Jump to content


Member Since 27 Mar 2016
Offline Last Active Today, 11:48 AM

#71550 Bootstrap Error Notification

Posted by LZ1 on 14 April 2018 - 11:59 PM



That post belongs in the beta thread, as you're using the beta client. But you mentioned it yourself in that thread already.


There's no solution yet - at least nothing by Staff. Likely because they're working on the next beta release as we speak and will address it during or after that release :).

#71457 Please remove more german servers

Posted by LZ1 on 10 April 2018 - 04:25 PM


i was drunk and had a bad day when i posted.

But still: adding new servers in countries where is low usage? And german servers are full..

I dont like that.

Norway - 5 server - 114 user

Germoney - 8 server - 620 user

No good load balancing



This is Airs policy regarding placement.


So it's therefore not based on how many users there are. But German servers are not fulland it's misleading to say so. As of now, not 1 has reached even 50% load.


But I completely agree that we should consider naming it Germoney on April 1st or something. ;)






  • Don't write in full caps.
  • Please supply logs, in your own thread, instead of hijacking this one. If you don't know how or where, then do refer to the link in my signature, thank you.
  • Wild guess: You're using Eddie, so go to Eddie's Menu>Preferences>DNS>Uncheck "Check Air DNS" and Preferences>Advanced>Uncheck "Check if Air tunnel works". Hit save. Re-connect.
  • If you want official Air support, this is where to get it.

#71381 Comparison with Witopia

Posted by LZ1 on 06 April 2018 - 06:43 PM



Welcome to AirVPN!


We're associated with the question on these boards, so naturally we're susceptible to being biased and so I won't pretend to be impartial, but I'll try to be fair of course.


I took a browse through what I think to be their site and I think there's a world of difference:    


  • No native Linux client and apparently none other, which is FOSS(Free and Open Source Software). Instead, they rely on Network Manager and this is only on Ubuntu-derived systems it seems.
  • Their product is segregated into basic and pro, instead of one-size-fits all.  Which means not all users get access to the same features. The personal one only supplies broken protocols, such as L2TP.
  • They disallow the sharing of an account. So if you set up their product on a router and thus extended use of their product to other people's devices in your home, you would be breaching their ToS.
  • They say you must use WiTopia "reasonably" in their ToSand say it's in their sole discretion to determine what that is. Otherwise they may suspend your account.
  • Their product is subject to US export controls(!) and so you may not use it in certain countries such as Iran, Cuba, Sudan, Syria and others. Which is otherwise where human-rights activists need it most.
  • They use Google Analytics on their website, while thinking that in their privacy policy, that an opt-out plugin is the solution for it, instead of just not using Google in the first place.
  • They accept DMCA claims.
  • It's seemingly not possible to setup their product on your own router, so you must buy one of their pre-configured routers. Which is an issue for many reasons, if this is accurate.
  • "Full Support for openVPN SSL, L2TP/IPsec, Cisco IPsec, PPTP, and 4D Stealth™" I thought they were joking with 4D Stealth, but they repeat it on their purchasing page, so...
  • Stating they're a "We’re a pure privacy and security service provider with nothing to compromise that standard." And yet they use Google. But also if not, that's a tall claim, which has little real meaning.
  • Their client appears to use Google maps for its server lists.
  • Their clients "Low Profile Mode" makes little sense to me: "For those of you who truly want to be off the grid. Low Profile Mode disables the client’s location detection features as well as updates. We don’t recommend this as it lessens the functionality and experience in our opinion, but we thought we’d provide the option just the same."
  • They only offer AES-256 at certain locations.
  • If you want the maximum out of their product, like access to the OpenVPN protocol, you must buy at least a 6 month subscription. While their "basic" lineup makes a monthly subscription lineup possible.
  • There's only 2 payment methods. Credit Card or Paypal. No cryptocurrencies.
  • They self-certify the EU-US safe-harbor agreement. Including in their privacy policy. But that agreement died in 2015 thanks to a lawsuit and the link on their checkout page is dead anyway.
  • Even their link on their privacy policy page to their own certification is dead.
  • SSL labs couldn't connect to witopia.net to make an assessment and the same is true for hpersonalvpn.com/ (the part of witopia which doesn't deal with secure email).
  • Their latest reviews, which they show on their frontpage, are from 2011. While their newest testimonials are from 2008 and 2007(!).
  • They don't support custom router configurations and it seems most would need to buy routers from witopia, for it to be fully supported. 
  • In their comparison chart, the Encryption field is blank for the non-Pro subscription. So what does that mean, that there's no encryption for L2TP/PPTP/IPSEC? There's a clear attempt to upsell.
  • Their client doesn't appear to be supply any kind of killswitch or similar additional security. As such, their only fix for WebRTC leakswas to tell users to install addons or change about:config.
  • If their blog is any indication, they last deployed a server in 2013/2014. But they're using an image overlaid with their own logo, of serverracks belonging to none other than Facebook. :lol:
  • They don't seem to do remote port-forwarding.
  • They don't do free trials due to scammers and spammers that "that dirty up our network and IP address space"(?). So they ask you to trust them to honor their 30-day money back guarantee.
  • No DNS micro-routing by the looks of it.
  • No talk of support for IPv6 anywhere.
  • No apparent live stats on their infrastructure, how its doing, how other users are performing or anything.
  • Their "Quick Connect" client feature suggests the client knows your location and can't function if it doesn't(!). One can wonder if this location is then shared with 3rd parties. They also assume proximity = better connection.

