Not connected, Your IP: 216.73.217.25
Online: 42753 users - 487169 Mbit/s total BWAll Activity
This stream auto-updates
- Past hour
-
-
-
-
-
- Today
-
-
-
-
-
- Yesterday
-
I have updated awg_conf_patch with support for the AmneziaWG 2.0 parameters: https://github.com/zimbabwe303/awg_conf_patch. The old awg version is still supported: use the -o option. I have also updated the default parameters with better ones: the shuffled H1..4 parameters stopped working recently for some reason (at least for me) so I replaced them with the old generic ones. To still use the shuffled ones set amnezia_CustomH=0 in the script itself.
-
-
awg_conf_patch was updated with support for awg 2.0: https://github.com/zimbabwe303/awg_conf_patch
-
Just as a note, since the first days of April the situation with VPNs in Russia is going into the real Cheburnet phase: Spyware VPN detectors will be inserted into all the major commercial mobile apps (Max, VK, Yandex, banks, phone carriers, etc.), every detected endpoint IP will most likely go into the country-wide blacklist The increase of the cross-border backbone bandwidth has already been vetoed because it has grown over the top in the last year due to the VPNs Because of that there are rumors that more than 15 GB/month of cross-border traffic will have added cost for every end user VPN software will be detected on every in-country VPS hosting provider to prevent using them as bridges (it is already a common practice to circumvent white list blocks) Recently there were wired Internet shutdowns looking very much like tests of white list blocks (before that only mobile Internet had white lists) By the way, it's very hard to find any AirVPN server which is not yet blocked. But I can still find some (mostly in Netherlands) by automated scanning. AmneziaWG is necessary, of course.
-
- Last week
-
-
-
.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png)
increasing efficiency in blocking ads and trackers
Staff replied to Tionni's topic in General & Suggestions
Hello! We already implemented it in 2021. Any domain which must be blocked includes all of its subdomains too. Besides, different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. Kind regards -
Hello, I just did read about Proton VPN increasing it efficiency on blocking ads and trackers Is this something you can implement also?
-
Hello! Yes, AmneziaWG support on the server side. You do not need handshake and payload packet padding to circumvent blocks in Russia and China. Padding may be instrumental to make destination guessing from traffic pattern more difficult. Kind regards
-
Hello! Unfortunately, the CSP settings do not help to overcome DPI. On the servers of other VPN providers, I have found that it is effective to change the values of the S1-S4 and H1-H4 parameters. However, as far as I understand, all airvpn servers are configured with zero values for S1-S4 and values for H1-H4 ranging from 1 to 4. These are the standard parameters of the wireguard protocol and can be easily detected by DPI. Is there any plan to allow for the modification of these parameters?
-
-
Today I encountered the same issue on my system under similar conditions, so I can share what I found in case it helps diagnose it. From the stack trace, this does not appear to be a straightforward dependency or missing library problem. Although the error mentions libmono-native.so, the failure occurs earlier in the Mono/WinForms initialization chain (System.Console / TermInfo / X11), which usually points to a runtime initialization or environment selection issue rather than a simple missing file. In my case, Eddie (version 2.25.1 on Gentoo 6.18.18-gentoo-dist-hardened) had been working normally for a long time without a system Mono installation. After installing Mono for another application, Eddie immediately began crashing at startup with a fatal initialization failure. The stack trace consistently pointed to System.Console and then to libmono-native.so, even though the library was present and correctly resolved by the dynamic linker. This initially suggested a broken installation or missing dependency, but neither rebuilding dependencies nor checking linker configuration changed the outcome. The key factor turned out to be that Eddie appears to dynamically prefer a system Mono runtime when one is available. Once Mono was installed globally, Eddie stopped using its own internal runtime and instead executed against the system Mono version. In my case, this was 6.14, which is not compatible with the runtime expectations of this particular Eddie build. Downgrading Mono to 6.12 did not resolve the issue, which further suggested that the problem is not a specific version regression, but rather a general incompatibility between Eddie and external Mono runtimes in this configuration. The decisive test was removing the system Mono entirely. After uninstalling it, Eddie immediately reverted to using its bundled runtime again, which appears to be based on Mono 6.8. At that point, the application started normally without any further changes. This indicates that the bundled runtime is functional, but it is only used when no external Mono installation is present. The failure is likely caused by Eddie’s lack of strict runtime isolation. The presence of a system Mono installation changes its execution path, resulting in the use of an incompatible runtime. The most reliable fix is either to avoid installing system Mono alongside Eddie or to remove it if Eddie is required. Regards Viktor23596
-
-
-
-
-
ANSWERED Docker Gluetun server name
ByteBuccaneer replied to Grimmy57's topic in Troubleshooting and Problems
Naturally I verified this; the documentation agrees with you that the plural form is the correct form. Naturally I then became curious as to why my singular form version works so well then. It turns out that older versions of the code only allowed one server, and more recent upgrades enabled multiple servers to be listed. In order to upgrade to the plural form without borking the older, singular versions the author wrote the following excellent code: Golang (serverselection.go line 461) ss.Names = r.CSV("SERVER_NAMES", reader.RetroKeys("SERVER_NAME")) To anyone reading this definitely use the plural form for new Docker containers, but you don't need to worry about older ones as the author has you covered! Thanks for the correction @Grimmy57 -
-
wiresock works!!!!!!! thxxxxx
-
-
There are hundreds of those protocols. Neither of them works as well as AmneziaWG.
