Jump to content
Not connected, Your IP: 3.233.217.242

Search the Community

Showing results for tags 'router'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 59 results

  1. Hello all, If I read and understand the forum correctly, I’m not the only one who is unable to set up a port forwarding with vpn. Because I have tried all sorts of things and cannot find a solution, I’m curious if there is someone who can help me out on this. What I want to do: I want to acces my NASserver and my Webcam from outside my network. This requires three ports. I chose Air vpn because they support port forwarding and I bought an Asus router (RT-AC66U) that has a vpn-server and that also has a vpn-client. My network configuration is set as follows: - modem / router from ISP (iprange 192.168.xxx.xxx) - behind it the Asus router (iprange 192.169.xxx.xxx) - WAN port Asus router is connected to LAN port of ISP - behind Asus router an additional router (sitecom) that serves as an "amplifier". These routers are connected by a cable between LAN. The sitecom router has a fixed IP address within the range of the Asus router. - DHCP from sitecom is switched off. Asus router controls the allocation of IP addresses and handling of internet traffic. This setup has always worked great (without VPN). After setting up a vpn-client, all computers, phones etc can acces the internet without any problems. The NASserver is able to make a backup via a built-in SSH to a server at a different location (outside LAN). It is no longer possible to access the NAS server from outside the LAN via http / ftp / sftp. I tried the following to get it working: - vpn server enabled / vpn client disabled - vpn server enabled & vpn client enabled - nasserver provided with ipadress within range of vpn-server - routes - Port forwarding set from VPN server to LAN and vice versa I don't get it working. Thanks in advance for your tips and help Kind regards, Ivo
  2. Using AirVPN with OpenWRT This guide is for users who want to set up a OpenWRT (Chaos Calmer) router and have it already up and running without modification. This guide will work with a router that has more than one network interface and at least 8 MB flash (because of the dependencies). Please backup your router first!!! 1. Set up the wan interface as a dhcp client, that way you can use your router at most of the isp boxes. 2. Set up a wireless network with the name and password of you choise, a dhcp server. (Please note that you should use WPA2-PSK). 3. Connect to your new wireless network. 4. Unbridge the LAN interface(s). Go to "Physical Settings" of the LAN interface(s) and uncheck the "creates a bridge over specified interface(s). Check the interface button of your new wireless network. 5. Connect to your router via SSH. 6. Install dependencies for the openvpn setup. First update the packages, than install openvpn and nanoopkg update opkg install openvpn-openssl opkg install nano 7. Backup the openvpn files mv /etc/config/openvpn /etc/config/openvpn_old 8. Create a new interface called airvpncat >> /etc/config/network << EOFconfig interface 'airvpn' option proto 'none' option ifname 'tun0'EOF 9. Use the "Config Generator" of Airvpn to create the openvpn files. Please select the "Advanced Mode" and check "Separate keys/certs from .ovpn file" and"Resolved hosts in .ovpn file". Save the files on your machine. 10. On the router move into the openvpn folder cd /etc/openvpn 11. Use nano to create all the required files on your router.Copy and paste the following files "AirVPN_**************.ovpn, ta.key, ca.crt, user.crt, user.key".Rename the "AirVPN_**************.ovpn" into airvpn.conf for usability.nano airvpn.conf nano ta.key nano ca.crt nano user.crt nano user.key The air.conf should look like this clientdev tunproto udpremote xxx.XXX.xxx.XXX XXXresolv-retry infinitenobindpersist-keypersist-tunremote-cert-tls servercipher AES-256-CBCcomp-lzo noroute-delay 5verb 3ca ca.crtcert user.crtkey user.keytls-auth ta.key 1 12. Create a firewall zone for the vpn.cat >> /etc/config/firewall << EOFconfig zone option name 'air_firewall' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'airvpn' config forwarding option dest 'air_firewall' option src 'lan' EOF 13. Reboot router 14. Test openvpn configurationopenvpn --cd /etc/openvpn --config /etc/openvpn/airvpn.confAt the end it should show "Initialization Sequence Completed"Stop openvpn with "Ctrl-C". 15. Use the Airvpn DNS (here Port 443 - Protocol UDP) and reboot. Please change if you use different port (https://airvpn.org/specs/)uci add_list dhcp.lan.dhcp_option="6,10.4.0.1"uci commit dhcpreboot 16. Secure against IP Leak, backup old firewall and create new firewall rules mv /etc/config/firewall /etc/config/firewall.backup cat >> /etc/config/firewall << EOF config defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' option network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'wan' option output 'ACCEPT' option forward 'REJECT' option network 'wan' option input 'ACCEPT' config zone option name 'airvpn' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'airvpn' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fe80::/10' option src_port '547' option dest_ip 'fe80::/10' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config include option path '/etc/firewall.user' config forwarding option dest 'airvpn' option src 'lan' EOF TEST WITH ipleak.net...It worked that way with my router, i would be happy if someone else could verify my setup.
