even ping (using putty) is not responding after having made the VPN connection.Btw - I deliberatly did not (yet) make any portforwarding changes, as I wanted to see if something as simple as this would work.Because I thought it might be a firewall issue, I temporary disabled my router firewall - no luck. Hope you could get me in the right direction... Netstat before and after making VPN connection. DiskStation> netstat -nrKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0DiskStation> netstat -nrKernel IP routing tableDestination Gateway Genmask Flags MSS Window irtt Iface0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tun00.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth010.8.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tun0192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0213.152.161.73 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0213.152.161.73 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0

Just a quick question, I have OpenVPN setup in my Shibby Tomato router to use airvpn. No issues until I started to selectively route a few of the Source IP through the tunnel (using the GUI OpenVPN Client tab Routing Policy) as I can't Netflix to work. So now, my ISP's DNS is showing up in DNS leak test. I've tried to insert static DNS in the basic network config to use another DNS server, but nothing worked. DNS Leak test still show me that I am using my ISP's DNS server. Anyone has this problem when selectively routing a few IPs through the tunnel using Tomato?

I am running a headless ubuntu server v16.04 on raspberry pi, everything works fine. Now I am trying to setup openvpn client with AirVpn, can anybody provide some instructions on how to do it ?

As the title says, I'm trying to connect to AirVPN via OpenVPN on Linux but can't. I recently updated to OpenVPN 2.4.0, but it has worked since the update. I generated a config file with no separate keys/certs and ran `sudo openvpn /path/to/air.ovpn`, but this happened: Sat Dec 31 23:26:05 2016 OpenVPN 2.4.0 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 28 2016 Sat Dec 31 23:26:05 2016 library versions: OpenSSL 1.0.2j 26 Sep 2016, LZO 2.09 Sat Dec 31 23:26:05 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Dec 31 23:26:05 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Dec 31 23:26:05 2016 TCP/UDP: Preserving recently used remote address: [AF_INET]71.19.249.195:443 Sat Dec 31 23:26:05 2016 Socket Buffers: R=[212992->212992] S=[212992->212992] Sat Dec 31 23:26:05 2016 UDP link local: (not bound) Sat Dec 31 23:26:05 2016 UDP link remote: [AF_INET]71.19.249.195:443 Sat Dec 31 23:27:05 2016 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Sat Dec 31 23:27:05 2016 TLS Error: TLS handshake failed Sat Dec 31 23:27:05 2016 SIGUSR1[soft,tls-error] received, process restarting Sat Dec 31 23:27:05 2016 Restart pause, 5 second(s) Sat Dec 31 23:27:10 2016 TCP/UDP: Preserving recently used remote address: [AF_INET]71.19.249.195:443 Sat Dec 31 23:27:10 2016 Socket Buffers: R=[212992->212992] S=[212992->212992] Sat Dec 31 23:27:10 2016 UDP link local: (not bound) Sat Dec 31 23:27:10 2016 UDP link remote: [AF_INET]71.19.249.195:443 ^CSat Dec 31 23:27:15 2016 event_wait : Interrupted system call (code=4) Sat Dec 31 23:27:15 2016 SIGTERM received, sending exit notification to peer Sat Dec 31 23:27:20 2016 SIGTERM[soft,exit-with-notification] received, process exiting My internet works fine, to my knowledge. I can access the internet normally with no problems. This problem affects my phone, desktop, and laptop; all 3 get the same timeout error.

I am trying to use AirVPN to SSH into a computer. How do I do this? I have tried the .sh file I got from the SSH tutorial, but when I try to connect to the computer running it, I can never log in (permission denied). Trying to use OpenVPN as root with the .ovpn file caused errors about not being able to connect.

My phone is connected to AirVPN via OpenVPN for Android. Most websites are fooled by the VPN, but when I ask google directly (OK Google), it shows my actual IP address. I do not have this issue on my PC. What can I do about this? Thanks in advance.

