Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Search found 207 matches

by Fermi
Mon Apr 17, 2017 9:49 pm
Forum: member support & tech assistance
Topic: Token repeatedly has auth failures, too many logons.
Replies: 3
Views: 66

Re: Token repeatedly has auth failures, too many logons.

Due to the fact we don't log we had limited data to build upon and the rules were somewhat ... relaxed. We added 4 grace sessions. This is too much and not corresponding with the price model, so a change was imminent. As a consequence the scripts didn't detect the difference between a initial login ...
by Fermi
Mon Apr 17, 2017 9:24 pm
Forum: member support & tech assistance
Topic: Token repeatedly has auth failures, too many logons.
Replies: 3
Views: 66

Re: Token repeatedly has auth failures, too many logons.

@Captain Blackberry

Sorry to hear that and not acceptable. We will try to solve this issue asap. In the mean time, can you PM me the token/hash on IRC please (@Fermi)?

I'll elaborate more in the next couple of hours.

/fermi
by Fermi
Sat Apr 15, 2017 5:53 pm
Forum: member support & tech assistance
Topic: [RESOLVED] OpenVPN android Issue
Replies: 4
Views: 60

Re: OpenVPN android Issue

Perhaps your are connected with other devices using the same token and are hitting the session limit: Please note that the simultaneous devices/token are: 1M (and less) tokens: 1 device/token 3M & 6M tokens: 2 devices/token 1Y & 2Y tokens: 4 devices/token (https://twitter.com/cryptostorm_is/...
by Fermi
Sat Apr 15, 2017 1:40 pm
Forum: member support & tech assistance
Topic: Ubuntu 16.04 DNS Leaks ...
Replies: 14
Views: 412

Re: Ubuntu 16.04 DNS Leaks ...

This is odd, because of:

Code: Select all

$IPT6 -P OUTPUT DROP -m comment --comment "set default policies to drop all communication unless specifically allowed"


It shouldn't allow DNS queries over the IPv6 stack.
Perhaps it's a good idea to disable IPv6 in your kernel.

/fermi
by Fermi
Thu Apr 13, 2017 7:02 pm
Forum: member support & tech assistance
Topic: Ubuntu 16.04 DNS Leaks ...
Replies: 14
Views: 412

Re: Ubuntu 16.04 DNS Leaks ...

The reason why you get this is because the script doesn't allow DNS queries before you connect to Cryptostorm. If you are not using IP addresses to connect to Cryptostorm, the system will not be able to connect. To avoid this, you change (or you use IP addresses to connect: $IPT -A OUTPUT -d 192.168...
by Fermi
Thu Apr 13, 2017 4:13 pm
Forum: member support & tech assistance
Topic: Ubuntu 16.04 DNS Leaks ...
Replies: 14
Views: 412

Re: Ubuntu 16.04 DNS Leaks ...

The latest and (perhaps 8-) ) greatest can be found here:

Code: Select all

https://github.com/fermi-cryptostorm/fermi-cryptostorm-git


/fermi
by Fermi
Thu Apr 13, 2017 1:23 pm
Forum: member support & tech assistance
Topic: Ubuntu 16.04 DNS Leaks ...
Replies: 14
Views: 412

Re: Ubuntu 16.04 DNS Leaks ...

There's no need to launch it @ reboot. You can make these rules persistent. If you google for your linux version and iptables + persistent you'll get some hits on the how ... . Of course is we add/remove nodes it is advised to re-run and save again. I need to update the script to include protection ...
by Fermi
Wed Apr 12, 2017 11:31 pm
Forum: member support & tech assistance
Topic: Can't Authenticate On Any Node
Replies: 21
Views: 2161

Re: Can't Authenticate On Any Node

Hi, we've changed our policy regarding the allowed simultaneous connections/token: https://twitter.com/cryptostorm_is/status/852223442279579648 It boils down to the following: simultaneous connections/token (sc/t) count: 1M (and less) tokens: 1 sc/t 3M & 6M tokens: 2 sc/t 1Y & 2Y tokens: 4 s...
by Fermi
Wed Apr 05, 2017 9:24 pm
Forum: member support & tech assistance
Topic: OpenVPN not connecting on Fedora 25
Replies: 1
Views: 172

Re: OpenVPN not connecting on Fedora 25

That log snippet doesn't indicate that authentication is successful, please post the complete scrubbed log.