Mirroring the prior bullets point by point, Air by contrast:

  • Native Linux client and it's all FOSS. While using Air through Network Manager is possible, but not recommended.
  • Air has no tiered usage. So all premium users get the same things and only OpenVPN is supported.
  • Air is fine with account sharing I think. Certainly no limitation if done through a router.
  • Air accepts any degree of usage, so you can download as much as you want. Only free trials may see a limit of some sort.
  • Air is not subject to any controls. Certainly not US export controls.
  • Air uses no 3rd party tracking on the site. Only internal analytics, using Piwik (Now Matomo). So both the analytics and support is on a closed-loop.
  • Air rejects DMCA claims flat out.
  • It's easily possible to use Air with a router. Indeed many do, with custom firewalling and other hardware too, to get the best performance.
  • Air doesn't use words like "Stealth", because the only thing stealth features hide, is what they actually do. There's no need either, as there's SSL, SSH and Tor.
  • Air tries to avoid overselling.
  • Air doesn't use any Google maps in their client or similar notorious companies.
  • Air has no "low-profile mode" because it's not needed. Network Lock does the job and well.
  • Air uses the same high encryption across the board and the website is equally good too.
  • All users get the same protocols and you can also buy a subscription which only lasts 3 days.
  • Air supports many payment methods, including a whole host of cryptocurrencies. Including, recently, without any middle men. So it's possible to use Air completely anonymously if done right.
  • Air is in Europe and therefore subscribes to a lot of European law already, with no need for anything export-related.
  • Airs site gets A+ ratings on SSL labs.
  • Air has recurring reviews in all sorts of places. If not from this year, then the last and without any affiliate marketing. As well as an active forum and announcement section.
  • Air doesn't sell any hardware or email related stuff, but supports router configurations and many mobile ones too.
  • Air has an entire page almost entirely dedicated to encryption alone.
  • Air has Network Lock in its client, which helps as a killswitch on 3 different platforms and for that reason and others, Air didn't find the WebRTC debacle to be an issue.
  • Air is really careful with where it sets up a server, announces new locations frequently and doesn't use images. Certainly not ones from the inside of a Facebook datacenter 8d .
  • Air has remote port-forwarding. Which helps with many applications - not least torrenting, which Air supports fully.
  • Air has free trials. Especially on the basis of human rights-related activity.
  • Air has micro-routing, which is useful for getting access to different online content, regardless of location. So unlike Witopia, you don't need to connect to UK to access UK content.
  • Full IPv6 being implemented.
  • Pretty much as open as can be, on infrastructure, with information on every server and its performance.
  • Airs Eddie client doesn't need to know your location (and doesn't) to connect to somewhere automatically, as it simply calculates the best route based on different metrics each time.

Actual performance, customer service quality and general trustworthiness I can't really say anything about. I've made the comparisons I care to make, that one can see from a website. There's always lots of technical details one could compare too, such as if there's entry and exit IPs, if Perfect Forward Secrecy is supported, key sizes, cipher suites, APIs and so on. But it's meaningless to most people.


Some drawbacks for Air is the lack of an Air client on mobile, despite of course being able to use other clients, but Staff seem to be playing with the idea of releasing one sometime in the future. Other drawbacks could include only supporting one protocol and not supplying the famed 24/7 support. Being too technical has also been a criticism; which I then tried to help, by making the guide you can see in my signature. I can't think of much else that Air is really missing.


I also want to point out:


  • Faster support doesn't necessarily mean it's better. The techs you get in contact with aren't necessarily that knowledgeable.
  • Being able to connect to more locations, doesn't necessarily mean all those locations are real, bare-metal ones. I actually doubt they are,for Witopia. (How can they not be allowed to export to Iran/Syria etc. but have Russian servers?)
  • The privacy policies between the two pretty much couldn't be more different. Here's Witopia's and here's Airs. One is general. The other is specific.


But since you're still with Witopia, could you ask their support what their 4D Stealth technology is all about? It would be interesting if they supply any details.