  3. I am running XP Pro, but would prefer to install AirVPN on my router (MikroTik hex rb750gr3). I'm finding conflicting info on whether or not this is possible, and hoping someone here can decipher this, and provide a definite answer. From what I have been able to figure out, the AirVPN client is not compatible, which leaves OpenVPN client as the only possibility. Here things become murky. According to MikroTik site (https://wiki.mikrotik.com/wiki/OpenVPN) it is supported. According to other forums, it is not supported very well. I'd like to hear opinions as to whether or not installing AirVPN on my router is likely to be successful, or more likely a waste of time. If the latter, any suggestions for a replacement router to buy? Note that I will purchase 'wired-only' routers, and my budget ends at $300. I never buy any sort of wireless, wi-fi, or bluetooth devices. So far, the only 'wired-only' routers I have found are Cisco and Ubiquiti brands.
  4. Hello, I was curious what would happen if I used AirVPN with ASUS Merlin router and have Eddie installed on a windows 10 workstation at the same time. Obv trying to avoid IP leaking. Would using AirVPN on an ASUS router with Merlin be just as reliable as the Eddie software? Eddie has been rocksolid and as far as I know has never had a leak, the network lock works great.. But I would really love to switch things up and get a new router with AirVPN installed on it. I have concerns that the killswitch or lock on the router is not as realiable as Eddies custom client. On the ASUS router, if I use the .ovpn file from AirVPN and also configure the killswitch policy rules to only let out VPN connections would that be just as reliable as the Eddie client? Is it possible to install the client on the PC along with AIR on the router? That way most of my devices will use the router vpn and a couple workstations can use the Eddie client and connect to the VPN router, kinda like a double killswitch. Im just looking for ideas or any feedback. Which would you guys trust more... the killswitch on router or network lock on eddie? Thank you!
  5. Hello, I was messing around with a local web page hosted on my raspberry pi for local projects, and using that web page works fine from my pc which has an ethernet cable to my router. However when I try to access the page with my android phone, I cannot connect to the web page. I can also not reach my router admin page from my android device, something that DOES work on my pc... All three devices: pc, android phone, raspberry pi are running on AirVPN. The moment I disconnect from the VPN, I can access the admin panel and the website from my phone. Is there a way to make devices connected via wifi while using the VPN able to access my router / other local machines? Thanks in advance.
  6. Someone I might know has found recently while torrenting the download speed suddenly drops dramatically to almost zero and on many occasions the modem router suddenly loses line sync. Prior to disconnection openvpn (running in a terminal window) reports numerous possible replay attacks. Setup is Ubuntu 16.06 LTS running openvpn with ovpn files from config generator (keys separate, hosts resolved). Numerous different servers and ports have been tried. ovpn files modified to run update-resolv-conf on up / down. ipv6 disabled in grub.cfg. ufw used to deny all incoming ports except 67,68/udp 80,443/tcp and the airvpn mapped port over tcp (further restricted to tun0 interface). Are they just being paranoid or is their ISP or some other actor able to detect torrent activity and cause the router to disconnect?