/fermi
by Fermi
Wed Apr 05, 2017 9:21 pm
Forum: member support & tech assistance
Topic: Connection Issues Again
Replies: 6
Views: 350

Re: Connection Issues Again

What OS are you using?
Are you connecting using the widget or OpenVPN app?

Best thing is to drop by in our irc channel: cryptostorm.is/irc, drop your question/issue and have some patience ...

/fermi
by Fermi
Mon Apr 03, 2017 9:49 pm
Forum: member support & tech assistance
Topic: Connection Issues Again
Replies: 6
Views: 350

Re: Connection Issues Again

Please check token @ cryptostorm.nu
Most likely it will tell you:
That token has reached the maximum number of sessions.


In that case please mail your token to [email protected]

/fermi
by Fermi
Mon Apr 03, 2017 9:47 pm
Forum: member support & tech assistance
Topic: Says my token is invalid?
Replies: 1
Views: 159

Re: Says my token is invalid?

That token has reached the maximum number of sessions.


is the clue, please mail your token to [email protected]

/fermi
by Fermi
Sun Mar 26, 2017 4:37 pm
Forum: member support & tech assistance
Topic: Constant disconnects
Replies: 2
Views: 216

Re: Constant disconnects

Please check token @ cryptostorm.nu .
If max sessions reached is indicated, mail your token to [email protected]
in order to have a session count reset.

/fermi
by Fermi
Sat Mar 25, 2017 10:08 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: troubles connecting
Replies: 6
Views: 547

Re: troubles connecting

Sat Mar 25 15:08:00 2017 us=496104 UDPv4 link remote: [AF_INET]195.154.33.73:443 Sat Mar 25 15:08:17 2017 us=762532 TLS Error: TLS key negotiation failed to occur within 17 seconds (check your network connectivity) Sat Mar 25 15:08:17 2017 us=762532 TLS Error: TLS handshake failed That node is down...
by Fermi
Tue Mar 14, 2017 12:10 am
Forum: member support & tech assistance
Topic: Auth failing
Replies: 7
Views: 354

Re: Auth failing

I had a look in the [email protected] mailbox. There's no mail related to you're issues in there ... .
Can you resend it? Or visit our IRC channel: cryptostorm.is/irc

Regards,

/Fermi
by Fermi
Tue Feb 28, 2017 5:48 pm
Forum: member support & tech assistance
Topic: Error: Authorization failed for that token
Replies: 10
Views: 620

Re: Error: Authorization failed for that token

Only solution for that is sending token or hash to [email protected], so I can reset the sessions.

/fermi
by Fermi
Sun Feb 26, 2017 12:52 pm
Forum: independent cryptostorm token resellers, & tokens 101
Topic: Free Aleph
Replies: 3
Views: 459

Re: Free Aleph

Actually the token has already been deleted before it was posted. The fact that the token is posted here is the result of ... (I won't waste my words on this one).

/fermi
by Fermi
Sun Feb 19, 2017 2:26 pm
Forum: member support & tech assistance
Topic: USSouth Windows vs Linux
Replies: 3
Views: 450

Re: USSouth Windows vs Linux

Two DNS queries, with some time in between. You can clearly see the order in which the records are provided is different: $ nslookup linux-frankfurt.cryptostorm.net Non-authoritative answer: Name: linux-frankfurt.cryptostorm.net Address: 46.165.240.174 Name: linux-frankfurt.cryptostorm.net Address: ...
by Fermi
Sun Feb 19, 2017 1:48 pm
Forum: member support & tech assistance
Topic: USSouth Windows vs Linux
Replies: 3
Views: 450

Re: USSouth Windows vs Linux

linux-ussouth.cryptostorm.net represents a cluster of two servers in two different DC's (same for Windows): host linux-ussouth.cryptostorm.net: linux-ussouth.cryptostorm.net has address 108.62.19.132 linux-ussouth.cryptostorm.net has address 70.32.38.68 When resolving the address it depends on the o...
by Fermi
Sun Feb 19, 2017 1:39 pm
Forum: member support & tech assistance
Topic: ISP detecting Piratebay on VPN
Replies: 5
Views: 636

Re: ISP detecting Piratebay on VPN

What's the URL you are using?
Are you sure the message is coming from your ISP? Can you post a screenshot, removing all information which can lead to ISP or yourself?

Did you check on ipleak.net or cryptostorm.is if you are connected or subject of leaks?

