Status

Forums

Contact Us

Client Area

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Technical Specs

(*) OpenVPN 2.4 or higher required client-side.
(**) OpenVPN 2.3.3 or higher required client-side.

DATA CHANNEL CIPHERS
AES-256-GCM with 256 bit key for authentication^(*)
AES-256-CBC with HMAC-SHA1 for authentication

CONTROL CHANNEL CIPHERS
AES-256-GCM with HMAC-SHA384 for authentication^(**)
AES-256-CBC with HMAC-SHA1 for authentication

4096 bit RSA keys size
4096 bit Diffie-Hellman keys size
TLS Ciphers (IANA names): TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 ^(**)
TLS additional authorization layer key (tls-auth): 2048 bit
Perfect Forward Secrecy through Diffie-Hellman key exchange DHE. After the initial key negotiation, re-keying is performed every 60 minutes (this value can be lowered unilaterally by the client)

Restrictions

Outbound port 25 blocked to prevent spam.

VPN DNS Server

Every VPN server has its DNS server, directly finds out information about the root servers, top level domains and authoritative name servers.
Our DNS servers are neutral, do not ever inject or alter the requests (other services resolve to search results, try to fix typo etc).
Where ICANN or root servers themselves interfer with censorship, we may apply specific censorship fix to our DNS server. See "AirVPN does not recognize ICANN authority anymore" topic for more informations.
Using our DNS allows our customers to use our anti-geolocation discrimination features. For example, visit a website that allows only United States connections from a Netherlands VPN server.
It's recommended to use our DNS server to avoid censorship and use our anti-geolocation features.
For any kind of issue about censorship or geolocation restriction you encounter using our services, please feel free to write us in our forums or write a support ticket.

Web Server - airvpn.org

Web site supporting Perfect Forward Secrecy, Secure Renegotiation, TLS up to 1.2, DHE, ECDHE and HSTS.
No external tracking applications or cookies from third parties.
See Qualys SSL Labs for a peer review of our web site.

Assigned IP

Port & Protocol	IP	DNS
Port 443 - Protocol UDP	10.4..	10.4.0.1
Port 443 - Protocol TCP	10.5..	10.5.0.1
Port 80 - Protocol UDP	10.6..	10.6.0.1
Port 80 - Protocol TCP	10.7..	10.7.0.1
Port 53 - Protocol UDP	10.8..	10.8.0.1
Port 53 - Protocol TCP	10.9..	10.9.0.1
Port 2018 - Protocol UDP	10.30..	10.30.0.1
Port 2018 - Protocol TCP Port 2018 - Protocol SSH Port 2018 - Protocol SSL	10.50..	10.50.0.1

Subnet-Mask: 255.255.0.0

Restrictions

VPN DNS Server

Web Server - airvpn.org

Assigned IP

Sign In