AirVPN Additional Proxy

[EMULE 21]

Currently, AirVPN only has three options for bypassing the block: SSH SSL and AmneziaWG, which is already quite excellent for a VPN provider.

However, these options are still insufficient in the face of the ever-evolving GFW and other national firewalls.

Perhaps we can outsource the protocol obfuscation part to other proxy providers, while leaving the basic privacy protection part to AirVPN.

I have implemented the addition of dedicated proxies from other vendors in Eddie. I set a hybrid proxy port x in the Clash software and set a SOCKS proxy 127.0.0.1:x in Eddie. This way, traffic goes through the proxy first and then is forwarded to the AirVPN server. I can use the obfuscation performance of the proxy protocol to obfuscate AirVPN traffic.

This makes a wide variety of obfuscation protocols available, such as Vless, AnyTLS, Hysteria2, Shadowsocks, Trojan, and Vmess. Using a proxy provider combined with a VPN provider allows me to bypass internet censorship smoothly, which is a good idea.

[Tech Jedi Alex 1534]

I remember many people asking for direct Shadowsocks and other protocol support, which won't be implemented anytime soon, especially if usage of these protocols is possible in parallel with Eddie (and other VPN software supporting proxies).

If it's not a big ask, could you provide a guide on how to set this up? I think you will meet some tangible demand.

[EMULE 21]

Of course. The steps are as follows:

1. Configure Clash (agent software)
Import proxy nodes using a proxy vendor link (proxy nodes can use any protocol).
Clash settings - Port - Socks port - Enable - Set to 10000 (the port number can be anything).

2. Configure Eddie
Eddie settings - Proxy/Tor - Type - socks - When - Always - Host - 127.0.0.1 - Port-10000 - Authentication - none
Eddie Settings - Protocol - Select OpenVPN TCP 443
Eddie Settings - Network Lock - Uncheck "Ensure in Session"
save

3. Connection
To use it, first open Clash and connect to the proxy node using the system proxy mode, then open Eddie and connect to the server.

4. Diversion
With this setup, all software still uses the proxy node and does not go through the AirVPN server, so traffic splitting is necessary.
(There may be professional software for setting up traffic splitting rules, but I didn't use it; I'm just sharing my approach.)
For browsers, the ProxySwitch plugin can be used to select direct connection mode.
For other applications, they can listen on port 10003 of the AirVPN port forwarding service (this is different from the Socks port; it's the port number for port forwarding set in the AirVPN panel; it can also be any port).

This allows you to route traffic through a proxy node for obfuscation before it passes through the AirVPN server, effectively enhancing the obfuscation effect.

[EMULE 21]

The IP address was detected as an AirVPN server IP, which was leaked via WebRTC.

The IP was traced back to the proxy node IP, and could not be traced back to the local machine IP, so it can be considered secure.

[EMULE 21]

The actual experience is quite good.

The speed is on par with AmneziaWG, or even faster.

If a dedicated proxy node is used, it may be able to run at full bandwidth, with speeds far exceeding SSH and SSL.

[EMULE 21]

Many users might think it's unnecessary, since using a proxy is sufficient to bypass the Firewall.

I'd like to share my perspective:
proxy providers only promise to offer specialized technology for circumventing the firewall, without guaranteeing user privacy or maintaining network neutrality. Furthermore, proxies are usually cheaper than VPNs, meaning some low-priced providers might profit from user information. Using only a proxy puts your information at risk. For a while, I only used a proxy to bypass the GFW, and I received a lot of spam, which was extremely annoying. Therefore, I decided to use a proxy in conjunction with a VPN. My traffic is encrypted through OpenVPN and forwarded by AirVPN servers, significantly increasing the difficulty for proxy providers to obtain my information, thus protecting my privacy. AirVPN didn't disappoint in terms of privacy protection; I didn't receive any spam while using it. Simultaneously, by utilizing proxy protocol technology, I can use numerous protocols to bypass the GFW's interference and blocking, which is superior in terms of obfuscation, privacy, and network neutrality.