#71350 no latency value for servers

Posted by LZ1 on 04 April 2018 - 08:23 PM



There's a Staff answer on the same issue here.


And something related here.

#71288 Can google still see my activity?

Posted by LZ1 on 02 April 2018 - 10:08 PM



I don't know which article you read, but it sounds a lot like a recent FUD article that Staff/Paolo recently rebutted.


if you search with Google they can see exactly where you are, what you are searching and where any downloads are going.


Air changes your IP, so Google sees things coming from an Air IP, not yours. So in those terms, you're hidden. It's not really important that Google can see what is being done on their own products, but whether you can be uniquely identified or not. Which you can be to an extent, if you don't take the precautions you mentioned - including other ones, such as using some quality addons which block all manner of ads, trackers, scripts and whatnot.


FYI, there's no WebRTC leak if you use Network Lock. It was quite a hyped problem, but mainly affected Airs competitors, but not Air itself.


my IP from seeing my stuff which I think is just wrong but I have searched and cannot find anything on this.


I assume you mean your ISP. In which case it's correct that Air hides what you're doing, from your ISP. Especially so, as Air also supplies their own DNS, so that your queries aren't being sent to your ISP DNS. But the ISP can still see that you're using a product like Air, unless you take additional steps such as using a second VPN or protocols like SSH and SSL, which Eddie supplies.


But you know, there's a fairly straightforward answer if this bothers you: don't use Google :). There's many other search engines you could use instead.


Besides all that, there's plenty other things you could do.

#71273 Connection problem

Posted by LZ1 on 02 April 2018 - 11:08 AM

Thank you.


When I downloaded the Beta client 2.14.2 on Windows 8, I also started getting this error:


W 2018.04.02 03:11:58 - Windows WFP, Add rule failed: Interface ID '{CABC915F-0843-49E3-A721-B9009AFF687F}' unknown or disabled for the layer.:<rule name="NetLock - Interface - Allow {CABC915F-0843-49E3-A721-B9009AFF687F} - IPv6" layer="ale_auth_recv_accept_v6" action="permit" weight="1000"><if field="ip_local_interface" match="equal" interface="{CABC915F-0843-49E3-A721-B9009AFF687F}" /></rule>


What worked was turning off Network Lock and reconnecting. I couldn't find any other solution to it. You may want to post in the Beta client thread about that error, so it gets addressed.


Update: Go to your device manager, find the TAP adapter and click uninstall. Including any drivers when the prompt shows a tickbox. Then, while Network Lock is enabled, connect to a location. Then Eddie will install the tunnel driver for you :). Works for me.


. 2018.04.02 03:12:12 - OpenVPN > Route: Waiting for TUN/TAP interface to come up...

I was getting this too. Please go to Control Panel>Network & Internet>Network & Sharing Center>Change Adapter Settings>TAP Adapter Properties>Configure>Advanced>Media Status>Set to Always Connected>Click OK. If there's then further issues with this, a quick fix is to disable and re-enable the TAP adapter.


W 2018.04.02 03:12:08 - The requested protocol has not been configured into the system, or no implementation for it exists - Stack:    at System.Net.NetworkInformation.SystemIPInterfaceProperties.GetIPv6Properties()

You may be able to remedy this by going to Eddies menu>Preferences>Advanced>Microsoft Only>Disable IPv6 at OS level.


By the way @Staff if you're reading, do you think it would be good to install TAP utilities by default in the future?

At one point the logs stated that we "Should be able to go to Start>All Programs>Utilities>TAP Windows>Add new TAP adapter" and do stuff. But for me at least, it wasn't possible to find any "Utilities" or TAP stuff in Windows, until I went into Eddie's download folder and installed "TAP utilities" during the installation process. After that, Windows immediately found TAP-related stuff.

#71266 cloudflare

Posted by LZ1 on 02 April 2018 - 02:25 AM



If you trust the comments, it's not a particularly good thing. To me it seems hyped. Somewhere along the line, it's probably also trying to capitalize on the recent data breaches/scandals.

#71256 Slow torrent speeds

Posted by LZ1 on 01 April 2018 - 06:43 PM

It's quite possible they're throttling. It's possible to tweak traffic shaping to only happen in certain conditions; hence one possible reason why you initially had good regular speeds, but then had issues with torrenting. It's bad practice, but some ISPs do it. Here's some supporting information on SSL and SSH as well, if you're technically inclined. I'm glad it worked anyway - enjoy yourself & welcome to AirVPN  :)!

#71251 Slow torrent speeds

Posted by LZ1 on 01 April 2018 - 03:54 PM

Thank you for the detailed response. Yes that's asymmetric. Did you try changing the protocols?


Remember to re-connect to a location, after making a protocol change, for it to take effect.


