Jump to content
Not connected, Your IP: 54.157.61.194

Leaderboard


Popular Content

Showing content with the highest reputation since 02/19/24 in all areas

  1. 5 points
    Staff

    Two new 10 Gbit/s servers available (NL)

    Hello! We're very glad to inform you that two new 10 Gbit/s servers located in Alblasserdam (the Netherlands) are available: Menkent and Piautos. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. The servers support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Menkent https://airvpn.org/servers/Piautos Do not hesitate to contact us for any information or issue. Kind regards and datalove
  2. 4 points
    Staff

    Six new 1 Gbit/s servers available (US)

    Hello! We're very glad to inform you that 6 new 1 Gbit/s (full duplex) servers located in Miami, Florida (USA), are available: Aladfar, Ascella, Chertan, Elkurud, Giausar, Meleph. The servers supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Aladfar https://airvpn.org/servers/Ascella https://airvpn.org/servers/Chertan https://airvpn.org/servers/Elkurud https://airvpn.org/servers/Giausar https://airvpn.org/servers/Meleph Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Staff
  3. 4 points
    Staff

    Termination of service in Italy

    Hello! We were easy prophets in this case. The catastrophic blackout referred to in the article is a concrete example of the risk we denounced, a violation of fundamental rights, a confirmation of the wisdom of our decision and a demonstration of the irresponsible and odious frivolity of decisions taken by private actors. Our infrastructure must not be polluted by repugnant decisions taken by private entities that seem to have little or no technical competence and that, so far, enjoy impunity for any mistake, no matter how serious. Kind regards
  4. 3 points
    Staff

    Eddie Desktop 2.24 beta released

    Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.24 beta. It is ready for public beta testing. How to test our experimental release: Go to download page of your OS Click the button Switch to EXPERIMENTAL Download and install This is a new version of Eddie Desktop (Windows / Linux / MacOS). We know there is still 2.21.8 as stable, and 2.22.x and 2.23.x series never reached the stable version. We hope that this version 2.24.x will be tested and reach a stable release. Internally (in terms of development and code) it represents a significant step forward for us: the CLI editions are compiled with dotnet 7, without Mono, Xamarin and any dependency on NetFramework (Windows) or Mono (Linux, MacOS). All CLI projects can be opened in Visual Studio Code and debugged on any OS (macOS, Linux, Windows) without the need to use Xamarin, Visual Studio or Visual Studio for Mac. A new UI is in the works that will finally remove the dependency on Mono and Xamarin, but we don't have a release date to announce yet. The MacOS CLI is new (previously there was only the UI, or the UI with "-cli"), and it's also native for arm64. Overall, there has been a significant effort to clean up and modernise the code, and to prepare our build/deploy scripts for the new UI as well. We understand that there are still tickets or posts that we haven't responded to yet, but we preferred to complete this step first. Main changelog: [new] WireGuard is now the default communication protocol [new] All CLI editions can be compiled and debugged with VSCode and .NET7 [new] [macOS] CLI-only edition, built with .NET7, without Xamarin [new] New commandline only option "elevated.method" [change] OpenVPN 2.6.9 [change] [linux] CLI edition, built with .NET7, without Mono [change] [linux] .deb and .rpm, removed Mono dependency [change] [linux] .deb package tries to initialize elevated service at install/uninstall, .rpm package still missing this feature. [change] [windows] CLI edition, built with .NET7 [change] [all] Better management of SIGTERM signal [change] [all] Don't check if app dir is writable for portable-mode, now managed by presence of "portable.txt". [bugfix] [linux] terminal issue with sudo elevation [deprecation] [all] -cli mode for UI. Use CLI edition directly, now available in all supported platform. [deprecation] [windows] Vista builds [deprecation] [windows] Windows Firewall Network Lock mode [deprecation] [linux] x86 builds [deprecation] [linux] Portable Mono builds
  5. 3 points
    I may have had similar issue as OP. For me the CPU usage of Eddie-UI.exe was in range od 0.5%-3% constantly (even when Eddie was hidden in the tray). Since Eddie is open-source and I'm a .NET engineer (I troubleshot a lot of app performance problems at work) I sat one Saturday afternoon and found that the issue was in the method call that gets network interfaces from system. The fix is a couple lines of code - store NetworkInterface objects in process memory (monitor for changes) and call GetIPv4Statistics() on them instead if creating new ones every time. I'm running with this custom Eddie build for over a year now without observing regressions and the CPU usage is stable at 0.0-0.1% in background After seeing this topic I re-tested with and without the patch on version 2.24.2. The results are visible on the screenshots. @Staff Feel free to test this patch [git apply file.patch] I'm using Windows - haven't tested other platforms BR network-interface-get-improvement.patch
  6. 2 points
    Staff