/fermi
by Fermi
Tue Feb 14, 2017 6:46 pm
Forum: member support & tech assistance
Topic: Router: Zyxel p-2812HNU-F1 configuration
Replies: 4
Views: 442

Re: Router: Zyxel p-2812HNU-F1 configuration

ZYX,

Cryptostorm is using the OpenVPN protocol, not IPsec. If your router doesn't have specific OpenVPN support, it will not work.

Best regards,

Fermi
by Fermi
Tue Feb 07, 2017 6:00 pm
Forum: member support & tech assistance
Topic: All connections down?
Replies: 26
Views: 1539

Re: All connections down?

Hi,

Sounds like a 'max sessions reached' problem ... . Please check token @ cryptostorm.nu for this message.
If positive, please mail token top [email protected] or [email protected] so we can reset it.

/fermi
by Fermi
Tue Feb 07, 2017 3:59 pm
Forum: member support & tech assistance
Topic: All connections down?
Replies: 26
Views: 1539

Re: All connections down?

Just ran a test towards all nodes. Good results ... .
Something wrong on your side?

/fermi
by Fermi
Sat Jan 21, 2017 6:20 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree.me howto Android | cryptofree.me/cfandroid
Replies: 13
Views: 14373

Re: cryptofree.me howto Android | cryptofree.me/cfandroid

Hi, Remove the lines with the following directives from the conf files: rcvbuf, sendbuf and txqueuelen As for github, there's a note stating: When saving these config files, DO NOT USE right-click -> "Save file as" in your browser. That will cause the HTML page listing the file to be saved...
by Fermi
Fri Jan 20, 2017 12:38 pm
Forum: member support & tech assistance
Topic: Major reliability issues with CryptoStorm since October
Replies: 10
Views: 1025

Re: Major reliability issues with CryptoStorm since October

We're looking into the OpenVPN source code on how to differentiate between an authentication cycle issued by key renewal and initial login.
If we are able to do that we can solve this issue without having to add extra logging/data on our end.
We'll keep you posted.

/fermi
by Fermi
Fri Jan 20, 2017 12:38 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

We're looking into the OpenVPN source code on how to differentiate between an authentication cycle issued by key renewal and initial login.
If we are able to do that we can solve this issue without having to add extra logging/data on our end.
We'll keep you posted.

/fermi
by Fermi
Tue Jan 17, 2017 6:21 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

The issue can be triggered by the session limitation parameter. Officially Cryptostorm allows one connection / token. To technically deal with slow disconnects etc, the limit is put on three. This means that technically spoken there can be three concurrent connections, taking into account that there...
by Fermi
Thu Dec 29, 2016 8:15 pm
Forum: member support & tech assistance
Topic: Problem Adding Config Files to Tunnelblick
Replies: 2
Views: 489

Re: Problem Adding Config Files to Tunnelblick

Is the .opvn file human readable? Please note when downloading profiles from github: When saving these config files, DO NOT USE right-click -> "Save file as" in your browser. That will cause the HTML page listing the file to be saved, which will cause errors in OpenVPN. Instead, click on t...
by Fermi
Tue Dec 27, 2016 12:36 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: cryptofree howto iOS | cryptofree.me/cfios
Replies: 7
Views: 12519

Re: cryptofree howto iOS | cryptofree.me/cfios

After switching on
Force AES-CBC ciphersuites
it should work.

/fermi
by Fermi
Sun Dec 25, 2016 5:12 am
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

Earlier this week I decided to test to see whether the token re-authentication issue would happen with multiple tokens. I have been connected to the Lithuania node with a secondary token I bought a month after I bought the token I was using originally. The connection has been fine, the longest I ha...
by Fermi
Thu Dec 22, 2016 8:35 pm
Forum: member support & tech assistance
Topic: [pfSense] Transparent Darknet Access
Replies: 3
Views: 905

Re: [pfSense] Transparent Darknet Access

This article, although referring to a competitor could guide you:
https://nguvu.org/pfsense/pfsense-2.3-setup/

/fermi
by Fermi
Fri Dec 02, 2016 6:23 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

London connection still up after 14 hours ...

/fermi
by Fermi
Fri Dec 02, 2016 6:22 pm
Forum: general chat, suggestions, industry news
Topic: FOR SALE: Aleph Token
Replies: 4
Views: 1767

Re: FOR SALE: Aleph Token

Mails coming from @cryptostorm.is could be considered as coming from staff/employees, leading to misunderstanding/assumptions ...