  7. This is only a solution for people in their home country willing/wanting to bypass the VPN to access their Netflix account. Does not help for out-of-country Netflix access. I was surprised to not see this in the forum, as it's very simple and works. It is a very short script added to the Custom Configuration which pulls the current IP addresses for a domain name (Netflix.com, Hulu.com) and routes those addresses "around" the VPN. allow-pull-fqdn route www.netflix.com 255.255.255.255 net_gateway So far I've been using this for a day, and had to restart things one time to get it to pick up new addresses. I would like to find a way to run this at regular intervals to add to the IP list (without duplicating addresses already in the list).
  8. Hi. When connected to an AirVPN-server through a VPN-router... Are there any fixed IPs on the VPN-server that can be used to ping for monitoring the quality of the VPN connection (RRD graphs etc)? I used to be able to use 10.x.0.1 but they do not seem to respond to pings anymore. What is the correct IP to use for this purpose? Kind regards,
  9. Step 1: First configure the Tomato VPN client (I am using Shibby's AIO build 134, but any of the recent VPN builds that have policy based routing included should work) so that all traffic is sent through the VPN and ensure that works. Once that is working, you can continue. Getting that working is outside the scope of this guide, and a good guide can be found here. Step 2: On the 'Advanced' tab of the VPN client, check the Ignore Redirect Gateway (route-nopull) option and on the Routing Policy tab, check the Redirect Through VPN option, and add the devices you want to redirect through the VPN. In my case, I added Source IP 192.168.1.120, as this is the only client on my LAN I want to be routed through the VPN. Once that's done, ensure the VPN client is running and see if you have internet access through the tunnel for the specified client. I use ipleak.net to test. You will likely notice that while your IP address is that of the VPN, DNS is still being served by whichever DNS servers your router has configured. This is normal, and is solved in step 3. Step 3: On the Advanced -> DHCP/DNS tab, in the advanced configuration: # Create a tag for clients to use a specific DNS server dhcp-option=tag:vpn,option:dns-server,10.30.0.1 # Tell these clients when they connect to use the VPN tag dhcp-host=XX:XX:XX:XX:XX:XX,set:vpn,hostnameyouwanttouse,192.168.1.120 The XX:XX:XX:XX:XX:XX above is the MAC address of your device's network interface. You can find this easily on the Status -> Device List tab. This line is essentially assigning static DHCP for the client with the MAC address specified. This tells all clients tagged as 'vpn' to use 10.30.0.1 as their DNS server. Disconnect your client that you wish to route through the VPN and reconnect it so that it renews the DHCP lease. You may also need to flush the DNS on the client. On Windows this is done from a command prompt run as administrator and typing: ipconfig /flushdnsNote: I am connecting to air on port 2018 to make QoS rules easier, so that's why you see 10.30.0.1 for the DNS server. Use whichever Air DNS server is appropriate for your connection. Step 4: Now, in Administration -> Scripts -> Firewall add the following: iptables -t nat -I PREROUTING -i br0 -s 192.168.1.120 -p udp --dport 53 -j DNAT --to 10.30.0.1 iptables -t nat -I PREROUTING -i br0 -s 192.168.1.120 -p tcp --dport 53 -j DNAT --to 10.30.0.1 iptables -I FORWARD ! -o tun11 -s 192.168.1.120 -j DROP The first two lines prevent the specified client from specifying their own DNS servers, so if this is an issue for you, these rules will make sure the client always uses Air's DNS server. The third line prevents ANY traffic from that client using anything other than the VPN interface "tun11". Note: tun11 is the interface Tomato creates for VPN Client 1. If you use VPN Client 2 use tun12 instead. Routing an entire bridge: To take this a step further I also created an entire bridge (br1) on a different subnet (172.16.0.1/24), and a virtual wireless network on that bridge that 100% uses the VPN tunnel. The rules for an entire subnet are a little different. Configuring additional bridges and virtual wireless access points in Tomato is outside the scope of this guide. Again, in the VPN Client Policy Routing tab, add the "Source IP" and enter 172.16.0.0/24, then in Advanced -> DHCP/DNS: dhcp-option=tag:br1,option:dns-server,10.30.0.1 This tells all clients that connect to br1 to use 10.30.0.1 as their DNS server. Tomato, by default, tags the clients with the bridge they are connected to, so that's all that is required to tell clients on that bridge to use a different DNS server. Then in the Firewall: iptables -t nat -I PREROUTING -i br1 -p udp --dport 53 -j DNAT --to 10.30.0.1 iptables -t nat -I PREROUTING -i br1 -p tcp --dport 53 -j DNAT --to 10.30.0.1 iptables -t nat -I POSTROUTING -s 172.16.0.1/255.255.255.0 -o tun11 -j MASQUERADE iptables -I FORWARD -i br1 -o tun11 -j ACCEPT iptables -I FORWARD -i tun11 -o br1 -j ACCEPT iptables -I FORWARD ! -o tun11 -s 172.16.0.1/255.255.255.0 -j DROP Again, the first two lines prevent clients from specifying their own DNS servers. The next three lines are required, as Tomato's VPN client doesn't automatically add them for bridges other than br0. Without these, no traffic will move between br3 and tun11 (and hence, you will not get a connection). The last line prevents all traffic on br1 if the VPN is down. Port Forwarding: This is straight from AirVPN's FAQ, copied here for completeness. To forward ports to clients, four firewall rules are required for each port you wish to forward. Here I am forwarding port 12345 (both UDP and TCP) to my one VPN'd client on my main LAN.: iptables -I FORWARD -i tun11 -p udp -d 192.168.1.120 --dport 12345 -j ACCEPT iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.120 --dport 12345 -j ACCEPT iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 12345 -j DNAT --to-destination 192.168.1.120 iptables -t nat -I PREROUTING -i tun11 -p udp --dport 12345 -j DNAT --to-destination 192.168.1.120 Preventing leaks on the main LAN when not using policy routing: If you are not interested in policy based routing, and just want to prevent leaks while routing all traffic through the VPN, make sure you check Redirect Internet traffic in the VPN Client Advanced tab and then the following firewall rules: iptables -t nat -I PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 10.30.0.1 iptables -t nat -I PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 10.30.0.1 iptables -I FORWARD ! -o tun11 -s 192.168.1.1/255.255.255.0 -j DROP The above is completely untested by me as I don't want to route my main LAN (other than a single client) over the VPN. It may cause connectivity issues with the router itself if the tunnel goes down. If someone does test, please come back here and report your results! I hope this guide helps anyone wishing to use Tomato's VPN client to get connected and if you run in to any trouble, I am happy to try and help solve the issue. Troubleshooting: If something isn't working and you've entered everything correctly, I've found that rebooting the client you want routed through the VPN or restarting the VPN client can help. Also, rebooting the router will flush out anything left over between configuration steps and can sometimes solve problems. You can also rebuild the firewall rules in Tomato by going to the Tools->System Commands tab in the interface, and sending service firewall restart. If these don't help, double check that everything is configured appropriately.
