Not connected, Your IP: 216.73.216.120
Online: 36603 users - 486599 Mbit/s total BWAll Activity
This stream auto-updates
- Past hour
-
-
-
-
-
-
-
-
- Today
-
Hello, I’m having trouble with very low download speeds when using AirVPN (WireGuard) through the Gluetun Docker container, and I’m hoping for some guidance or pointers on what to check next. ### Setup - Host OS: Linux (Docker host) - VPN client: qmcgaw/gluetun Docker image - VPN_TYPE: wireguard - VPN_SERVICE_PROVIDER: airvpn - Gluetun is used as a “VPN gateway” container for my download stack. - Applications: - qBittorrent (behind Gluetun) - SABnzbd (was also behind Gluetun, now temporarily bypassed for testing) - Location: Germany - ISP speed (real, without VPN): ~80 MB/s down on the same machine In Gluetun I pass the WireGuard parameters from the AirVPN config: - WIREGUARD_PRIVATE_KEY = <PrivateKey from [Interface]> - WIREGUARD_PRESHARED_KEY = <PresharedKey from [Peer]> - WIREGUARD_ADDRESSES = <Address from [Interface], e.g. 10.x.x.x/32> - WIREGUARD_ENDPOINT_PORT = 1637 - SERVER_HOSTNAMES or SERVER_REGIONS used to select servers (mainly DE/NL) ### What works The connection itself comes up fine: - Gluetun logs show: - WireGuard setup is complete - Public IP address is an AirVPN IP (usually NL/DE) - DNS is working, healthcheck is green. - Traffic from containers behind Gluetun does go through the VPN (confirmed by IP checks). ### The actual problem: speed When my download applications (especially SABnzbd) are routed through Gluetun/AirVPN via WireGuard, I only get about **8–10 MB/s** download speed. However: - Without AirVPN / without Gluetun (direct connection), using the same host, same Usenet provider and same test downloads, I get around **80 MB/s**. - If I take SABnzbd out of the VPN (normal Docker network, SSL directly to my Usenet provider), I’m immediately back at ~80 MB/s. So the bottleneck appears to be specifically the AirVPN WireGuard tunnel / routing, not my hardware, not Docker, and not my Usenet provider. ### What I have already tried 1. **MTU tuning** - I tested path MTU and ended up setting: - `WIREGUARD_MTU=1380` in Gluetun. - Before MTU tuning I was down in kB/s. - After setting MTU to 1380, speeds improved to ~9 MB/s, but that’s still far from the ~80 MB/s I get without VPN. 2. **Different servers / regions** - I first used `SERVER_REGIONS=Europe` / `SERVER_COUNTRIES=Germany`. - I then switched to **specific servers** with `SERVER_HOSTNAMES=<server>.airvpn.org` (mainly DE/NL servers with low load according to the AirVPN status page). - In all cases, the WireGuard tunnel works, but the throughput is stuck around 8–10 MB/s. 3. **Local checks** - Host CPU/RAM/IO are fine. - No container resource limits that would explain the cap. - The same host and same downloads without VPN consistently hit ~80 MB/s. ### What I would like to know - Is there any **known routing or peering issue** between German ISPs and certain AirVPN DE/NL servers when using WireGuard? - Are there **recommended optimal settings** (MTU, ports, specific servers or protocols) for high-throughput WireGuard usage with Docker / Gluetun? - Would you recommend trying **OpenVPN UDP** instead of WireGuard in my situation, and is it expected that WireGuard might perform worse in some routes? - Are there any additional **debug logs or tests** you would like me to run from my side (e.g. mtr from inside the tunnel to certain locations, specific AirVPN servers to test, etc.)? I fully understand that there is overhead and that I won’t necessarily get 100% of my line speed through a VPN, but dropping from ~80 MB/s without VPN to ~9 MB/s with AirVPN WireGuard is quite drastic. I’d be very grateful for any suggestions on how to troubleshoot or improve this. If needed, I can provide: - anonymized Gluetun logs, - specific server names I tested, - and speedtest outputs from inside the VPN tunnel. Thank you in advance for any help or hints! Yes i got help from AI english is not my first language -
-
-
Thank you! Please use the Configuration Generator. Turn on the "Advanced" switch. Generate a file with the Configuration Generator for WireGuard for the server or country you want to test. Download the file and edit it with any text editor. To begin with, add these parameters in the [Interface] section: Jc = 20 Jmin = 50 Jmax = 1000 S1 = 0 S2 = 0 H1 = 3 H2 = 1 H3 = 4 H4 = 2 Import the file into your PC AmneziaWG client, or use it with the AirVPN Suite component Hummingbird, and even in Eddie 4.0.0 (you can do it in the "VPN profiles" view once the file is in your Android device) and use it to test a connection in Amnezia mode. If it fails please try a connection directly from Eddie, without profile, in Amnezia WG. If it fails too enable QUIC mimicking in "Settings" > "Advanced" > "Custom AmneziaWG directives" and test again a connection. Keep us posted! Kind regards
-
I am just installing Eddie UI and using it. If you provide steps - I am in to test. I am currently on windows 11... Where should I edit [Interface] section? I cannot find any file with that in AirVpn installation folder.