    End of season sale

    Hello! We're very glad to announce a special promotion on our long term Premium plans for the end of Summer or Winter, according to the hemisphere you live in. You can get prices as low as 2.06 €/month with a three years plan, which is a 70% discount when compared to monthly plan price of 7 €. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy All reported discounts are computed against the 7 EUR/month plan. Promotion expires on 2024-03-25 UTC. Kind regards & datalove AirVPN Staff
  7. 2 points
    mnzx

    Eddie Desktop 2.24 beta released

    Hi, this happens on a Debian Bookworm machine after upgrading eddie-ui to 2.24.1 Some logs: $ eddie-ui [ERROR] FATAL UNHANDLED EXCEPTION: System.TypeInitializationException: The type initializer for 'Mono.Unix.Native.Syscall' threw an exception. ---> System.DllNotFoundException: /usr/lib/../lib/libMonoPosixHelper.so assembly:<unknown assembly> type:<unknown type> member:(null) at (wrapper managed-to-native) Mono.Unix.Native.Syscall.get_at_fdcwd() at Mono.Unix.Native.Syscall..cctor () [0x0000a] in <109e73170c824cceae3aaa135a64841a>:0 --- End of inner exception stack trace --- at System.Windows.Forms.XplatUIX11.UpdateMessageQueue (System.Windows.Forms.XEventQueue queue, System.Boolean allowIdle) [0x000f2] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.XplatUIX11.UpdateMessageQueue (System.Windows.Forms.XEventQueue queue) [0x00000] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.XplatUIX11.GetMessage (System.Object queue_id, System.Windows.Forms.MSG& msg, System.IntPtr handle, System.Int32 wFilterMin, System.Int32 wFilterMax) [0x0001c] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.XplatUI.GetMessage (System.Object queue_id, System.Windows.Forms.MSG& msg, System.IntPtr hWnd, System.Int32 wFilterMin, System.Int32 wFilterMax) [0x00000] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.Application.RunLoop (System.Boolean Modal, System.Windows.Forms.ApplicationContext context) [0x0034e] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.Form.ShowDialog (System.Windows.Forms.IWin32Window owner) [0x001b7] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.Form.ShowDialog () [0x00000] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at System.Windows.Forms.MessageBox+MessageBoxForm.RunDialog () [0x00039] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at (wrapper remoting-invoke-with-check) System.Windows.Forms.MessageBox+MessageBoxForm.RunDialog() at System.Windows.Forms.MessageBox.Show (System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon) [0x0000a] in <1ad3b9c5e8484f3cb4aaaf843739b786>:0 at Eddie.Forms.Linux.Program.Main () [0x000cc] in <f3c97e9149814a4b8fca99d0f2530ed5>:0 $ sudo apt upgrade $ sudo apt autoremove $ grep "upgrade " /var/log/dpkg.log 2024-02-29 08:05:53 upgrade eddie-ui:amd64 2.24.0 2.24.1 $ grep "remove " /var/log/dpkg.log 2024-02-29 08:06:39 remove ca-certificates-mono:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove cli-common:all 0.10+nmu1 <none> 2024-02-29 08:06:39 remove libmono-system-windows-forms4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove libmono-system-drawing4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove libgdiplus:amd64 6.1+dfsg-1+b1 <none> 2024-02-29 08:06:39 remove libgif7:amd64 5.2.1-2.5 <none> 2024-02-29 08:06:39 remove libmono-accessibility4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove libmono-btls-interface4.0-cil:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove mono-utils:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:39 remove libmono-webbrowser4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-posix4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-i18n-west4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-i18n4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-system-data4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-system-enterpriseservices4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-system-transactions4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-system-runtime-serialization-formatters-soap4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmonoboehm-2.0-1:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove libmono-corlib4.5-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove mono-runtime:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove mono-runtime-sgen:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove mono-gac:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove mono-4.0-gac:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:40 remove mono-runtime-common:amd64 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system-security4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-security4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system-core4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system-numerics4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system-xml4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-system-configuration4.0-cil:all 6.8.0.105+dfsg-3.3 <none> 2024-02-29 08:06:41 remove libmono-corlib4.5-dll:all 6.8.0.105+dfsg-3.3 <none> Three days ago all went well upgrading from 2.23.2 to 2.24.0 $ uname -a Linux 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 GNU/Linux Thank you for your work!
  8. 2 points
    svenmaninov