  10. Hi, I'm trying to use a NetGear R6300v1 as a VPN Router with the latest DD-WRT build I could find (dd-wrt.v24-36330_NEWD-2_K3.x_mega-R6300). I can establish a TCP/443 connection to AirVPN (using DE or NL servers) and everything is fine in my opinion: There seem to be no DNS leaks and when the VPN goes down the R6300v1 stops traffic over the WAN interface, just as I want it to. With my 100/40 MBit/s NetCologne DSL @ home I see about 15/13 MBit/s VPN Performance on the R6300v1 with TCP, I have not yet seen more than 30% CPU usage on the R6300v1 during Speedtests. Streaming 1080p YouTube videos in a browser window on a PC connected via LAN to the R6300v1 the CPU usage stays below 15%. Streaming 4K video to an iPad connected via 5 GHz WLAN results in 25% to 35% CPU usage on the R6300v1. This is using a TCP connection - I wonder if UDP would give me more performance and if I should strive further to get that up and running? My problem is: With the very same settings - AFAIK I don't have anything TCP exclusive in there - just switching to UDP for connecting to AirVPN I cannot browse anything anymore. DNS resolution still works with UDP, I can ping for example www.heise.de both in Windows and via SSH directly on the R6300v1, I just cannot browse to www.heise.de. On a sidenote, the same is true if I use 'OpenVPN connect' on an iPad (iOS 11.4.1) - when I generate a .ovpn config for TCP/443 to German servers all is well, same config just with UDP/443 not so much on the iPad, too. On a second sidenote, I can get the latest Tomato build I could find for the R6300v1 (tomato-Netgear-R6300V1_RT-AC6x--140-AIO-64K) to do the same and have the same UDP issue as with the DD-WRT load ... I settled for DD-WRT for now because it seems to me the hardware support, especially WLAN AC, is better in the more recent DD-WRT build I'm using. I think I'm either missing something obvious or UDP simply cannot work on the R6300v1 (and an iPad). If anybody has an idea what I should try differently with the settings, I'd very much appreciate the information. Thanks in advance, Kyle
  11. Hello guys, I was wondering if there is a speed limitation while using OpenVPN with Router, technically it's AsusWRT, using Asus AC68. I saw some threads in AirVPN before, but I think they were dragged down to the bottom of the forum, since it's been quite some time. I'm upgrading to get better bandwidth, and I was wondering if this happens. Should it happen, does it have any fixes? Thank you in advance. Best Regards, J.Smith
  12. Hello, I am not sure this is the right section for posting
. As a newb of VPN, I would like to know if anybody has setup a CISCO RV325 router for working with AirVPN and if he could share method and settings...I am currently using ASUS DD-WRT firmware with AirVPN but I had a look at the CISCO emulator and at first sight it does not look so friendly :-( so any help is really appreciated :-) .
 I searched in the forum and I did not find any reference to this device
. Do you think an appliance with pfsense would be more "safe", known the US approach to privacy matter? Thank you
  13. Dear Team, I have installed stunnel on my linksys1900acs ddwrt router. now i am using the airvpn configurations to connect with i am getting following error daemon.err openvpn[28841]: Connection reset, restarting [0] Logs: Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: stunnel 5.20 on arm-openwrt-linux-gnueabi platform Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: Compiled/running with OpenSSL 1.0.2d 9 Jul 2015 Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: Threading:FORK Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: Reading configuration from file /opt/etc/stunnel/stunnel.conf Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: UTF-8 byte order mark detected Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: FIPS mode disabled Jun 11 00:47:08 DD-WRT daemon.info stunnel: LOG6[ui]: Initializing service [openvpn] Jun 11 00:47:08 DD-WRT daemon.notice stunnel: LOG5[ui]: Configuration successful Jun 10 20:48:18 DD-WRT daemon.warn openvpn[28841]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Re-using SSL/TLS context Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Control Channel MTU parms [ L:1624 D:1210 EF:40 EB:0 ET:0 EL:3 ] Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Data Channel MTU parms [ L:1624 D:1450 EF:124 EB:406 ET:0 EL:3 ] Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-client' Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1572,tun-mtu 