-
Hello! It's available right now if you can edit the generated file. An integration with the configuration generator will require time so we suggest that you test by editing your own file (generated by the CG for WireGuard). Integration with Eddie Android edition is already available in the 4.0.0 beta version. ~100% success at the moment comes from reports from Russia and China. It would be good to have an additional report from Uzbekistan. 😋 Kind regards
-
AmneziaWG may be a good idea, but will require time.. It seams like AirVpn needs to follow these DPI and other restrictions and make sure that customers can just pay and use the service. I am using AirVPN for years and for the first time I was not able to connect to ANY server using ANY available protocol withing Eddie UI.. From Uzbekistan.
-
Up
-
Hello, My AirVPN was working fine 2 days ago but it's not able to connect to any server since yesterday's morning. I don't thing i've change or did anything particular. Here is the logs : . 2025.12.08 09:55:11 - Eddie version: 2.24.6 / windows_x64, System: Windows, Name: Windows 10 Pro, Version: 10.0.26100.0, Framework: v4.0.30319 . 2025.12.08 09:55:12 - Command line arguments (1): path="home" . 2025.12.08 09:55:12 - Collect network information . 2025.12.08 09:55:13 - Reading options from C:\Users\admin\AppData\Local\Eddie\default.profile . 2025.12.08 09:55:13 - OpenVPN - Version: 2.6.12 - OpenSSL 3.3.1 4 Jun 2024, LZO 2.10 (C:\Program Files\AirVPN\openvpn.exe) . 2025.12.08 09:55:13 - SSH - Version: OpenSSH_for_Windows_9.5p2, LibreSSL 3.8.2 (C:\WINDOWS\System32\OpenSSH\\ssh.exe) . 2025.12.08 09:55:13 - SSL - Version: 5.69 (C:\Program Files\AirVPN\stunnel.exe) I 2025.12.08 09:55:14 - Ready . 2025.12.08 09:55:15 - Collect information about AirVPN completed I 2025.12.08 09:55:15 - Session starting. . 2025.12.08 09:55:15 - Activation of Network Lock - Windows Filtering Platform I 2025.12.08 09:55:15 - Checking authorization ... . 2025.12.08 09:55:15 - Collect information about AirVPN completed ! 2025.12.08 09:55:16 - Connecting to Alphard (Netherlands, Alblasserdam) . 2025.12.08 09:55:16 - Routes, add 213.152.187.202/32 for interface "Ethernet (Realtek PCIe GbE Family Controller)". . 2025.12.08 09:55:16 - WireGuard > Setup start E 2025.12.08 09:55:29 - WireGuard > Error: Failed to start: not running . 2025.12.08 09:55:29 - WireGuard > Stopping ! 2025.12.08 09:55:29 - Disconnecting . 2025.12.08 09:55:40 - WireGuard > Completed . 2025.12.08 09:55:40 - Routes, delete 213.152.187.202/32 for interface "Ethernet (Realtek PCIe GbE Family Controller)". . 2025.12.08 09:55:40 - Collect network information . 2025.12.08 09:55:40 - Connection terminated. I 2025.12.08 09:55:43 - Checking authorization ... ! 2025.12.08 09:55:44 - Connecting to Alphard (Netherlands, Alblasserdam) . 2025.12.08 09:55:44 - Routes, add 213.152.187.202/32 for interface "Ethernet (Realtek PCIe GbE Family Controller)". . 2025.12.08 09:55:44 - WireGuard > Setup start E 2025.12.08 09:55:55 - WireGuard > Error: Unable to clean previous ring file (Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.) . 2025.12.08 09:55:55 - WireGuard > Stopping ! 2025.12.08 09:55:55 - Disconnecting . 2025.12.08 09:56:06 - WireGuard > Completed . 2025.12.08 09:56:07 - Routes, delete 213.152.187.202/32 for interface "Ethernet (Realtek PCIe GbE Family Controller)". . 2025.12.08 09:56:07 - Collect network information . 2025.12.08 09:56:07 - Connection terminated. I 2025.12.08 09:56:10 - Checking authorization ... ! 2025.12.08 09:56:10 - Connecting to Alphard (Netherlands, Alblasserdam) . 2025.12.08 09:56:10 - Routes, add 213.152.187.202/32 for interface "Ethernet (Realtek PCIe GbE Family Controller)". . 2025.12.08 09:56:10 - WireGuard > Setup start E 2025.12.08 09:56:31 - WireGuard > Error: Failed to start: not running . 2025.12.08 09:56:31 - WireGuard > Stopping ! 2025.12.08 09:56:31 - Disconnecting Could you help me? Kind regards, Michael