    Eddie Desktop 2.24 beta released

    I see this as well. I also see when making the upgrade from stable to experimental the following packages are removed: ca-certificates-mono cli-common libgdiplus libmono-accessibility4.0-cil libmono-btls-interface4.0-cil libmono-corlib4.5-cil libmono-corlib4.5-dll libmono-i18n-west4.0-cil libmono-i18n4.0-cil libmono-posix4.0-cil libmono-security4.0-cil libmono-system-configuration4.0-cil libmono-system-core4.0-cil libmono-system-data4.0-cil libmono-system-drawing4.0-cil libmono-system-enterpriseservices4.0-cil libmono-system-numerics4.0-cil libmono-system-runtime-serialization-formatters-soap4.0-cil libmono-system-security4.0-cil libmono-system-transactions4.0-cil libmono-system-windows-forms4.0-cil libmono-system-xml4.0-cil libmono-system4.0-cil libmono-webbrowser4.0-cil libmonoboehm-2.0-1 mono-4.0-gac mono-gac mono-runtime mono-runtime-common mono-runtime-sgen mono-utils Looking at the apt package dependencies, I see eddie-ui:amd64 2.21.8 (stable) depends on: libc6 (>= 2.3.2) sudo curl libnotify-bin mono-runtime mono-utils libmono-system-core4.0-cil libmono-system-windows-forms4.0-cil openvpn stunnel4 libsecret-tools libayatana-appindicator3-1 while eddie-ui:amd64 2.24.1 (experimental) only depends on: libc6 (>= 2.3.2) policykit-1 curl libnotify-bin openvpn stunnel4 libcurl4 libsecret-tools libayatana-appindicator3-1 so some mono deps seem to have been missed.
  9. 2 points
    drum

    Eddie Desktop 2.24 beta released

    same as zsam288 w10 fast start disabled AirVPN "Exit confirmation prompt:" disabled
  10. 2 points
    zsam288

    Eddie Desktop 2.24 beta released

    When i boot my pc I have eddie set to start on logon, however I get attached errors. Seems this has to do with the service not being started yet? After I close the 2nd error nothing happens. When i then open eddie manually it starts fine this didn't happen on 2.23 My settings:
  11. 2 points
    MarkDubya

    Eddie Desktop 2.24 beta released

    I installed the Arch package and there is no tray icon. It seems the PNG icons are missing from /usr/share/eddie-ui/. EDIT: It seems the eddie-tray binary is missing from /usr/lib/eddie-ui/.
  12. 1 point
    Staff

    Download speeds repeatedly drop to 0

    @flyinryan62161 Hello! The problem can be caused by an unstable line or an inappropriate MTU. Please make sure that your router firmware and your network interface driver are both up to date. If you connect your device to your router via WiFi try to get a stronger signal and change channel properly. If you connect via cable, please test a replacement Ethernet cable. If you connect your device to to the VPN via WireGuard test small MTU sizes, starting from 1280 bytes. If you connect via OpenVPN over UDP, try to add the mssfix 1280 directive or switch to TCP. Should you need more specific support on points 3 and 4, please specify your Operating System name and version as well as the software you run to connect to AirVPN servers. Kind regards
  13. 1 point
    Devante Weary

    No Servers in France ?