Dears, I've followed the tutorial on how to connect to AirVPN through DD-WRT but it seems that I can't do it on my own So I would appreciate your help The error I'm getting is: Clientlog: 20161112 18:22:31 N TLS Error: TLS handshake failed 20161112 18:22:31 I SIGUSR1[soft tls-error] received process restarting 20161112 18:22:31 Restart pause 2 second(s) 20161112 18:22:33 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:22:33 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:22:33 I UDPv4 link local: [undef] 20161112 18:22:33 I UDPv4 link remote: [AF_INET]109.232.227.148:443 20161112 18:23:33 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:23:33 N TLS Error: TLS handshake failed 20161112 18:23:33 I SIGUSR1[soft tls-error] received process restarting 20161112 18:23:33 Restart pause 2 second(s) 20161112 18:23:35 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:23:35 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:23:35 I UDPv4 link local: [undef] 20161112 18:23:35 I UDPv4 link remote: [AF_INET]109.232.227.148:443 20161112 18:24:35 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:24:35 N TLS Error: TLS handshake failed 20161112 18:24:35 I SIGUSR1[soft tls-error] received process restarting 20161112 18:24:35 Restart pause 2 second(s) 20161112 18:24:37 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:24:37 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:24:39 I UDPv4 link local: [undef] 20161112 18:24:39 I UDPv4 link remote: [AF_INET]213.152.162.103:443 20161112 18:25:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:25:07 D MANAGEMENT: CMD 'state' 20161112 18:25:07 MANAGEMENT: Client disconnected 20161112 18:25:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:25:07 D MANAGEMENT: CMD 'state' 20161112 18:25:07 MANAGEMENT: Client disconnected 20161112 18:25:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:25:07 D MANAGEMENT: CMD 'state' 20161112 18:25:07 MANAGEMENT: Client disconnected 20161112 18:25:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:25:07 D MANAGEMENT: CMD 'status 2' 20161112 18:25:07 MANAGEMENT: Client disconnected 20161112 18:25:07 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:25:07 D MANAGEMENT: CMD 'log 500' 20161112 18:25:07 MANAGEMENT: Client disconnected 20161112 18:25:39 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:25:39 N TLS Error: TLS handshake failed 20161112 18:25:39 I SIGUSR1[soft tls-error] received process restarting 20161112 18:25:39 Restart pause 2 second(s) 20161112 18:25:41 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:25:41 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:25:41 I UDPv4 link local: [undef] 20161112 18:25:41 I UDPv4 link remote: [AF_INET]213.152.162.103:443 20161112 18:26:41 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:26:41 N TLS Error: TLS handshake failed 20161112 18:26:41 I SIGUSR1[soft tls-error] received process restarting 20161112 18:26:41 Restart pause 2 second(s) 20161112 18:26:43 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:26:43 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:26:43 I UDPv4 link local: [undef] 20161112 18:26:43 I UDPv4 link remote: [AF_INET]213.152.162.103:443 20161112 18:27:43 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:27:43 N TLS Error: TLS handshake failed 20161112 18:27:43 I SIGUSR1[soft tls-error] received process restarting 20161112 18:27:43 Restart pause 2 second(s) 20161112 18:27:45 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:27:45 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:27:45 I UDPv4 link local: [undef] 20161112 18:27:45 I UDPv4 link remote: [AF_INET]213.152.162.103:443 20161112 18:28:46 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:28:46 N TLS Error: TLS handshake failed 20161112 18:28:46 I SIGUSR1[soft tls-error] received process restarting 20161112 18:28:46 Restart pause 2 second(s) 20161112 18:28:48 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:28:48 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:28:48 I UDPv4 link local: [undef] 20161112 18:28:48 I UDPv4 link remote: [AF_INET]213.152.162.103:443 20161112 18:29:48 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:29:48 N TLS Error: TLS handshake failed 20161112 18:29:48 I SIGUSR1[soft tls-error] received process restarting 20161112 18:29:48 Restart pause 2 second(s) 20161112 18:29:50 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:29:50 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:29:52 I UDPv4 link local: [undef] 20161112 18:29:52 I UDPv4 link remote: [AF_INET]213.152.161.132:443 20161112 18:30:52 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 20161112 18:30:52 N TLS Error: TLS handshake failed 20161112 18:30:52 I SIGUSR1[soft tls-error] received process restarting 20161112 18:30:52 Restart pause 2 second(s) 20161112 18:30:54 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 20161112 18:30:54 Socket Buffers: R=[180224->131072] S=[180224->131072] 20161112 18:30:54 I UDPv4 link local: [undef] 20161112 18:30:54 I UDPv4 link remote: [AF_INET]213.152.161.132:443 20161112 18:30:55 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:30:55 D MANAGEMENT: CMD 'state' 20161112 18:30:55 MANAGEMENT: Client disconnected 20161112 18:30:55 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:30:55 D MANAGEMENT: CMD 'state' 20161112 18:30:55 MANAGEMENT: Client disconnected 20161112 18:30:55 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:30:55 D MANAGEMENT: CMD 'state' 20161112 18:30:55 MANAGEMENT: Client disconnected 20161112 18:30:55 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:30:55 D MANAGEMENT: CMD 'status 2' 20161112 18:30:55 MANAGEMENT: Client disconnected 20161112 18:30:55 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 20161112 18:30:55 D MANAGEMENT: CMD 'log 500' 19700101 01:00:00 ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto udp cipher aes-256-cbc auth sha1 remote nl.vpn.airdns.org 443 comp-lzo yes tls-client tun-mtu 1500 mtu-disc yes ns-cert-type server fast-io tun-ipv6 tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 Can someone please help me ? I've attached my config in DD-WRT Thanks.