-
@Staff I have been using wurren for a long time without issues, getting 600mbit up and down. Since it's being decommissioned, I gave kornephoros a try. Unfortunately, I'm getting significantly slower speeds at 30mbit up and down. Are there any issues with it?
- Yesterday
-
Care to share some of those?
-
.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png)
TLS handshake failing on 2/3 servers
Staff replied to bananaphone69's topic in Troubleshooting and Problems
Hello! We're very glad to know that the problem is solved. From the OpenVPN manual: Since mssfix 1280 resolved the problem, a plausible explanation that comes to mind is that before the problem started your network had frames fitting the previous MTU, and this is no more possible now So, it could be a change on your ISP side. Kind regards -
TLS handshake failing on 2/3 servers
bananaphone69 replied to bananaphone69's topic in Troubleshooting and Problems
Hi, thanks for your prompt and helpful response. I will respond to your points in reverse, if that's okay. 1. On some devices I have the ufw/network-manager/ovpn config setup. All of them started failing on certain addresses around one week ago. On a different device where I use wireguard with port 1637, entry3, UDP, I have not had issues with any servers. I can also make an attempt with Eddie or other tools for comparison if that would help. 2. With or without ufw, I was not able to connect to any servers via openvpn CLI. 3. I added mssfix 1280 to the config file for Hercules (a problematic server) and it worked without issue. Adding the same to Libra (a non-problematic server) made no change and it still continues to function as normal. Failing all else, I can add this to all the config files and it should work but I don't understand why this has suddenly happened when I have made no change on the files on my side and about one third still work as normal without the additional mssfix line. Are there other diagnostics or fix attempts that would help clarify the issue? -
HowTo: OPNsense using Wireguard with IPv6 support
twistabled4alt replied to OPN-UserGuide's topic in How-To
Hello @OPN-UserGuide and AirVPN users in general, I've done the tutorial and the IPv4 part is working as intended. The IPv6 on the other hand is not working. Basically when setting up all as in the tutorial, IPv6 traffic works but wouldn't be recognized as it because the IPv6-ICMP pings are wrongly translated and it result in source and destination being the same (in this case the internal VPN IPv6 IP addr). The IPv6 is working on my LAN and I'm able to ping my router from the network. Any help would be greatly appreciated! Have a great day! -
Has anyone gotten remote access to work on MacOS? I've forwarded the port, set the local to 32400, and I've tried messing with the protocols and IP layers in the client area settings but nothing seems to work. It will connect for about 10 seconds... then drop. Any help would be appreciated.
