Not connected, Your IP: 216.73.216.117
Online: 41980 users - 507178 Mbit/s total BWAll Activity
This stream auto-updates
- Past hour
-
-
-
-
-
-
-
- Today
-
-
-
- Yesterday
-
Please close Eddie, reopen, retry a connection, then provide a system report:.
-
-
-
-
The reason there is leakage is that you'retch not NAT'ing the traffic from the Synology to AirVPN. My suggestion is to do the following: For the purposes of this guide, I'll call whatever device you're using to access the OpenWRT Web Interface as "laptop", but in reality, it can be a desktop, smartphone, tablet, or anything else with a web browser. (Topmost Menu is the Black Bar of OpenWRT LUCI, which has, by default: OpenWRT, Status, System, Network,Tools): 1. Reset your OpenWRT router to default settings(but the firmware should still be OpenWRT, not the stock firmware). 2.For now, Just plug your laptop into a LAN port so you can configure the router according to the next steps here and the WAN port to your pre-existing network, so that you can install Wireguard . 3. Install the OpenWRT Package for Wireguard 4. Download the AirVPN config file you want to use onto your laptop. 5. Disconnect the router from your pre-existing network that was attached via the WAN port, but leave your laptop plugged in. From here on out, you will not have internet access as you're configuring the OpenWRT router, but you will regain it later at the step where I tell you to reattach the cable from the network to your OpenWRT. You MUST do this, else the next step will fail. DO NOT plug your pre-existing network into any hole on the OpenWRT till you reach the step where I tell you to do so. 4. !!!VERY IMPORTANT!!! PLEASE READ THIS STEP IN FULL, INCLUDING THE EXPLANATION AT THE END Go to Network>Switch and assign 1 port to VLAN 1(We'll use this for LAN) and VLAN 2(We'll use this for your NAS). To assign a router port to a VLAN, within a single row, select "untagged" for the port you want to assign to the VLAN, "off" for very other port, and "tagged" for CPU(eth0). Your table can look like this(I'm going to write it out in JSON-style, where a JSON single object is a table row, the key is a column header, and the value is either what you write in the empty box or select from a dropdown in the empty box. I'm doing this because actually recreating a table in text is more challenging than I'd like) {VLAN ID:1, Description:"", CPU(eth0): tagged, LAN 1: untagged, LAN 2: untagged, LAN 3: off, LAN 4: off, WAN: off }, {VLAN ID:2, Description:"", CPU(eth0): tagged, LAN 1: off, LAN 2: off, LAN 3: off, LAN 4: off, WAN: untagged }, {VLAN ID:3, Description:"For NewLAN", CPU(eth0): tagged, LAN 1: off, LAN 2: off, LAN 3: untagged, LAN 4: off, WAN: off }, {VLAN ID:4, Description:"For NAS", CPU(eth0): tagged, LAN 1: off, LAN 2: off, LAN 3: off, LAN 4: untagged, WAN: off } You're free to choose different ports than what I choose here, as long as your choices are consistent between this step and the following steps. Notice that when I donate a port to NAS and to NewLAN, I remove those same ports from LAN. That is, when I mark them as untagged for the New VLANS I create, I mark them as off for the pre-existing LAN bridge. Whatever you do, DO NOT donate the port that your laptop is currently plugged into to NewLAN or to NAS. 5. Go to the Network>Interfaces Section of OpenWRT and create 3 interfaces, NewLAN, AirVPN(This is what I'll call your Wireguard Interface from now on), and NAS. 5.1.Set the Device of NewLAN to the VLAN ID 3 from earlier, then give it an IP address that is in the same subnet as your pre-existing LAN(i.e. if your pre-existing LAN's gateway is 192.168.1.1, then a potentially nice candidate is 192.168.1.254, if you don't have another device sitting there yet), but not part of the DHCP range. Set the gateway to be the address of your pre-existing router. DO NOT plug the OpenWRT into your pre-existing LAN yet. DO NOT enable DHCP Server on this interface 5.2. Set the Device of NAS to VLAN ID 4. Then, give this interface an IP address that is outside your pre-existing subnet, and also that is not in AirVPN's IP 10.0.0.0/8 range. For example, if your pre-existing LAN is 192.168.1.0/24, then make this interface have address 192.168.2.1. If you have more than 1 LAN, choose a new address that is not part of any network you have yet. Enable DHCP Server on this interface. Set the MTU to be the same as the MTU of your Wireguard conf from AirVPN. 5.3. Copy the Wireguard config file into the AirVPN interface. You will be able to select the Device to bind the new interface to in the Device: field after clicking the "Add new interface..." button in network Interfaces. Do not assign any pre-existing firewall zone to any of these new interfaces. Create a new zone for each. 6. In Network>Firewall, if these zones do not exist yet, create 3 new zones called NewLAN, NAS, and AirVPN. Enable Masquerading for all of these interfaces. Allow NAS to forward to AirVPN. Allow NewLAN to forward to NAS. Allow INPUT, OUTPUT, and Intrazone Forward for NewLan and NAS. Allow OUTPUT but block INPUT and Intrazone Forward for AirVPN. If they already exist, still configure them as I told you. 7. Go back to Network>Interfaces, then edit NewLAN, AirVPN, and NAS interfaces. For each of them go to the Firewall Settings tab (visible after clicking Edit) and set each interface to the firewall zone with the same name. 8. Plug your pre-existing router into the port you donated to NewLAN. 9. Plug your NAS into the ethernet port you donated to NAS. 10. Find out what the IP of the NAS is from Status->Overview and scrolling down. 11. Go to Network->DHCP and DNS->Static Leases and add a static lease for the NAS using the IP address you learned from step 10. Set the lease time to infinite 12. Go to Network->Firewall->Port Forwards and Add a Rule. Specify AirVPN as Source Zone and NAS as Destination Zone. Fill Internal Address with what you learned from step 10. Try your best to make the internal and external port the same. If you cannot, either remap the port from AirVPN's Port Forward page in the Client Area or here in OpenWRT's Port Forward Window. 12. Activate the Wireguard Profile 13. Test the setup 14. Please report the results back here. If there is an error in this guide, let me know so I can correct it. - Last week
