Table of contents

1. General

2. Legal

3. Account

4. Connectivity

5. Windows

6. Mac OS X

7. Linux

8. Email

9. Firewall

10. Browser

11. Other

1. General


1.1 Which protocols are supported to connect to IPredator?

We support OpenVPN and PPTP as VPN protocols. If you are unsure which one to use we recommend that you go for OpenVPN since it offers much better security and is a lot more robust in case of network problems. We are working on more options that will be announced on the blog once they are available.


1.2 Does my network throughput go down when using the VPN?

The short answer is yes.

The long answer is that this depends on a number factors, e.g. your distance to our servers (latency) or the type of ISP you are using. Do not expect to receive the full speed that you get from your ISP, since VPN protocols always introduce a certain overhead. We do not have shape or cap bandwidth, nor do we offer premium accounts to get higher speeds. All users are treated equally in our system.


1.3 Do you provide trial accounts and how do I request one?

Yes, we provide trial accounts, valid for three days. First, you need to sign up to create a user name and a password.

If you checked to receive a confirmation email during the sign-up process, you can reply to this email and request a trial. Alternatively, just join our support chat and ask for your trial activation there.


1.4 Does IPredator have an affiliate or reseller program?

No we do not have that and neither plan to do so. Having such programs means that we would need to track where you come from in order to pay the reseller or affiliate. It simply violates our do not track policy and therefore is a no-go for us.


1.5 Do you support IPv6?

IPv6 support will be available soon.


1.6 Do you offer static IPs?

Not at the moment, but it is on our todo.


1.7 When will you support SSTP and L2TP/IPSEC?

We plan to support SSTP and L2TP/IPSEC by the end of the year.


3. Account


3.1 Can I use my IPredator account more than once?

You can install the VPN account on as many machines as you want like your desktop, laptop and phone. If you connect one device the others cannot connect to the VPN at the same time. If you want to enable the access to the Internet via VPN in your household for more than one machine consider to buy a router that supports OpenVPN or PPTP or use connection sharing.


3.2 I'm sure my password is right but I still can not log in!

Be careful when choosing your password. Some PPTP implementations have problems with special characters and are not able to process passwords of arbitrary lengths. There are some basic rules to follow:

  • Passwords are case-sensitive.
  • Do not use special characters, e.g. @ (at), ' (single quote) and " (double quote).
  • Do not exceed a password length of 12 characters.

If you are running Windows 8 and are trying to connect via PPTP, also have a look at this FAQ entry.

Our web site is able to process passwords exceeding a length of 12 characters and is less restrictive concerning special characters. Just because the web site takes a password, this does not automatically mean that it also can be used for establishing a PPTP connection!


3.3 I can not reset the password for my account, what do I do?

There can be multiple issues why you do not receive the password reset mail. For example free.fr blocks all of our emails for whatever reason. Another case is that you registered two accounts to the same email address. If that happens our system does not know what to do without leaking all of your accounts by asking you. Please write an email to support@ipredator.se and ask our staff to look into it.


3.4 What do I need to do to get my account deleted?

Write an email to support@ipredator.se and request an account deletion. If you don't do that and your account is inactive for more than 3 months it will be deleted automatically.


3.5 I need an invoice for my company can you send one?

We do not send invoices.


3.6 Can you remind me if my subscription runs out?

This feature will soon be available as an opt-in.


4. Connectivity


4.1 What do I need to do if my router blocks PPTP access to IPredator?

Start by checking the manual or support forums if the router supports PPTP pass-through. If it has a built-in firewall make sure that port 1723 TCP is allowed to connect to the Internet. More importantly verify that IP protocol 47 aka GRE is allowed as well.

If your router does not support PPTP pass-through, you need to forward ports and protocols manually to the local machine establishing the PPTP connection. To make things easier, you should first configure your local machine to always use the same local IP address. Then forward port 1723 TCP and IP protocol 47 to this machine's local IP address. Not all routers support forwarding all kinds of IP protocols.

If it still does not work come to our support channel and we will try to figure out the problem together with you.


4.2 My connections drops erratically, is there something I can do?

First, try disabling stateful encryption for your PPTP connection. If the connection works, you are fine.

Second, there is a chance to get a stable connection by lowering the MTU. If you are running Windows, this is described here. For Linux, you can refer to this FAQ entry.


4.3 The VPN connection dropped while I was still downloading!

That is not good. You should setup redial and only allow certain programs like bittorrent clients to use the VPN connection but not your normal Internet connection. Check our guides on how to setup basic redial for the VPN. If we do not yet cover this in the guide or if you have some other question visit us in our support channel.


4.4 Do I get a new IP address upon connecting to the VPN every time?

The short answer is yes.

The long answer is that this first depends on how fast and on which server you reconnect. If you are reconnecting both fast enough and to the same server again, the chances of getting the same IP address again are quite good.