-
Hello! Please note that the ability to connect over a generic HTTP, HTTPS, SOCKS4 and SOCKS5 proxies, especially those only supporting TCP, is an OpenVPN strong feature that's not matched by WireGuard. The flexibility and ease of OpenVPN to do it is very important for anyone connecting from behind a proxy (such a corporate proxy). This is a feature that we do no want to lose so phasing out OpenVPN in its entirety is not on the table at the moment. Another similar, powerful feature that WireGuard can not offer is establishing an SSH tunnel, or a TLS one (by stunnel typically) and then connect OpenVPN over it. However, a balanced approach is possible, and we are already moving toward that direction. For example, our kernel networking tuning is preferring WireGuard needs, not OpenVPN ones, although the approach is not too unbalanced. In the future we might also consider to lower the amount of concurrent OpenVPN processes we run on servers (we do it to aid balancing for the notorious problem you mention and for which a stable and easy to maintain DCO would be a solution). Kind regards
-
Hello! We have a report that makes us suspect that in Uzbekistan it's the IP addresses of various VPN servers (not only AirVPN, other VPN too), to be blocked "unconditionally". Anyway AmneziaWG is worth a test, with and without QUIC mimicking, toward all the wg ports of our servers. It has an incredibly high rate of success in Russia and China (higher than OpenVPN over SSH and shadowsocks) so it's definitely worth a test. Please keep us posted as we have literally three reports only from Uzbekistan including yours... If you need some parameters to test check here: https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/?do=findComment&comment=258644 and here: https://airvpn.org/forums/topic/59479-block-vpn-in-russia/?do=findComment&comment=237288 If you need some suggestions for the parameters In in order to mimic QUIC connection to some specific web site known to be not blocked in countries controlled by VPN hostile regimes, please contact our support team in private by opening a ticket. Kind regards
-
Traveling to Uzbekistan. I cannot connect to any AirVpn server anymore. It worked fine in USA. Any protocol available in Eddie UI do not work. Unfortunately I paid for the whole year of AirVPN service. Looks like the XRay or something similar is the way to go...
-
I vote this up as well, as the suggestion makes perfectly good sense. Personally I wouldn't mind if OpenVPN takes the decommissioning route. Although it still provides a solid solution, it's a product of its time and it shows (no kernel support, single threaded etc). Some VPN providers are either started or already phased it out. And I will assume the gains are in favour as much for the users as the providers themselves with WireGuard's being less demanding on the compute resources. My two pence
-
-
-
TLS handshake failing on 2/3 servers
Staff replied to bananaphone69's topic in Troubleshooting and Problems
Hello! Please note that the TLS handshake and anything else is performed by and between your system and the final web (or other service) servers. The VPN server is not a part of this process. Of course airvpn.org and ipleak.net do not block AirVPN servers. We would rather suspect some MTU related problem. Try to add in your OpenVPN configuration the following directive: mssfix 1280 Can you also test, in the problematic system, a connection by running OpenVPN directly and not relying on the network-manager-ovpn plugin? In the past it caused several different problems and it was deprecated. If the problem persists please test with ufw completely disabled. Do you mean that the problem doesn't appear at all on different systems using the same OpenVPN connection mode (entry-IP address, port and protocol)? Kind regards - Last week
-
TLS handshake failing on 2/3 servers
bananaphone69 replied to bananaphone69's topic in Troubleshooting and Problems
Thanks for your reply. The issue appears to be generalized (across almost all websites) and sudden enough (starting a week or two ago) that I would expect it's not that type of blocking. For instance, I can reproduce the error in ipleak.net and airvpn.org which naturally shouldn't be hostile to AirVPN servers. But if there is a different website or diagnostic you'd like me to try, I can do that. I can also confirm these servers are working okay on systems where I am not using this ufw/network-manager/ovpn config file method. -
TLS handshake failing on 2/3 servers
go558a83nk replied to bananaphone69's topic in Troubleshooting and Problems
Is this an issue of those sites blocking datacenter IP ranges or known VPN servers specifically? -
TLS handshake failing on 2/3 servers
bananaphone69 replied to bananaphone69's topic in Troubleshooting and Problems
Further update on this. I have tested all available 262 servers and found 90 to be working, 170 to fail at the TLS handshake stage, and 2 inconclusive (Algieba and Chamaeleon, listed as high packet loss and hardware failure on the config generator page). I have attached the list of servers without and with the TLS issue. Would appreciate support from staff or others. In over a decade of relying on AirVPN I've never encountered anything like this. Without_TLS_issue With_TLS_issue -
+1
-
i added it to compose Few attemps ago i tried with wg0.conf but docker didnt read it -
Hello! Yes, as the default settings are not adequate for high load and high throughput servers. Kind regards
-
Expose Jellyfin to internet through AirVPN port forwarding
Staff replied to charoki60's topic in Troubleshooting and Problems
Hello! Reading it is not sufficient, then you have to change your configuration accordingly. How did you add the end point (destination VPN server)? Kind regards