    I know this is a year and a half later but you just cannot see what we see being on the outside. France heavily censors their online content. Of course being INSIDE a propagandized country, you wouldn't see it. However, I'll give you an example. When Rumble wanted to stream in France, France demanded the censor a bunch of their content based on "disinformation" which was really just videos questioning the COVID jab and other political topics. No matter what you believe, if you can't at least TALK about something, that's called censorship.
  14. 1 point
    reversevpn

    Perfect as Infrastructure

    AirVPN's static ips and port forwarding can be leveraged to create site-to-site VPNs at a fraction of the cost of obtaining public ips from my ISP, which is great for me as a network admin. For those who are so inclined, you can combine nginx, flask, airvpn, and your choice of hardware to replace even VPS services as a backend for your apps. If you have high-speed internet, you will never find a VPS solution more cost-effective than AirVPN + your own hardware. As an added bonus, your services become somewhat shielded from DDoS attacks because you don't have to reveal your machine's physical IP, and you can use the 5 allowed sessions to perform multihoming and provide redundancy.
  15. 1 point
    reversevpn

    Perfect as Infrastructure

    A High-Level Guide to Both Use Cases (Ask if you need to go deeper down to implementation details): Site-to-Site VPN: Example Scenario: You have a head office whose LAN is 192.168.100.0/24, and you have a branch office whose LAN is 192.168.200.0/24. You want seamless IP routing between both offices, so that any machine on one LAN can access any machine on the other LAN. 1. Download an AirVPN Wireguard Config File for a server physically close to the head office. 2. Forward a random UDP port using AirVPN's port-forwarding menu, but remember what port it is. Let's call this port X. 3. Create a systemd-nspawn container on a machine on a Linux box in the head office. 4. Upload the wireguard config file from step 1 into the container in step 3. 5. Using iptables in the container, port-forward port X as-is from the container to the machine that the container is running on(iptables -t nat -A PREROUTING). 6. Also using iptables on the container, masquerade traffic coming from the host machine and exiting through the AirVPN wireguard interface, and vice-versa (iptables -t nat -A POSTROUTING (insert -i and -o directives here) -j MASQUERADE) 7. On the container, block all traffic that neither goes to/comes from the AirVPN server, nor is to/from port X, nor has been established yet. 8. On the host machine of the container in the headoffice, setup a listening wireguard process (configuration in /etc/wireguard) that listens on port x, has address 192.168.y.z, where y and z are arbitrary numbers between 0 and 255 that do not correspond to an existing IP address in either the head office or the branch office, and that has a peer for whom the allowed IPS are 192.168.y.w (y is the same y as you chose earlier, w is a number that causes 192.168.y.w as a whole to not be a currently used IP address ) and 192.168.200.0/24. 9. Appropriately setup routing rules on both the host machine that the container in the headoffice is running on, and the router in the head office, if the host machine of the container is not also the router. 10. On a Linux machine in the branch office, set up a wireguard process that has IP address 192.168.y.w and has a peer whose endpoint is a.b.c.d:X , whose AllowedIPs are 192.168.y.z and 192.168.100.0/24, whose PublicKey is a match for the private key of the wireguard process in step 8, and whose PersistentKeepalive is 10. a.b.c.d is the Exit Ipv4 address of the AirVPN server you picked in step 1. You can find this in the Sessions section of AirVPN's client area. 11. Appropriately set up routing rules on both the box that Wireguard is running on in the branch office, and the router of the branch office, if the machine that the wireguard process you created in step 10 is running on is not also the router of the branch office. 12. If you did everything right, the site-to-site VPN should now be fully operational. AirVPN as app backend: 1. Follow steps 1-7 from the Site-to-Site VPN guide, except that the head office is now simply where you have your physical server, and you are now forwarding TCP instead of UDP on port X. 2. Change the host->container mtu to 1420, but leave the container->host mtu at 1500. 3. Install nginx on the host machine of the container in step 1. 4. For each HTTP endpoint that your app uses, add a location/endpoint {} block in /etc/nginx/sites-enabled with a single proxy_pass directive to whatever process your backend is. For example, if you have a gunicorn server listening at 127.0.0.1:5000, then you should write proxy_pass http://127.0.0.1:5000/{name_of_endpoint}l in each endpoint's location block. 5. Set up SSL on the nginx server, so that traffic between your users is HTTPS. It's ok that the traffic between nginx and your backend is unencrypted HTTP, provided that both are running on the same machine and that you configured the backend to listen ONLY on the localhost interface. This completes the backend of your app. 6. In the frontend of your app(could be a PWA, Desktop app, Android App, or an iOS app; the point is that this is the part of your app that your users interact with), direct all http requests to a.b.c.d:X, where a.b.c.d is the exit address of the AirVPN server you chose, and X is the random port you chose. 7. Test your app to verify that it is working as intended. Interesting note: Provided that you ship your app as a native app(Desktop app, android app, or iOS app) instead of a PWA app, most of your users will never notice that you are using port X. The more technically inclined among them may find out using tcpdump or wireshark, but the vast majority will behave as though you hosted your backend on AWS or similar instead of hosting it on a machine sitting behind AirVPN. However, if you buy a 3-year plan from AirVPN during Halloween, you have probably by now both reduced your recurring cost to 20% of what it would have been had you gone with a modest VPS plan AND you now have unlimited egress/ingress traffic thanks to AirVPN's unlimited bandwidth policy. In case you do not want a single point of failure but want several copies of the backend running in different places, you can have up to 5 backends(1 for each session AirVPN gives you) by repeating steps 1 to 4 for each copy of your backend. Just configure your frontend to randomly choose which backend to connect to, then choose a different one if the connection fails. Note that this method is agnostic of what your application actually does. It could be a scheduling app, a turn-based game, an online store, or whatever you can imagine, except perhaps a real-time game where even single frames matter. The only drawback is the increased latency because of including the AirVPN server in the path between your users and your backend, but if your app is not latency-sensitive, or if your server is extremely, physically close to one of AirVPN's servers(think same city block), latency will not be a problem.
  16. 1 point
    Hey all, Just made the switch to Air today. Like many of you, I jumped ship due to another popular VPN service ceasing support for port forwarding. So far I'm loving what I've seen from the community and the actual real communication from AirVPN themselves, that's awesome to see. In a way I'm glad this happened as I was forced to discover Air. What I am missing however is the speed. I know the Aussie server was added and swiftly removed due to Australia's oppressive privacy nature, and I completely understand this. I also am grateful a second NZ server was recently added. Having said that, I'm struggling to break past 300mbps out of a 1gbps connection where previously I was cracking around 700mbps. Granted that service did provide 10gbps Australian servers in my city, I'm wondering if anyone else from Australia has tweaked anything with good results like MTU sizes etc, or if perhaps making one of those NZ servers 10gbps is considered or planned at some point. I hope it's obvious I'm in no way complaining about Air, I really like it, though I feel with NZ being the main line to the Australian client base, those servers should be pretty beefy. As beefy as feasibly possible in fact. Simply more bandwidth would absolutely round out Aussie satisfaction with what is really our 1 of 2 options now. It's really our only option if you care about static port forwarding. Thoughts? Cheers.
  17. 1 point
    Clodo