4.5 Do I need a static IP to use IPredator?

No, the type of your local IP address does not matter.


4.6 Is there a VPN connection timeout?

Yes. If you do not use the VPN for 10 minutes you will be disconnected.


4.7 Right after my VPN connection terminated, I am not able to reconnect.

If you disconnect properly and do not leave a dangling session in the system you should be able to reconnect. If you disconnect improperly the default is to evict the stale session after 5 minutes.

Sometimes problems are also caused by routers in between that have broken GRE state tracking software. In such cases only a reboot of those devices or firmware upgrades help.


4.8 Can I use PPTP over 3G networks?

This strongly depends on your operator. On some networks it sometimes works and sometimes not. Our advise is to test it first.


4.9 Does the PPTP VPN work through a web proxy?

No, you cannot use PPTP from behind a web proxy.


4.10 Can I use PPTP over a satellite Internet connection?

Maybe, it might work but it will be no fun to use. There might be satellite operators that do not use Performance Enhancing Proxies or that allow PPTP to pass through. In reality the problem will be the latency that you have with the satellite. The purpose of the VPN is to tunnel TCP (and other protocols) and with higher latencies especially TCP throughput and stability suffer performance penalties.


4.11 OpenVPN connects at first but does not reconnect again. It shows route failed errors.

This means your client is not able to communicate with the original VPN server anymore. It happens when OpenVPN tries to reconnect after the connection dropped but got redirected to another server.

You can get around this if you allow your client to float between VPN gateways. To enable floating, add the keyword float in a new line to your OpenVPN configuration file and restart the connection. On Windows and Mac OS X, Viscosity can be supplied with that keyword when editing a certain connection's preferences, switching to the Advanced tab and adding float to the extra OpenVPN configuration options.


4.12 I have problems using VPN in a virtual machine.

Make sure to use a bridged network interface to establish the VPN connection. For a virtual machine, the same setup is needed as for a physical machine behind a router.

4.13 Since I switched to OpenVPN, my download speeds have decreased.

OpenVPN uses strong encryption and therefore eats more CPU power than PPTP does. If you have a computer with and older CPU which cannot do encryption in hardware or your VPN connection is established from a router with a weak embedded CPU, this slows down your connection.


5. Windows


5.1 Windows is showing me an error, what shall I do?

The first thing to do is to check what the error means. Microsoft provides an overview of all the possible errors along with a short explanation here. There are many reasons why Windows fail with an error:

  • Wrong user name or password
  • Incorrect VPN connection settings
  • Your router or ISP has no PPTP pass through support
  • 3rd party VPN adapter or software install/uninstall
  • 3rd party firewall software install/uninstall
  • System backup that did not restore properly
  • Corrupted or missing network protocol bindings

Verify your user name and password by logging into the website. Then make sure that you are using the same credentials for the VPN connection. Capitalization of the user name and password matters! The next thing you should do is to verify the settings of your VPN connection by using one of our guides.

To rule out that the error is caused by your local router or ISP test the connection somewhere else, if you can. For example take your notebook to a friend and test it there. If that does not work the likeliness that the error is caused by Windows itself is a lot higher. A good way to resolve many problems caused by 3rd party software installations is to execute the following commands on the command line as Administrator.

C:\> Netcfg -u MS_PPTP
C:\> Netcfg -l %windir%\inf\netrast.inf -c p -i MS_PPTP
C:\> netsh int ip reset

If you have a 3rd party firewall disable it for testing. In the case that the error persist please contact our support staff and they will try to help you find out whats wrong and get you connected.


5.2 Is there an alternative to the build-in redial for the VPN connection?

Yes of course. You can use a batch script to control the connection with rasdial for example. If you want a GUI solution give VPNnetmon a try.


5.3 My connection works but the network throughput is not really good.

If you have Windows Vista or Windows7 you can try to disable the network stack auto-tuning. To do that open a command line as Administrator and type:

C:\> netsh interface tcp show global
C:\> netsh interface tcp set global autotuning=disabled

If it does not help or makes it worse undo your changes with

C:\> netsh interface tcp set global autotuning=normal

A second issue that can come up when using Windows and lots of concurrent TCP connections is that Microsoft added a connection limit to recent Windows versions. The limit is in place to prevent widespread worm outbreaks or mass mailers, but it also limits torrents at the same time. You can get a piece of software here that will remove the limit from your Windows installation. Read the instructions carefully!


5.4 I am running Windows 8 and I am not able to connect to the VPN with my password.

If your machine is a member of a Windows domain, Windows 8 automatically adds the current domain name to the credentials. You need to a \ (back slash) to your user name to drop out the domain name. Afterwards you should be able to connect to the VPN.