Also, is this a wired or wireless connection?

#71239 Utorrent with CyberGhost popup offer(s)

Posted by LZ1 on 01 April 2018 - 11:32 AM



The fix is to not use ad-infested "shareware freemium junk" as a wise man once said, but only FOSS software. So please consider switching to something such as qBittorent.


Guides on configuring it can likewise be found in the link in my signature.

  • Flx likes this

#71227 Eddie 2.14beta released

Posted by LZ1 on 31 March 2018 - 09:43 PM

I have eddie on autostart and through all versions appears the same "problem":


It connects EVERY TIME automatically to mirach (i have only NL whitelisted), if i blacklist mirach it connects always to the next one in list "Merga"... thats really annoying... i just want it to connect always to the one with lowest latency or in my case to the one with lowest bandwith usage, cause i have set it to "speed" below.


Why is that?

Staff did mention making the auto-selection more intelligent in the future, but I can't find the post for you at this moment sorry.  Otherwise there's the usual FAQ on how Eddie selects. I don't think setting the scoring rule to speed makes any difference, as that's only for how things are ordered in the list.

#71184 Comparisons

Posted by LZ1 on 30 March 2018 - 03:37 PM

LZ1, of course. I wasn't trying to call them out or anything. The fact remains Nord is continually mentioned towards the top of the list on pretty much every review site. And I'm sure some people really like them.

Oh it's not that you can't point out where others go wrong, it just needs to be accurate/truthful and there's plenty where that came from. Otherwise I agree there's 2-3 companies one always sees :).

#71179 Comparisons

Posted by LZ1 on 30 March 2018 - 01:48 PM



I'm not one to defend Nord, but we must keep things accurate, including about competitors, as it's potentially defamatory otherwise and that's not permitted on these boards.


They use quite the marketing jargon for one thing. Lets be clear I'm sure all VPNs have some marketing jargon but I thought Nord was a little over the top. They say their VPN offers "military grade encryption" lol.


Air says something similar too:


The picked encryption cipher meets higher-than-military security requirements.


Airs response to this "military" thing would be:


Military grade encryption has a very precise technical meaning in cryptography and data protection. It has nothing to do with marketing. That sentence provides technical information about the ciphers used in our service.


Some explanation: there are some discrepancies in different countries Armies protocols and requirements, but essentially minimal requirements are homogeneous in most "developed" countries. The minimal military encryption degree that's mandatory is published in public books in various Western countries. In our case you can take as a reference the US Department of Defense "Common Criteria" and "Rainbow Series", specifically on the requirements of ciphers for "Secret" and "Top Secret" data. Even the NATO documents are fine. Kind regards


Whether or not Nord is aware of the same technicalities I of course can't say. But it's at least worth being aware of the origins of some of this kind of terminology. :)

#71159 Dedicated/static IP address?

Posted by LZ1 on 29 March 2018 - 04:10 PM

But then Air doesn't tend to share too many of its designs on the future.

They can keep them all they want. All I wanted a straight answer.....

Do you offer static IP addresses for customers?


If yes What are the plans that you have for static IP address?

Then the answer is "No", if the static IPs referenced in the links to the Staff posts in my last two replies aren't what you were looking for.


There's certainly no history of Air letting single users get access to specific addon-features either, that I'm aware of. (In case you wanted to pay a little extra to get a static IP, like some other companies offer).


It's no use sharing the contents of your support tickets with us here and I don't know which custom plans support may be referencing. Perhaps there's a misunderstanding, in that they're talking about the plans they offer, paired with my prior Staff post about static IPs. Following that logic, it's correct that they do offer "custom plans with static IPs". But you're thinking of an add-on feature of some sort I suppose. Since it wouldn't make sense otherwise, as all Air customers get access to the same things when they buy a plan.


If and when Air does make a change of this kind, there's a good chance you'll hear about it in the announcements forum along with the rest of us.


Now that was 8 posts from you in quick succession(now deleted). It's understandable if you didn't get the answers you were looking for, so I think the safest bet is for you to assume it's all a "No" and that there's no new/current plans they wish to share.


Topic locked for now.

  • Flx likes this

#71072 ProtonVPN Uses IKEv2 for the Mac client

Posted by LZ1 on 26 March 2018 - 11:13 AM



Staff commented on the use of that protocol once, so for them this is presumably nothing new :).


We never liked the fact (even in the 90ies when NSA appeared much less "malignant" than now) that IPsec development has been led by NSA and that it runs in kernel space. Performance is not inherent to IPsec (OpenVPN can easily near-match IPsec) but depends on several other factors, including ciphers. Kind regards

Servers online. Online Sessions: 15421 - BW: 46025 Mbit/sYour IP: Access.