Hi, I am having trouble getting AirVPN running on: - Samsung Galaxy S5 (SM-G900F) - Android 6.0.1 - rooted using OpenVPN for Android by Arne Schwabe. I have created a .ovpn file using Chrome Android (creating such a file in Firefox Android also gives this problem) and followed the instructions here: https://airvpn.org/topic/11476-using-airvpn-with-openvpn-for-android/ When I try to start the newly made profile in OpenVPN for Android, I can see a dialog appearing for a split second, before seeing it disappear. Log: VPN API permission dialog cancelled My question is: How can I remedy this issue and connect to AirVPN on my Android device? Thanks in advance, Arceon

Recently joined and trying to lock down the fort. How can I patch up the DNS leak? I disabled IPV6 on Ethernet 2 and Wi-Fi adapters, and IPLeak appears to pass. Just DNS leaking.

Hi guys, I've subscribed to the Airvpn service about 4 months ago and I'm very happy with it. Nevertheless, as a Linux user (currently Lubuntu 16.04) which isn't using the client option, it was becoming somewhat annoying to turn on and turn off the openvpn and the stunnel in different terminals every time. Few days ago I sat and wrote a small CLI script in python, that is automating the process of connecting and disconnecting to the Airvpn service. The script can be found here: https://github.com/hemulin/airvpn_toggler Simply put, what it does is: When turning on - 1) Scanning the configs files folder and asking you from which country you wish to exit 2) After you choose a country, it turns on the stunnel as a background process and waiting for it to finish the initialization 3) After the stunnel init has finished, it turns on the openvpn as a background process and waiting for it to finish init. 4) After the openvpn has finished its init, the script validates that the external IP has changed and if yes, adding a system tray indicator to show it is connected. When turning off - 1) Killing the system tray indicator, the openvpn and the stunnel processes. 2) Validating that the external IP has changed. Currently it is working well for me, but I still consider it to be a "work in progress", so (1) I still improves it and (2) Feel free to ask for features (and of course, forks and pull requests are welcome). Cheers, Hemulin