/fermi
by Fermi
Thu Dec 01, 2016 8:50 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

seems disturbingly normal ;)

/fermi
by Fermi
Mon Nov 28, 2016 3:43 am
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

@Parityboy, The "pings" are being sent. These do not behave like ICMP pings. No reply is expected. The client sends ping packets to the server, and the server sends ping packets to the client. This should be according to the pushed directive ping 20. The client should receive a ping every ...
by Fermi
Sat Nov 26, 2016 1:21 pm
Forum: member support & tech assistance
Topic: Bad file descriptor?
Replies: 3
Views: 1120

Re: Bad file descriptor?

@BAM

Please uninstall and use the latest version (beta), to be found @:
https://b.unni.es/cryptostorm_setup.exe

/fermi
by Fermi
Fri Nov 25, 2016 9:11 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

@parityboy, These values shouldn't be repeated in the client config file I believe. These are pushed by the helper directive --keepalive. PUSH : Received control message: 'PUSH_REPLY,persist-key,persist-tun,redirect-gateway def1,redirect-gateway bypass-dhcp,dhcp-option DNS 108.62.19.131,route-gatewa...
by Fermi
Fri Nov 25, 2016 2:30 pm
Forum: member support & tech assistance
Topic: Serious Drops and packet loss South node
Replies: 110
Views: 20612

Re: Serious Drops and packet loss South node

I've read this whole thread. It doesn't seem to be restricted to USSouth, is this assumption correct? Inactivity timeout (--ping-restart), restarting ... RESOLVE: Cannot resolve host address: xxx.cryptostorm.net: Temporary failure in name resolution seems to be the common denominator, correct? ping ...
by Fermi
Tue Sep 06, 2016 11:15 am
Forum: member support & tech assistance
Topic: AUTH_FAILED On New Account
Replies: 1
Views: 1092

Re: AUTH_FAILED On New Account

Please check your token/hash @ cryptostorm.nu
Also the token is case sensitive material. If issues remain, mail the token to [email protected], so we can do further diagnostics on it.

/fermi
by Fermi
Sat Aug 13, 2016 12:44 pm
Forum: member support & tech assistance
Topic: Getting exception while trying to connect with cryptostorm
Replies: 3
Views: 1801

Re: Getting exception while trying to connect with cryptostorm

Hi, The clue is in iptables -A INPUT -d(estination) 212.129.34.154 -j ACCEPT should be: iptables -A INPUT -s 212.129.34.154 -j ACCEPT because if you consider input, 212.129.34.154 is the source of the traffic. You could also use: iptables -A INPUT -i lo -j ACCEPT -m comment --comment "Allow loo...
by Fermi
Sun Jul 31, 2016 8:03 pm
Forum: member support & tech assistance
Topic: That token has reached the maximum number of sessions.
Replies: 4
Views: 2107

Re: That token has reached the maximum number of sessions.

Hi, "That token has reached the maximum number of sessions." is a message you will get if you used the maximum number of sessions allowed with one token. If you indicate you are only trying to use one session, we'll need to have a look at the token and correct this. Can you email the token...
by Fermi
Fri Jul 29, 2016 8:30 pm
Forum: member support & tech assistance
Topic: iPhone VPN logon not working
Replies: 2
Views: 1442

Re: iPhone VPN logon not working

Hi,

Please do the following:

Code: Select all

1) Go to iOS settings
2) Scroll down to the settings panel for OpenVPN
3) Look for "Force AES-CBC ciphersuites" in advanced settings
4) Enable it. It's off by default.


Regards,

/fermi
by Fermi
Thu Jul 28, 2016 5:16 pm
Forum: member support & tech assistance
Topic: VPN noob
Replies: 8
Views: 2998

Re: VPN noob

Hi,

The exit node you've selected is down atm:
UDP OpenVPN is DOWN on 76.164.234.13 port 443

Please try other nodes and evaluate.

/fermi
by Fermi
Wed Jul 27, 2016 11:14 am
Forum: member support & tech assistance
Topic: No longer connecting using Cryptostorm 2.2 Widget
Replies: 19
Views: 11414

Re: No longer connecting using Cryptostorm 2.2 Widget

Hi JDR,

This is perhaps something we can fix ... .
Please send a mail to [email protected] or visit our IRC channel: cryptostorm.is/irc or give a more detailed description of your problem here.