5.5 For low-bandwidth applications my connection works, but while downloading or viewing videos it sometimes drops.

Try lowering the MTU (Maximum Transmission Unit). The MTU defaults to a value of 1500 bytes. If you set the MTU to a lower value, you might get a more stable connection. Try multiple values in the range from 1400 downwards to 400 bytes.

On Windows, the MTU needs to be set via the registry. There is a Microsoft Knowledge Base Article describing all TCP/IP related settings. Way down this list you will find the registry key for setting the MTU. You also need to find out the mentioned ID for Adapter, because this is a needed path element of the registry key to edit.


5.6 I see IPv6 traffic going out although I disabled IPv6 on my VPN interface (disabling Teredo).

Windows can automatically open IPv6 VPN tunnels using the Teredo protocol to provide IPv4 hosts with native IPv6 connectivity. Since this kind of tunnels can hardly be controlled and have a severe impact on the user's privacy, we recommend to turn off Teredo completely.

To disable Teredo, open the command line as Administrator and type:

C:\> netsh interface teredo set state disabled

Reboot your machine to make sure the new setting is active.


6. Mac OS X


6.1 Why is Mac OS X not routing traffic through the PPTP VPN connection?

Please check our guide and verify that you have configured the connection properly. Mac OS X needs an explicit settings to route all traffic through the VPN.


6.2 How to setup IPv6 on Mac OS X prior to Lion?

On Mac OS X versions prior to Lion there is no possibility to disable IPv6 for a VPN interface. You should choose to setup IPv6 Automatically in the corresponding preference pane.


6.3 The VPN connection on Mac OS X works for torrents, but I cannot access any websites through my browser.

This issue might relate to high latencies when connecting to our servers. The further you are away from our servers, the higher your latency is. To check the latency from your location, open a terminal and execute:

$ ping -c 3 pw.openvpn.ipredator.se 
PING pw.openvpn.ipredator.se (46.246.32.2): 56 data bytes
64 bytes from 46.246.32.2: icmp_seq=0 ttl=128 time=210.00 ms
64 bytes from 46.246.32.2: icmp_seq=1 ttl=128 time=190.00 ms
64 bytes from 46.246.32.2: icmp_seq=2 ttl=128 time=200.00 ms

--- pw.openvpn.ipredator.se ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 190.000/200.00/43.631/210.00 ms

As you can see from the above example, the latency to reach pw.openvpn.ipredator.se averages at 200ms. Latencies above 100ms are considered a high value for VPN use which often results in slow or spotty network connections.

To increase throughput or to make communication through the VPN connection possible at all, you need to change the window size for small links. On Mac OS X, there is the sysctl net.inet.tcp.slowlink_wsize which configures this setting. This setting defaults to 8192 bytes, which is too small for slow links:

  $ sysctl net.inet.tcp.slowlink_wsize
  net.inet.tcp.slowlink_wsize: 8192

As a rule of thumb, if you have a latency of 200ms, set the slow window size to 250000 bytes:

  $ sudo sysctl -w net.inet.tcp.slowlink_wsize=250000
  net.inet.tcp.slowlink_wsize: 8192 -> 250000

The value for the slow window size scales in a linear manner. If you have a latency of 100ms use 125000 bytes, for 300ms use 375000 bytes.

If you found a setting that makes your connection work properly, make it persistent over reboots and replace 250000 with the value you chose:

  $ sudo cat >> /etc/sysctl.conf << EOF
  net.inet.tcp.slowlink_wsize=250000
  EOF

7. Linux


7.1 My PPTP connection irregular drops at high data rates but works for low-bandwidth applications like SSH or IRC.

Try lowering the MTU (Maximum Transmission Unit). The MTU defaults to a value of 1500 bytes. If you set the MTU to a lower value, you might get a more stable connection. Try multiple values in the range from 1400 downwards to 800 bytes.

With these tests, you want to find out the highest possible value for the MTU that results in a stable connection. Also have a look at the MISSING_WINDOW patch.


7.2 Even after reducing the MTU, pptpclient logs unordered packets and drops the connection at high data rates.

If lowering the MTU does not help, and you still experience connection drops after a lot of unordered packets came in, you could try the MISSING_WINDOW patch for pptpclient introduced in Arch Linux. After applying this patch, you will still get reordered packets, but the connection should not drop anymore, even on heavy load.


8. Email


8.1 Can I send emails when I'm using the VPN?

Please configure your mail program to use port 465 or 587 to send mail. Most of the bigger email providers accept mail on those ports as well. We had to block port 25 outgoing because of the high volume of abuse.

An alternative is to set a host route to your email providers mail server. Usually the route command is used to set additional routes. Check your Operating Systems manual on how to do that.