-
Hagezi is great, and i mean great. I exclusively use their Ultimate list and get virtually zero false positives, and when there is one they are the fastest to remove it (even if i never encountered one, whereas i used to a lot with other lists). If the Air team adds it I hope they consider the Ultimate and Pro++, not only Pro. If you feel like it i consider giving it a chance as well!
-
Got this message today on Tahoe. I know it could be a while before they shut down Rosetta but this message may alarm some Mac users.
-
Little update. After i was advised to use Wireguard and that the NAS did not provide any native support i remembered i had an old tplink archer C7 lying around and wondered if i could do a middle box of it. Long story short : I flashed it for openwrt, made it a dumb ethernet access point (no WAN, no DHCP, no wifi), installed wireguard and managed to setup airvpn. I then connected the nas to it but now i have a bit of an issue : dumb AP works as even with the openwrt router between may main gateway (isp box) and the NAS i can find it and access the DSM UI fine but then when i activate the wireguard interface i loose connexion. The connexion from my PC is wifi to ISP box then ethernet to openwrt then nas. My take is that the wireguard interface tunnels all to the airvpn exit node and there is no way for me to reach the nas from the LAN with it's local IP) Is there a way to dissociate so that the WG connexion is only for outside of the actual LAN (the DSM VPN system did that perfectly) ? May be some port routing black magic (because honestly i only need the torrent to go trhough the vpn, rest not so much) BTW also noticed that with the WG interface activated, the tailscale network i use to reach the nas from outside loose trace of it when it never did it with the openvpn on DSM. EDIT : after tweaking for hours i now have access to the devices after the router but the traffic doesn't go to the router and ip leak test show my torrents on my own. I found places where they seem to think that dumb AP and vpn client just don't work as the principle of dumb AP is to be transparent. -
-
-
-
-
-
HowTo: OPNsense using Wireguard with IPv6 support
DeepAnger replied to OPN-UserGuide's topic in How-To
I could have a public IPv6 from my ISP (in relay mode because they don't give PD) but I decided not to use them. I don't use pfsense but I disabled the wan6 interface and made the LAN to act as a DHCPv6 and SLAAC server. For the port forwarding to work (on OpenWrt) I had to define a port forward rule (from WAN and VPN to a LAN device) and a traffic rule. IPv6 masquerading is needed too for outbound traffic on the WAN+VPN firewall zone. Now, I have both IPv4 and IPv6 working for my selected ports to forward on the LAN (and a perfect result on ipleak.net site). -
Hi there, I'm trying to get Eddie to run on a headless server. Instead of running -user=xx -pass=yy in the terminal, I'd like to get the profile to remember user/pass. However, this seems impossible: https://airvpn.org/forums/topic/79263-eddie-cli-remember-not-remembering/?tab=comments#comment-261130 Did anyone find a workaround for this situation? Since the default.profile file is encrypted, copying it from another machine wont work.
-
That's a great feature to have so at least keeps you protected. prevent app or the os from making queries out side of the vpn making easier for your isp to see what you are searching for
-
ry9811 reacted to a post in a topic:
Why do AirVPN DNS servers hate the website usps.com so much? ...
-
HowTo: OPNsense using Wireguard with IPv6 support
Joe Bleau replied to OPN-UserGuide's topic in How-To
I don't have an IPv6 address from my ISP so I have my own local ipv6 network. Some people consider this setup broken as ipv6 addresses are supposed to be globally unique and handed out by ISPs. -
Internet Blocked When Eddie VPN off
bijour replied to VortexSimp482's topic in Eddie - AirVPN Client
If you think you've an issue with your routeur or your ISP, then go inside your routeur launch your routeur diagnostics to see if you have internet before you toss everything away. I'd disable the auto connect on startup in Eddie and the network lock, then close Eddie. If need be reset the connexions in the network and sharing center. And reboot the computer. Your DHCP should be ok. Then see whats hapenning with putting back Eddie. If you've renewed your public key in your client area, you may get somes issues with Eddie still using your previous key. I've already made a fool of myself with a distant computer because Eddie is not automatically relocking with the new certificate so the computer was unreachable. -
Is this the kind of socks5 proxy?