You shouldn't have to go back to PIA!

Regards,

/fermi
by Fermi
Wed Jul 27, 2016 11:10 am
Forum: member support & tech assistance
Topic: TLS timeout when connecting.
Replies: 1
Views: 1397

Re: TLS timeout when connecting.

Hi, No this actually means that the end node cannot be reached. Either the node is down or there is a firewall issue on your side, ... . In this case: 195.154.33.73 isn't among our midst anymore. So please update your nodes: https://github.com/cryptostorm/cryptostorm_client_configuration_files Regar...
by Fermi
Mon Jul 11, 2016 8:05 pm
Forum: member support & tech assistance
Topic: VPN noob
Replies: 8
Views: 2998

Re: VPN noob

Hi,

You can use the following command:

Code: Select all

nslookup windows-balancer.cryptostorm.net


This will look up all Windows nodes.

Code: Select all

nslookup linux-balancer.cryptostorm.net


for linux ... .

/fermi
by Fermi
Wed Jul 06, 2016 1:25 am
Forum: member support & tech assistance
Topic: DNS Leak test
Replies: 3
Views: 1745

Re: DNS Leak test

Hi

The IP's of the Cryptofree DNS servers are:
    195.154.61.33
    or
    212.83.175.31

Depending on the Cryptofree server you are connected to.

/fermi
by Fermi
Fri Apr 29, 2016 9:04 pm
Forum: member support & tech assistance
Topic: Error: the plugin doesn't support import capability, Ubuntu 16.04 LTS
Replies: 4
Views: 2739

Re: Error: the plugin doesn't support import capability, Ubuntu 16.04 LTS

Hi, Next to: sudo apt-get install network-manager-openvpn-gnome did you also : sudo apt-get install network-manager-openvpn followed by: service network-manager restart ? Later I saw this: http://askubuntu.com/questions/760345/cannot-import-saved-openvpn-configuration-file-in-ubuntu-16-04-lts You ca...
by Fermi
Tue Apr 26, 2016 6:09 pm
Forum: member support & tech assistance
Topic: What's happened to PJ ?
Replies: 28
Views: 11309

Re: What's happened to PJ ?

df here, just noticed this thread so thought I might as well comment on some of what was said: (yea, yea, I know. I don't visit the forum often enough.) Question is: what will be the future of Crypto VPN? CS will continue regardless of whatever happens to PJ. To continue in the same way: Fermi here...
by Fermi
Sat Apr 16, 2016 2:00 pm
Forum: member support & tech assistance
Topic: ASUS Router Padavan Firmware
Replies: 6
Views: 2529

Re: ASUS Router Padavan Firmware

Of course it is advised to use the hash to keep the disconnect between the delivered token and member in place. But if you are lazy or have a situation where the hash isn't an option, one can choose to use the token. The widget will indeed hash the token before connecting. If you use OpenVPN to conn...
by Fermi
Fri Apr 15, 2016 8:48 pm
Forum: member support & tech assistance
Topic: ASUS Router Padavan Firmware
Replies: 6
Views: 2529

Re: ASUS Router Padavan Firmware

Hi,

If the 'Login' field accepts to token (not the hash), you should be able to authenticate, as nodes accept both plain token and hash.
The standard password is: 93b66e7059176bbfa418061c5cba87dd (but can have any value)

Regards,

/fermi
by Fermi
Fri Apr 01, 2016 6:12 pm
Forum: cryptofree: no-cost cryptostorm network access
Topic: .onion sites not loading
Replies: 2
Views: 9589

Re: .onion sites not loading

Hi,

.onion sites will not resolve within Cryptofree. This is reserved for paid connections.

Regards,

/fermi
by Fermi
Thu Mar 17, 2016 8:14 pm
Forum: member support & tech assistance
Topic: ISP throttling VPN or other issue?
Replies: 8
Views: 5633

Re: ISP throttling VPN or other issue?

marzametal,

Including the use of dnscrypt?

/fermi
by Fermi
Sat Feb 06, 2016 1:16 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本
Replies: 37
Views: 35880

Re: 宮本 Tokyo (Japan) exitnode cluster | anchor node = miyamoto 宮本

I would propose to send an email to both [email protected] and [email protected].
So I can update IRC topic and other channels.