1500,proto TCPv4_SERVER,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA256,keysize 256,key-method 2,tls-server' Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1413 Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Socket Buffers: R=[87380->87380] S=[16384->16384] Jun 10 20:48:18 DD-WRT daemon.notice openvpn[28841]: Attempting to establish TCP connection with [AF_INET]127.0.0.1:1413 [nonblock] Jun 11 00:48:18 DD-WRT daemon.notice stunnel: LOG5[0]: Service [openvpn] accepted connection from 127.0.0.1:48232 Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: failover: round-robin Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: s_connect: connecting 62.102.148.190:443 Jun 11 00:48:18 DD-WRT daemon.notice stunnel: LOG5[0]: s_connect: connected 62.102.148.190:443 Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: SNI: sending servername: 62.102.148.190 Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: CERT: Locally installed certificate matched Jun 11 00:48:18 DD-WRT daemon.notice stunnel: LOG5[0]: Certificate accepted at depth=0: C=IT, ST=Italy, L=Perugia, O=AirVPN, OU=stunnel, CN=stunnel.airvpn.org, emailAddress=info@airvpn.org Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: SSL connected: new session negotiated Jun 11 00:48:18 DD-WRT daemon.info stunnel: LOG6[0]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: TCP connection established with [AF_INET]127.0.0.1:1413 Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: TCPv4_CLIENT link local: (not bound) Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1413 Jun 11 00:48:19 DD-WRT daemon.info stunnel: LOG6[0]: SSL closed (SSL_read) Jun 10 20:48:19 DD-WRT daemon.err openvpn[28841]: Connection reset, restarting [0] Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: TCP/UDP: Closing socket Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: SIGUSR1[soft,connection-reset] received, process restarting Jun 10 20:48:19 DD-WRT daemon.notice openvpn[28841]: Restart pause, 160 second(s) Jun 11 00:48:19 DD-WRT daemon.info stunnel: LOG6[0]: Read socket closed (readsocket) Jun 11 00:48:19 DD-WRT daemon.info stunnel: LOG6[0]: SSL_shutdown successfully sent close_notify alert Jun 11 00:48:19 DD-WRT daemon.notice stunnel: LOG5[0]: Connection closed: 16 byte(s) sent to SSL, 0 byte(s) sent to socket My OpenVpn config ca /tmp/openvpncl/ca.crtcert /tmp/openvpncl/client.crtkey /tmp/openvpncl/client.keymanagement 127.0.0.1 16management-log-cache 100verb 3mute 3syslogwritepid /var/run/openvpncl.pidclientresolv-retry infinitenobindpersist-keypersist-tunscript-security 2dev tun1proto tcp4-clientcipher aes-256-cbcauth sha256remote 127.0.0.1 1413comp-lzo notun-mtu 1500mtu-disc yesresolv-retry infinitenobindpersist-keypersist-tunauth-nocacheverb 5route 62.102.148.190 255.255.255.255 net_gatewayremote-cert-tls servercipher AES-256-CBCkey-direction 1 My Stunnel Configclient = yesdebug = 6 [openvpn];ciphers = DHE-RSA-AES128-SHA256accept = 127.0.0.1:1413connect = 62.102.148.190:443TIMEOUTclose = 0verify = 3CAfile = /opt/etc/stunnel/stunnel.crt
  14. Hi, I just purchased the ASUS RT-AC66U B1 router and intended to configure it to work with AirVPN. I visited the client area to download the configuration file for routers and also followed the asuswrt guide but it doesn't seem to work as I lose connection. Can anyone please help me as I have already updated the router to the latest firmware. Thanks.
  15. Hello, I set up airVPN on my mini router using a custom build of openWRT from GL.inet but when I run ipleak and whoer it comes back with a ton of DNS leaks (50+). When I changed the DNS from "Keep blank to use default DNS" to Custom DNS of 10.4.0.1 and 10.5.0.1 then airVPN can no longer connect at all! I've also tried checking the box that says: "Force all clients to use: [ ] Override Clients' DNS setting" but it doesn't solve the issue. After setting the Custom DNS, airVPN disconnects and says the following over and over: RESOLVE: Cannot resolve host address: America.vpn.airdns.org:1194 (try again) Could not determine IPv4/IPv6 Protocol SIGUSR1 [soft,init_instance] received, process restarting Thoughts? NOTE: When NOT connecting through the router, and just firing up Eddie on my mac, I get no leaks.
  16. EDIT: Hello all In order to get an Internet connection i need to reset dns and ip settings everytime after being connected to AirVPN. Help and information about any of this is greatly appreciated. Thanks for reading. SOLVED using merlin user scripts.