hey guys, with ufw enabled, vpn connects but wget and web pages don't resolve: $uname -a Linux 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 2016 x86_64 x86_64 x86_64 GNU/Linux $ufw reset $ufw allow out on wlp1s0 to 213.152.161.180 port 443 proto udp $ufw allow out on tun0 $ufw status verbose Status: active Logging: on (low) Default: deny (incoming), deny (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 213.152.161.180 443/udp ALLOW OUT Anywhere on wlp1s0 # NL-Alblasserdam_Alchiba_UDP-443.ovpn Anywhere ALLOW OUT Anywhere on tun0 # tun0 $openvpn --config ~/VPN/NL-Alblasserdam_Alchiba_UDP-443.ovpn Mon Oct 3 2016 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb 2 2016 Mon Oct 3 2016 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Mon Oct 3 2016 Control Channel Authentication: tls-auth using INLINE static key file Mon Oct 3 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Socket Buffers: R=[212992->212992] S=[212992->212992] Mon Oct 3 2016 UDPv4 link local: [undef] Mon Oct 3 2016 UDPv4 link remote: [AF_INET]213.152.161.180:443 Mon Oct 3 2016 TLS: Initial packet from [AF_INET]213.152.161.180:443, sid=b2d0c912 4505e529 Mon Oct 3 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Mon Oct 3 2016 Validating certificate key usage Mon Oct 3 2016 ++ Certificate has key usage 00a0, expects 00a0 Mon Oct 3 2016 VERIFY KU OK Mon Oct 3 2016 Validating certificate extended key usage Mon Oct 3 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Mon Oct 3 2016 VERIFY EKU OK Mon Oct 3 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Mon Oct 3 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Oct 3 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Oct 3 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA Mon Oct 3 2016 [server] Peer Connection Initiated with [AF_INET]213.152.161.180:443 Mon Oct 3 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Mon Oct 3 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.48.174 255.255.0.0' Mon Oct 3 2016 OPTIONS IMPORT: timers and/or timeouts modified Mon Oct 3 2016 OPTIONS IMPORT: LZO parms modified Mon Oct 3 2016 OPTIONS IMPORT: --ifconfig/up options modified Mon Oct 3 2016 OPTIONS IMPORT: route options modified Mon Oct 3 2016 OPTIONS IMPORT: route-related options modified Mon Oct 3 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Mon Oct 3 2016 ROUTE_GATEWAY 10.42.0.1/255.255.255.0 IFACE=wlp1s0 HWADDR=xx:xx:xx:xx:xx:xx Mon Oct 3 2016 TUN/TAP device tun0 opened Mon Oct 3 2016 TUN/TAP TX queue length set to 100 Mon Oct 3 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Oct 3 2016 /sbin/ip link set dev tun0 up mtu 1500 Mon Oct 3 2016 /sbin/ip addr add dev tun0 10.4.48.174/16 broadcast 10.4.255.255 Mon Oct 3 2016 /sbin/ip route add 213.152.161.180/32 via 10.42.0.1 Mon Oct 3 2016 /sbin/ip route add 0.0.0.0/1 via 10.4.0.1 Mon Oct 3 2016 /sbin/ip route add 128.0.0.0/1 via 10.4.0.1 Mon Oct 3 2016 Initialization Sequence Completed $route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 10.42.0.1 0.0.0.0 UG 600 0 0 wlp1s0 10.4.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0 10.42.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0 128.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0 213.152.161.180 10.42.0.1 255.255.255.255 UGH 0 0 0 wlp1s0 $ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.42.0.9/24 brd 10.42.0.255 scope global wlp1s0 valid_lft forever preferred_lft forever inet6 <removed>/64 scope link valid_lft forever preferred_lft forever 3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100 link/none inet 10.4.48.174/16 brd 10.4.255.255 scope global tun0 valid_lft forever preferred_lft forever inet6 <removed>/64 scope link flags 800 valid_lft forever preferred_lft forever i don't usually touch my iptables directly but here's the output: $iptables -L Chain INPUT (policy DROP) target prot opt source destination ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- anywhere anywhere ufw-before-forward all -- anywhere anywhere ufw-after-forward all -- anywhere anywhere ufw-after-logging-forward all -- anywhere anywhere ufw-reject-forward all -- anywhere anywhere ufw-track-forward all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ufw-before-logging-output all -- anywhere anywhere ufw-before-output all -- anywhere anywhere ufw-after-output all -- anywhere anywhere ufw-after-logging-output all -- anywhere anywhere ufw-reject-output all -- anywhere anywhere ufw-track-output all -- anywhere anywhere Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ufw-user-forward all -- anywhere anywhere Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ufw-not-local all -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 ufw-user-input all -- anywhere anywhere Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-user-output all -- anywhere anywhere Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 DROP all -- anywhere anywhere Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-output (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ACCEPT udp -- anywhere 213.152.161.180 udp dpt:https ACCEPT all -- anywhere anywhere any help would be great. let me know if you need anymore info.

Two different topics in the same post since I can only make a single post a day. Sorry. First, what is the proper way to set the.ovpn configuration file in order to enable VPN through Tor? I have attempted using 127.0.0.1 as the SOCKS proxy but that has not worked. Maybe it has something to do with the control port? Second, I have been able to get Eddie started on CentOS 7, but for some reason, Eddie does not connect to any server. I used all default settings once, and then disabled DNS check. Posting relevant log below: I 2016.09.30 12:22:37 - Session starting. I 2016.09.30 12:22:38 - Checking authorization ... ! 2016.09.30 12:22:38 - Connecting to Gemma (Canada, Vancouver) . 2016.09.30 12:22:38 - OpenVPN > OpenVPN 2.3.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug 23 2016 . 2016.09.30 12:22:38 - OpenVPN > library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06 . 2016.09.30 12:22:38 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 . 2016.09.30 12:22:38 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file . 2016.09.30 12:22:38 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2016.09.30 12:22:38 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2016.09.30 12:22:38 - OpenVPN > Socket Buffers: R=[212992->262144] S=[212992->262144] . 2016.09.30 12:22:38 - OpenVPN > UDPv4 link local: [undef] . 2016.09.30 12:22:38 - OpenVPN > UDPv4 link remote: [AF_INET]##.##.###.###:443 . 2016.09.30 12:23:10 - OpenVPN > [UNDEF] Inactivity timeout (--ping-exit), exiting . 2016.09.30 12:23:10 - OpenVPN > SIGTERM received, sending exit notification to peer . 2016.09.30 12:23:15 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting ! 2016.09.30 12:23:15 - Disconnecting . 2016.09.30 12:23:15 - Connection terminated. I 2016.09.30 12:23:16 - Cancel requested. ! 2016.09.30 12:23:16 - Session terminated. If any advancements have been made in either issues, I would greatly appreciate any news - even if it's bad news.