Regards,

/fermi
by Fermi
Fri Feb 05, 2016 11:06 pm
Forum: member support & tech assistance
Topic: Can't really browse with CS connected
Replies: 5
Views: 5390

Re: Can't really browse with CS connected

Hi, The Fri Feb 05 13:53:13 2016 us=305538 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: block-outside-dns (2.3.6) entry is related to the implementation of the fix-leak-dns plugin from ValdikSS: https://community.openvpn.net/openvpn/ticket/605 This new directive ha...
by Fermi
Mon Jan 25, 2016 8:02 pm
Forum: member support & tech assistance
Topic: Site not sending emails
Replies: 1
Views: 3844

Re: Site not sending emails

Hi, You've sent a mail to [email protected].is right? The token has been sent out automatically and I've sent it to tha two email addresses in your mail. Perhaps the mails have been dropped in your spam folders or the cryptostorm.is domain is blocked by the mail servers you use ... . If you want y...
by Fermi
Sun Dec 27, 2015 7:44 pm
Forum: member support & tech assistance
Topic: Bitmessage contact
Replies: 2
Views: 4305

Re: Bitmessage contact

Hi,

Sure, I just responded to a message.

Regards,

/fermi
by Fermi
Tue Dec 15, 2015 3:39 pm
Forum: member support & tech assistance
Topic: Questions about new client config
Replies: 4
Views: 4278

Re: Questions about new client config

Hi,

No problem at all.
We encourage that our customers have a critical mind. This keeps us sharp, and this is also beneficial for the community.

Thanks!

/Fermi
by Fermi
Mon Dec 14, 2015 1:07 pm
Forum: member support & tech assistance
Topic: Questions about new client config
Replies: 4
Views: 4278

Re: Questions about new client config

replay-window 128 30 # settings which determine when to throw out UDP datagrams that are out of order... # either temporally or via sequence number uses the default values: replay-window 64 15 Sun Dec 13 18:52:29 2015 us=200345 replay = ENABLED Sun Dec 13 18:52:29 2015 us=200391 mute_replay_warning...
by Fermi
Mon Dec 14, 2015 12:52 am
Forum: member support & tech assistance
Topic: Questions about new client config
Replies: 4
Views: 4278

Re: Questions about new client config

Hi DESUs better half, Actually this 'challenge' is a good thing. Starting with: reneg-sec 0 The documentation indicates: --reneg-sec n Renegotiate data channel key after n seconds (default=3600). When using dual-factor authentication, note that this default value may cause the end user to be challen...
by Fermi
Wed Dec 09, 2015 2:38 pm
Forum: member support & tech assistance
Topic: Netgear R6400 DD-WRT tls-error issues
Replies: 2
Views: 4020

Re: Netgear R6400 DD-WRT tls-error issues

TLS Error: TLS key negotiation failed to occur within 37 seconds (check your network connectivity) is an indication that the VPN node cannot be reached. Also: 198.204.245.2:1194 Isn't a address of a Cryptostorm VPN node atm. Please consult: https://github.com/cryptostorm/cryptostorm_client_configur...
by Fermi
Sat Dec 05, 2015 1:18 pm
Forum: member support & tech assistance
Topic: Fix for CS config files and Tunnelblick (OS X)
Replies: 4
Views: 5102

Re: Fix for CS config files and Tunnelblick (OS X)

Hi,

4. You need to delete or uncomment "fragment 1400" line in every .ovpn file you want to use in Tunnelblick. Save file (Thanks to Fermi from Cryptostorm!!)


The configuration files have been fixed (fragment 1400 has been replaced with mssfix 1400).

/fermi
by Fermi
Sat Nov 28, 2015 3:17 pm
Forum: member support & tech assistance
Topic: Auth failed except 5 eyes???
Replies: 1
Views: 3427

Re: Auth failed except 5 eyes???

kittenrocke1,

You have one of those tokens that are degenerating in an odd fashion.
This has nothing to do with the 5 eyes.
Eventually your token will die on all nodes.

We are aware of the problem and are looking out for a solution.

Regards,

/fermi
by Fermi
Sat Nov 28, 2015 3:15 pm
Forum: independent cryptostorm token resellers, & tokens 101
Topic: HOWTO: buying access tokens w/ bitcoins
Replies: 8
Views: 15509

Re: HOWTO: buying access tokens w/ bitcoins

BMwannabebuyer,

I don't think the BM is very often used ... .
You can send an encrypted or unencrypted mail to [email protected].
Or pop in on IRC.