  17. Guest

    router backdoors

    hi all, i've been having problems with my internet connection and my ISP switched my router and other things. I was wondering, being that the firmware is not open source, is there any other way to check whether the router has a backdoor installed? thanks
  18. Hi, After I've forwarded the right port in AirVPN client area and put the right settings in qBittorrent, I finally get great speeds while connected to the VPN service. However, the speeds (for torrents), seem to fluctuate heavily between 0 and 200Mbit (my max speed). I have the feeling it is because of some setting or limit somewhere that high speeds cannot be sustained. Here is a screenshot of the Eddie speed: More info: - Using network lock - Using OS X 10.12.6 - Using an SSD - Using Asus AC-3200 router - Only using the utun3 network interface in qBittorrent - Used settings described here for qBittorrent - Disabled firewall on router - Looked for any settings in my router that might impede sustained speed like ICMP flood detection but cannot find those - Using port forwarding in client area Is this normal behaviour? I don't really mind it for the time being, as speed is much faster than before, however maybe I'm missing a setting that could prevent this?
  19. I normally use AirVPN with openvpn in my computer, with openresolv to allow openvpn to connect to the server then change the DNS so it is tunnelled through the VPN connection. The openvpn config file I downloaded specifies a country, not a particular server, so DNS resolution is needed initially to make the connection. However I am interested in putting the VPN inside a router instead, and I have been experimenting. Looking at the instructions for ddrwt and here: https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses/ it seems it will not be possible to continue using my existing per-country configuration, as I need to give a specific IP address, ie choose just one server (and edit the .ovpn file accordingly). At the moment, I am using an OpenNIC DNS server in parallel with the VPN one instead, but I'd rather not continue to do this. Am I right in thinking each query goes to both DNS servers (rather than using the second one only if the first doesn't return an IP address)? Is there a way to select a country or region, rather than a specific AirVPN server, in this situation? I want to continue using openvpn manually as I understand and trust this method. I am also more familiar with the command line (ssh into the router) than LEDE/OpenWRT, which is new to me.
  20. Problem: I have devices on different subnets ( 192.168.15.x, 192.168.35.x ) and would like for them to be able to discover each other. Specifically I want them so see each others minecraft (bedrock/pocket) worlds. the 15.x network is the "privileged" home network, where as the 35.x network is intended as guest-wifi network with no internet access ( also vpn clients would be given a IP here ) currently they cannot see each other - if I add a route with 192.168.15.x to the vpn config then vpn clients can access webservers in this subnet but minecraft clients still can't see each other. My router is a N66 running tomatoUSB and both subnets are entirely controlled by it. Question: Is this even possible? If so - how? Any help would be appreciated I currently do not know enough to even successfully google for marginally useful information
  21. Hi AirVPN users! OpenVPN 2.4.2 has been released for DD-WRT, see http://svn.dd-wrt.com/ticket/5830#no1 Changesets can be found here for any other updates http://svn.dd-wrt.com/search?q=openvpn&noquickjump=1&changeset=on You can find the latest builds from ftp://ftp.dd-wrt.com/betas/2019 but please choice builds higher then 06-01-2017-r32170 but before you upgrade! please type in your router model here to rule out any known bugs! http://svn.dd-wrt.com/ if okay then go a head and upgrade Keeo in mind any lower builds dont have the vulnerabilities patch https://ostif.org/the-openvpn-2-4-0-audit-by-ostif-and-quarkslab-results I can myself confirm build ftp://ftp.dd-wrt.com/betas/2017/07-19-2017-r32753/ Is working great for my TP-Link router