-
Hello! The first main problem to resolve is setting a proper DNS that the container can query before the connection is established. Your system can't resolve the domain name of the end point (us3.vpn.airdns.org), so WireGuard does not even try to establish a VPN connection. Note how the service wg-quick@wg0.service exited because of that (temporary failure in name resolution). Please don't send screenshots whenever text is possible and suitable. Kind regards
-
-
-
-
-
-
movaxdx reacted to a post in a topic:
Can we get a server in Poland? They seem to like freedom of speech. ...
-
If you can't dedicate a middlebox to just your NAS, you can use your main machine as the middlebox, if it runs Linux with systemd. If you do have that, then you can use iproute2 and systemd-nspawn to just send the NAS's trafic over the VPN without sending your main computer's traffic over the VPN, unless you also want to send your main computer's traffic over the VPN.
-
Is it possible for you to insert a middlebox between your synology and the upstream router? By middlebox, I mean any computer that can run Linux (i.e. Debian) and that you can give at least two ethernet interfaces (oen or both can be USB ethernet if you don't have enough built-in Ethernet ports). If it is possible, you can have the middlebox do wireguard, then just set the mtu between the synology and the middlebox to be 1420 (or 1320, if you leave the AirVPN config file as-is), and then just have the middlebox NAT all the synology's traffic into the Wireguard tunnel.
-
Hello! We do agree and we are planning to implement on our software per app traffic splitting on Windows too. Currently you can enjoy per app traffic splitting on Linux (AirVPN Suite) and Android (Eddie Android edition). If the machine you use for Steam is based on Linux you can already have per app traffic splitting with our software. If you run Windows, in the meantime you can consider WireSock, which offers traffic splitting and reverse traffic splitting (on an application basis) and is fully compatible with our WireGuard servers. The Configuration Generator will generate the profiles you wish. Kind regards
-
Any guide or how to because it feels like wireguard and Synology are not natively liking each other. All the guides i've found are docker or spk repacker (does not exist for 1511+) and seems to be done for incoming and not outgoing
-
I have been facing a predicament for months, which is that Steam thinks i'm a bot and doesn't let me play any multiplayer games in.. multiplayer, and I can't turn my VPN off to use all 5 ports on it to host numerous servers. The problem is, there isn't a way to IP or domain whitelist Steam, since I don't know any of the ip's it uses to connect, and they change alot. This is where app-based tunneling would shine though, and here is why 1. App based tunelling would most likely save you guys alot of bandwidth, now people can tell the VPN to send web browser connections through their actual internet, and then you won't have alot of traffic taken up by YouTube streams 2. This defeats the need to switch to other clients, which is clunky and complicated. 3. It lets you do everything in one app (Eddie), which is extremely convenient and simple for newcomers to use, probably bringing more subscribers to the VPN too since split-tunneling is a useful feature 4. It straight up lets you split tunnel some stuff in the first place, such as Steam i've already mentioned, which uses a variety of ip's and domains i don't know, and i'm not about to spend a few hours in wireshark getting all the ip's/domains and adding them. So please, 4 good reasons on why app split-tunneling should be added to Eddie. P.S. another thing I noticed was that the split-tunneling already in Eddie didn't seem to work until I reconnected the VPN, is this a limitation, a bug, or just something that isn't added? - Thanks, a pleading CS2 player and server hoster
-
Hello! Yes, it is definitely planned, but we can't give you a definite ETA. In the meantime, if you have an Android device or an Android emulator, you can use Eddie Android edition to generate configuration files (you can export them to any other system directly from Eddie's "Export" or "Open with" functions) or the Amnezia configuration patcher by @zimbabwe https://github.com/zimbabwe303/awg_conf_patch Eddie Android edition includes 30+ CPS pre-sets of real web sites, so this is the recommended solution currently to bypass blocks. Kind regards
-
Adguard VPN prevents normal email work. Can't send any letter. outlook gets an error: Task '***.com - Sending' reported error (0x800CCC1 A): 'Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.' and my host provider says: "Hello, We can confirm that the mail server is functioning correctly. The error 0x800CCC1A indicates that your new VPN is interfering with the secure connection (SSL/TLS handshake) between your email client and the mail server. This issue commonly occurs because many modern VPN services include features such as Security Shields or Mail Protection, which intercept or filter email traffic. Since this appears to be a local configuration issue related to the third-party VPN software, we recommend contacting your VPN provider’s support team. You may inform them that their service is likely blocking or interfering with SMTP traffic, particularly on ports 465 and 587." no replies for about 1 month from their support and yes, they're fast...