-
Well i think that's a new Download speed record if i'm not mistaken using Toliman in Switzerland via gluetun used for qbt only although i'm curious why upload is drasticly lower i've symetrical 8gbps fiber line so that's not it and when i run that on my host network i get 7gbps down 5/6gbps up using wireguard config on port 1637 mtu of host is at 1500 mtu of wireguard tunnel is 1320 will keep trying by increasing that to 1420 which is the theoritical best value edit 1 : new record with mtu 1420 seems to be the highest i can get to avoid fragmentation
-
I tried many script found in this forum, but seems all not work for me 1. I connected to a random server by using AirVPN UI 2. Start the "ROTATING Script" 3. I use what is my IP to check my public IP, every 24 hours, no change. Anything I did wrong ? How to make my AprVPN rotating server every 15 mins ? Please help !
-
-
-
-
-
-
I have a Unifi Dream Machine SE (UDM-SE), configured AirVPN with wireguard client inside of it. I am trying to force all traffic inbound/outbound of my qBittorent lxc through the wireguard client. I can download torrents just fine, but I am unable to seed and upload for anyone which is killing my tracker ratio. On the UDM-SE I have LAN-In firewall rule to allow anything from my AirVPN going to my qBittorrent, I have a DNAT from any traffic on the specific AirVPN port to be translated to the qBittorrent IP, I have a policy based route taking any traffic from my qbittorrent and sending through the wireguard client. I have qbittorrent listening on the forwarded port. I'm at a loss as to "Test Open" is failing for the forwarded port I have. I'd greatly appreciate a look over from anyone -
-
Sorry, but you are out of luck. OpenVPN (AES) puts a lot of strain on weak Synology NAS CPUs. Wireguard is an option, but I don't think DSM supports it.
-
Hi, i followed the guide on my older 1511+ (DSM 6.2) but it kills my speed. I have fiber, can download at 80Mo/s but with the vpn connected it falls to 6-8Mo/s I was told that the NAS had issues with openvpn being too load heavy and i should turn to wireguard which seems to be an IT nightmare on its own with homemade SPK and then SSH config an scripting on top of that. Is there a way to make openvpn perform that doesn't entail 3 years of advanced IT network research and learning how to linux ? (and as my nas is getting very much old is there a brand that has a UI as good as DSM or better AND is better with vpn clients ?)
-
Hello! We can't provide an ETA right now but stay tuned. Are you sure that blocks from Russia are effective when you use QUIC CPS of a real .ru website? According to a few reports, that's good to bypass current blocks. However, it must be said that different ISPs implement different blocking techniques. Kind regards
-
I'm in Iran. The only way I am able to connect to internet is through a socks5 proxy, though it's still censored. I wonder if AirVPN supports using a upstream socks5 proxy? The only other option is TOR, but I can't use it for many things, like downloading torrents.
-
I know I reply to an old question but I found a few related unanswered questions here before I tried to fix this (IPv6 not working). My router now runs OpenWrt 25.12.2 I did several tests before having both IPv4 and IPv6 working. Unlike with IPv4 where you have only a few changes to make (select Route Allowed IPs on the VPN Peer and add the VPN in Covered networks with the WAN zone) there's more needed for IPv6. I started by disabling the wan6 interface. I had to enable both DHCPv6 and SLAAC on the LAN interface to have only private IPv6 addresses. Finally a static IPv6 route to the VPN was added and IPv6 masquerading enabled.
-
Could you please provide an approximate timeline for implementing this functionality? Currently, the above-mentioned restrictions in the amnezia wg protocol settings of the airvpn servers unfortunately do not allow overcoming blocks from Russia. I have to use other services with a paid airvpn subscription. Thank you.
-
ignore the green block, that's my addition to the screenshot
-
by leaks if you mean when your vpn drops out wiresock comes with a killswitch feature so your good @flat4 edit: nevermind I don't know how english works and i didn't catch what you meant, and i still kinda dont sorry
-
I dropped the Wiregard approach as while i found and spk, after that it's mostly SSh as there is no native UI and that's somehow above my paygrade (and as said all the guide i find for syno/wireguard are taylored for the server side or access point, no as an exit strategy). I saw some post about raspberry middle box and i'll look into it thanks.
-
Highly seconding the demand for per-app traffic splitting in Eddie, would love love love to have that feature without the need for other applications.
-
-
In China, Airvpn can works well? Some one uses it in China? I want to use a VPN for long terms and don't expect it is blocked.
.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png){kind=avatar}