  22. Hi there, I'm hoping someone may be able to assist me with a configuration for my router. My setup is that I'm running a DD-WRT based router with three wireless networks and four devices using a wired connection to the router. Half of my local network is allocated to my DHCP pool for most of these devices. I have my VPN up and running fine, however I would like to do something more advanced with my setup. I would like to split up my network somewhat so that two of the wireless networks as well as the wired computers that all get their IPs from the DHCP pool utilize the VPN for their internet traffic while the devices outside of the DHCP pool and on the third wireless network do not use the VPN. I have the Policy Based Routing setup with the subnet of the DHCP pool and I've been playing around with my IPTables configuration, but I'm hitting a wall trying to keep the traffic split. Any help for this would be greatly appreciated. Thanks in advance, Miko
  23. hi airvpn forums, i have been using airvpn for 20 days now and the service as a whole has exceeded my expectations. i'm currently getting the following pop up notification and message in my logs. "Warning: route gateway is ambiguous: 192.1xx.x.xxx (2 matches)" i'm still able to connect to the internet. i pass ip, dns and torrent detection tests at ipleak.net. i have seen a similar post in these forums but they had connectivity issues because of it. is this leaking my ip/details to the public? or is there anything else (security or otherwise) i should be worried about? billion model bipac 7404vgpx, latest version of windows 10, eddie 2.12.4 with network lock activated. my logs are attached. the warning in this file can be found 16 lines from the bottom. i receive the warning at the beginning or during a session. warning gateway is ambiguous.txt
  24. Hello, I've created a router config and set it up on my router, but the traffic is not going through the VPN. Here is a part of the generated router config without the certificates: clientdev tun proto udp remote us.vpn.airdns.org 443 resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server cipher AES-256-CBC comp-lzo no route-delay 5 verb 3 explicit-exit-notify 5 Here is my router log: Mar 22 09:11:09 RT-N56U: WAN up (eth3) Mar 22 09:11:09 dnsmasq[397]: read /etc/hosts - 3 addresses Mar 22 09:11:09 dnsmasq[397]: read /etc/storage/dnsmasq/hosts - 0 addresses Mar 22 09:11:09 dnsmasq-dhcp[397]: read /etc/dnsmasq/dhcp/dhcp-hosts.rc Mar 22 09:11:09 dnsmasq[397]: using nameserver 167.206.10.178#53 Mar 22 09:11:09 dnsmasq[397]: using nameserver 167.206.10.179#53 Mar 22 09:11:09 miniupnpd[449]: version 1.9 starting UPnP-IGD ext if eth3 BOOTID=1490188269 Mar 22 09:11:09 miniupnpd[449]: HTTP listening on port 17455 Mar 22 09:11:09 httpd[445]: Server listening port 80 (HTTP). Mar 22 09:11:10 RT-N56U: starting OpenVPN client... Mar 22 09:11:10 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:11:10 kernel: br0: port 3(rai0) entered forwarding state Mar 22 09:11:10 kernel: br0: port 2(ra0) entered forwarding state Mar 22 09:11:10 kernel: br0: port 1(eth2) entered forwarding state Mar 22 09:11:19 NTP Client: Synchronizing time to pool.ntp.org. Mar 22 09:11:22 NTP Client: System time changed, offset: 2.135226s Mar 22 09:12:13 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:13:15 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:14:17 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:15:19 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:16:21 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:17:23 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:18:25 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Mar 22 09:19:27 openvpn-cli[476]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Attaching a screenshot from my router admin config: Can you please help me troubleshoot? Thanks!Jim
  25. Hello, In the "Guide to Getting Started + Links for Advanced Users" under "Which other steps can I take to increase my privacy and security" it states: If you're looking for a technical challenge, you can install pfSense on a very powerful computer, to make it act like a router, so that all devices connected to your Wi-Fi will be covered by the VPN.If you're a geek or networking enthusiast, you can also check out things such as the Turris Omnia router, which offers very powerful hardware & software. So my question is: What is the functional difference between the two? One's a small computer you recommend turning into a router. The other is basically a supped up open source router running openWRT. Upon inspection, I'm not quite sure why this router (Turris Omnia) was recommended over something like the Asus RT-AC5300. I'm essentially looking for the most secure router possible.
×
×
  • Create New...