-
Hello! I've been using AirVPN for a pretty long time on a Proxmox LXC with Wireguard that runs my qBittorrent. It's been working fantastic until suddenly it can no longer make outbound connections. Pinging 1.1.1.1 comes up with nothing, and I cannot ping www.google.com either. Only thing I can ping are connections inside my network. I'm honestly unsure what would've possibly caused this as I've changed nothing about my system except for updating it, but thats it. The only thing I notice is a message when doing "wg-quick up wg0" is "/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf", but when I do "ln -sf /run/resolvconf/resolv.conf /etc/resolv.conf" I get "Temporary failure in name resolution: `us3.vpn.airdns.org:1637'. Trying again in 1.00 seconds..." with the time slowly increasing. I added some photos below to hopefully allow people to get a better idea on whats going on. Any help is appriciated cause honestly I have no idea where to go with this, its a major head scratcher and I'm unsure on where to even begin. If it helps I also do have tailscale setup on this as well, but it's been working fine for the longest time so I can't see that affecting anything. All connections work fine with the wireguard vpn down as well. Thank you! -
Hello! Like many others, I use native software to connect to your servers. I would very much like to see the ability to obtain a configuration for the AmneziaWG protocol in the config generator. Will this feature be implemented, and if so, when?
-
-
Hello friends! I faced a some problems with Eddie client on Macbook. I created new macbook profile (account). When i logged into my Airvpn account via Eddie, there are no servers in server list window and no protocols for manual selection in Eddie preferences. After some time, the error of "BOOTSTRAP FAILURE" appears. My DNS are set 8.8.8.8 and 4.4.4.4. Airvpn.org pings sucssesfully in terminal. When i changed my old Mac account, there are no problems with Eddie. Can anyone help me to solve this problem? -
@balkie31 Hello! For residential broadband (DSL / cable / FTTH), DHCP lease times are most commonly: ~12–24 hours (very common baseline) ~1–3 days (slightly less common) Occasionally up to ~7 days (less common, but happens) This aligns with general network guidance where stable networks use 1–7 day leases. Therefore, it is normal that you may need a re-connection every few days. You can consider to tell GlueTun to re-connect always to the same server, by setting the proper environment variable. You would be sure that your system would appear on the Internet always with the same IP address (the exit-IP address of the VPN server); on the other hand, if the specific VPN server goes down, GlueTun will be unable to re-connect as long as that server does not come up again. In any case, you may always need to re-start the torrent software as GlueTun will bring the virtual network interface down and up again. Kind regards
- Earlier
-
-
Ive been using gluetun along with slskd anf qbittorrent. The connection works for a few days or so and then ill end up getting a new ip. Since im using forwarded ports, ill need to restart slskd and qbit to rebind them and get the ports showing as open again for the containers. Is this normal? Or are there some settings im missing? Sorry for thr formatting, i just cant get it to work out on mobile qmcgaw/gluetun:v3 container_name: gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun volumes: - /mnt/Media2/Docker/Configs/gluetun:/gluetun/ ports: - 8114:8000 - 8115:8115 - 18678:18678 - 18678:18678/udp - 3050:5030 - 3150:5031 - 30050:50300 - 3040:9765 - 9091:9091 - 34014:34014 - 34014:34014/udp - 14499:14499 - 14499:14499/udp environment: - VPN_SERVICE_PROVIDER=airvpn - VPN_TYPE=wireguard - WIREGUARD_PRIVATE_KEY=xxxxxxx - WIREGUARD_PRESHARED_KEY=xxxxxxx - WIREGUARD_ADDRESSES=xxxxxxx - SERVER_COUNTRIES=United States - FIREWALL_VPN_INPUT_PORTS=18678,14499 - HEALTH_RESTART_VPN=on - HTTPPROXY=on - FIREWALL_OUTBOUND_PERMITTED_IPS=0.0.0.0/0 - DNS_KEEP_NAMESERVER=off - FIREWALL_DEBUG=on - WIREGUARD_MTU=1420 - FIREWALL_OUTBOUND_SUBNETS=192.168.68.0/24 - UPDATER_PERIOD=24h healthcheck: test: ["CMD", "/gluetun-entrypoint", "healthcheck"] interval: 30s timeout: 10s retries: 3 start_period: 60s sysctls: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv6.conf.all.disable_ipv6=1 restart: unless-stopped:
-
it really should be added. pretty much all the non use specific dns avaiable in airvpn now except for oids are outdated and hagezi's are arguably the best ones. especially ultimate and pro++