9. Firewall


9.1 I have a Comodo firewall, what do I need to do to get IPredator working?

For the Comodo firewall to work properly, you need to define a new trusted network to receive incoming connections. The network definition needs to meet the IPredator address range:

  • First IP address: 46.246.32.0
  • Last IP address: 46.246.63.255
  • Net mask: 255.255.224.0

Afterwards, open the Stealth Port Assistant and define this network as trusted. This makes incoming connections (e.g. uTorrent) working as expected.


9.2 I have a ZoneAlarm firewall, what do I need to do to get IPredator working?

For the ZoneAlarm firewall to work properly, you need to define a new Trusted Network to receive incoming connections. The network definition needs to meet the IPredator address range:

  • First IP address: 46.246.32.0
  • Last IP address: 46.246.63.255
  • Net mask: 255.255.224.0

ZoneAlarm differentiates between a Trusted Network and a Trusted Host/Site. A Trusted Network describes a network range like above, while a Trusted Host/Site refers to an URL as in https://ipredator.se. You should not need to define a Trusted Host/Site.


10. Browser


10.1 I heard that not all search engines respect online privacy. What should I do?

At the first sight, companies behind search engines accumulate user data to let users benefit from it. So-called benefits are that search results are personalized and also enriched with aspects you might also be interested in. This gives an impression of exactly receiving the results one wants to get presented with and also leads to keeping probably valid results away from being displayed.

That way these companies also define what can be found and what not. The results not being displayed are at best those that are not consistent with the profile they adorably created for you. Not to mention that you definitely leave traces where you thought you might never leave some. This data accumulation can not be undone. You need to be careful where and how much data you provide about yourself.

To evade this problem, we provide our users with an yacy instance at http://search.ipredator.se, also described on our Services page. If the search results do not satisfy you, give DuckDuckGo a try. They also provide an article about how to integrate DuckDuckGo into Firefox. With integrating DuckDuckGo into Firefox, you are one step nearer to not leak data to Google, Bing and friends.


11. Other


11.1 Does streaming from Swedish TV sites work?

Yes.


11.2 I am using MIRC, what do I need to do to connect to the IPredator IRC support channel?

To connect to the IRC support channel with the MIRC client, you need to establish a SSL-connection, as stated on the Resources page. To achieve this, the port number needs to be prefixed with the + sign in the server string:

  • irc.ipredator.se:+6667

If this does not work for you, the support channel is also available via https://irc.ipredator.se/.

Further information about how to use SSL with MIRC is provided here.


11.3 Is it possible to use UDP trackers for BitTorrent when connected to your VPN?

Some UDP-trackers and clients have a hard-coded MTU size of 1500 bytes and do not negotiate a Path MTU.

If you use OpenVPN all is fine it can handle the fragmentation internally.

For PPTP connections the MTU needs to be smaller. So even if you set the MTU on your side (router) to be upstream below 1500 bytes, the other peers and trackers will still send packets back with an MTU of 1500 bytes. This results in missing packets downstream.


11.4 Is it possible to bypass the VPN connection for certain services?

Yes, but this involves altering your system's routing table. Changing the routing table might also require you to adapt firewall rules. The general procedure is the same for all Operating Systems and outlined as follows:

  • Look up the host or network that should not be reached through the VPN tunnel.
  • Set up a route which directs all traffic to this specific host or network to your regular interface.
  • Change your firewall to reflect this routing change. You now need to allow incoming traffic from the specific host or network.
  • Make these changes persistent over reboot, thus configure them at system startup.

Basically, you need to get familiar with the route command on Windows, Mac OS X, Linux or the BSD variants, depending on which type of system you use.

We are planning to release guides on our blog on this topic.


11.5 Is it possible to access shares from my local network while the VPN connection is active?

Yes. If you only have a single local network (one subnet), this works without any further configuration.

If you have multiple local subnets, you need to add static routes on the machine establishing the VPN connection. Otherwise, it cannot answer requests from the other subnets properly.

Be careful when enabling file sharing on the machine also establishing the VPN connection. Make sure to enable services for the local network only on the local network interface. Otherwise you might leak information about your shares to the Internet.


11.6 uTorrent communicates although my firewall should deny it.

Depending on its settings, it might still be possible for uTorrent to communicate through your firewall although you followed the uTorrent Firewall Howto.

Open uTorrent's Preferences and select Connection from the left pane. Uncheck both Enable UPnP port mapping and Enable NAT-PMP port mapping. Further uncheck Add Windows Firewall exceptions to prevent uTorrent from inserting its own firewall rules over and over again. Make sure that only the firewall rules described in the uTorrent Firewall Howto are active.

Still being in uTorrent's Preferences, select BitTorrent from the left pane and uncheck Enable local peer discovery.

Finally your system might communicate through an automatically opened Teredo tunnel. To disable Teredo tunnels on your system, follow this FAQ entry.