In the mean time I'll talk to df about the BM mailbox.

Regards,

/fermi
by Fermi
Sat Oct 31, 2015 6:45 pm
Forum: DeepDNS.net - cryptostorm's no-compromise DNS resolver framework
Topic: Cryptofree DNS on dnsleak.net
Replies: 2
Views: 6820

Re: Cryptofree DNS on dnsleak.net

Volg,

Depending on the cluster that is picked during connection, it should be one of the following addresses:

Code: Select all

212.83.175.31
195.154.61.33


Regards,

/fermi
by Fermi
Sat Oct 31, 2015 6:02 pm
Forum: member support & tech assistance
Topic: Windows 10 - Privacy, leaks, ...
Replies: 0
Views: 8353

Windows 10 - Privacy, leaks, ...

A post to consolidate/discuss all Windows 10 (8, 8.1 and 7) behaviour and countermeasures wrt. Privacy and leaks... . some interesting links: http://hardenwindows10forsecurity.com/Harden%20Windows%2010%20Home.html [ h/t ntldr ] https://www.safer-networking.org/spybot-anti-beacon/ [ h/t Tealc ] http:...
by Fermi
Sat Oct 31, 2015 5:50 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget version 2.22 ('sexy narwhal') released in the wild | 4.2.2015
Replies: 56
Views: 252723

Re: widget version 2.22 ('sexy narwhal') released in the wild | 4.2.2015

Hi, After further investigation the behaviour is the following: The widget has a a DNS leak prevention option, what is does is the following: 1) runs "netsh interface ipv4 show dnsserv" to get the current DNS settings for all interfaces 2) skips any interface that has no DNS settings 3) ch...
by Fermi
Thu Oct 29, 2015 3:05 pm
Forum: member support & tech assistance
Topic: How to put cryptostorm on tails?
Replies: 5
Views: 4795

Re: How to put cryptostorm on tails?

Delirium, These packages have to come from the debian repositories. There's a desciption here: https://cryptostorm.org/viewtopic.php?f=37&t=8623&p=14292&hilit=tails#p14292 https://tails.boum.org/doc/advanced_topics/additional_software/index.en.html Regards, /fermi
by Fermi
Thu Oct 29, 2015 2:55 pm
Forum: cryptostorm in-depth: announcements, how it works, what it is
Topic: widget version 2.22 ('sexy narwhal') released in the wild | 4.2.2015
Replies: 56
Views: 252723

Re: widget version 2.22 ('sexy narwhal') released in the wild | 4.2.2015

Redneck Ninja, This seems to be the third occurrence of this issue (2nd if Redneck Ninja already sent a mail to [email protected].is). If “Obtain DNS server address automatically” is the initial setting it should remain that way during and after the use of the widget. I've tested this on W7 and it...
by Fermi
Tue Oct 27, 2015 4:07 am
Forum: member support & tech assistance
Topic: DNS forwarder for NAT?
Replies: 2
Views: 4480

Re: DNS forwarder for NAT?

I have a Debian box configured as wifi hotspot connected to cryptostorm with OpenVPN. I set up the DNS on the Debian box to forward DNS to Google's public DNS ip addresses (8.8.8.8 and) in named.conf.options. Is that dangerous? Is it more safe to use a DNS IP from cstorm, and how do I find the addr...
by Fermi
Mon Oct 19, 2015 12:00 am
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: cryptostorm on Android non-root | cryptostorm.org/android
Replies: 100
Views: 128588

Re: HOWTO: cryptostorm on Android non-root | cryptostorm.org/android

Hi,

my bad.
Please try with fragment 1400 commented out.

Regards,

/Fermi
by Fermi
Sat Oct 17, 2015 4:37 pm
Forum: guides, HOWTOs & tutorials
Topic: HOWTO: cryptostorm on Android non-root | cryptostorm.org/android
Replies: 100
Views: 128588

Re: HOWTO: cryptostorm on Android non-root | cryptostorm.org/android

Hi,

When having:
2015-09-27 05:41:01 FRAG_IN error flags=0xfa2a187b: FRAG_TEST not implemented

in the logfile, try commenting the following directive in the .ovpn file:
mssfix 1400


Regards,

/Fermi

Go to advanced search

Nothing to display.

Login