Hi I am new with setting up openvpn on routers. Actualy it is my first time with VPNs. I followed the 'How-to' section for setting up the AirVpn on DD-WRT but it didn't work. What I mean is even though I filled in all the boxes like in the tutorial "https://airvpn.org/ddwrt/" nothing happened. I am still connected to the internet with the IP given by my ISP. Nothing seems to have changed. My ISP cable is connected directly to my personal router's WAN port. Connection type PPPoE. Router model: TP-Link WR1043ND v2 The maximum speed from my ISP is 300Mb/s. Attached are pictures with my settings. I searched on the forum for a similar problem but I couldn't spot it. If I missed it please let me know. If you need more details just tell me how to get it. Thanks

It repeats this over and over but I haven't had any problems using your service up to now. Sun Jun 23 17:00:18 2013 OpenVPN 2.2.1 x86_64-linux-gnu [sSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [iPv6 payload 20110424-2 (2.2RC2)] built on Feb 13 2013 Sun Jun 23 17:00:18 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sun Jun 23 17:00:18 2013 LZO compression initialized Sun Jun 23 17:00:18 2013 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ] Sun Jun 23 17:00:18 2013 Socket Buffers: R=[87380->131072] S=[16384->131072] Sun Jun 23 17:00:18 2013 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Sun Jun 23 17:00:18 2013 Local Options hash (VER=V4): '958c5492' Sun Jun 23 17:00:18 2013 Expected Remote Options hash (VER=V4): '79ef4284' Sun Jun 23 17:00:18 2013 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 [nonblock] Sun Jun 23 17:00:18 2013 TCP connection established with [AF_INET]127.0.0.1:1413 Sun Jun 23 17:00:18 2013 TCPv4_CLIENT link local: [undef] Sun Jun 23 17:00:18 2013 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413 2013.06.23 17:00:18 LOG5[2676:140584081340160]: Service [openvpn] accepted connection from 127.0.0.1:57934 2013.06.23 17:00:18 LOG6[2676:140584081340160]: connect_blocking: connecting 31.193.12.100:443 2013.06.23 17:00:20 LOG3[2676:140584081340160]: connect_blocking: connect 31.193.12.100:443: Connection refused (111) 2013.06.23 17:00:20 LOG5[2676:140584081340160]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket Sun Jun 23 17:00:20 2013 Connection reset, restarting [-1] Sun Jun 23 17:00:20 2013 TCP/UDP: Closing socket Sun Jun 23 17:00:20 2013 SIGUSR1[soft,connection-reset] received, process restarting

Hi, Am in need of help understanding how things work when using AirVPN config files with OpenVPN on a machine that uses a (mandatory) DirectAccess connection (https://en.wikipedia.org/wiki/DirectAccess). I've got OpenVPN running (as administrator) with an AirVPN config. Once the VPN tunnel is up, if I visit airvpn.org with Firefox, then I am told that I'm successfully connected to an AirVPN server. Can I then assume that all my traffic from Firefox is hidden from anyone that administrates the Windows DirectAccess connection, who may be checking the IPs that I am visiting? Thx

Hi everybody! I'm new here, thanks for the service and thanks in advance for your help I live in a student dorm and they gave us an internet connection working through a VPN using PPTP dual access. I'd live to connect to an AirVPN server so that they can't see my traffic. But it is not working! I just payed a trial of 3 days and using it through a wifi hotspot of my smarthphone it works, while being in the offered network it doesn't. The error it gives me is this one: and then it stays there.. Ask me if you need some logs or what else! Thank you