    ANSWERED Eddie-UI.exe using a lot of CPU

    Thank you, it will be in the next release.
  18. 1 point
    Staff

    Eddie Desktop 2.24 beta released

    New version 2.24.2, primarily containing bug fixes related to the Linux build. [bugfix] [windows] Shortcut .lnk for all users [bugfix] [linux] Fixed a systemd-resolved issue that caused wrong "DNS of the interface x switched to VPN DNS - via systemd-resolved" [bugfix] [linux] An issue with tray-icon at exit [bugfix] [linux] A concurrency issue that caused the application not to close [bugfix] [linux] Dependency to mono-runtime-common (only on .deb packages) [bugfix] [linux] Minor fixes [bugfix] [linux] Arch build in AUR
  19. 1 point
    Stalinium

    Six new 1 Gbit/s servers available (US)

    Typo in the first paragraph. The server name is written as "Meleph"
  20. 1 point
    BettyIsBoop

    Eddie Desktop 2.24 beta released

    Fixed with the workaround, and the systray icon appear too. Thank you.
  21. 1 point
    Ghederzarz

    Eddie Desktop 2.24 beta released

    2.24 tester here: Installed the eddie on fedora and the graphics elements are veeeeery slow at loading
  22. 1 point
    ss11

    Termination of service in Italy

    That is a silly and childish question. How do you expect staff to answer that? Since I am not staff or related in any way with AirVPN, I will give you a point of view for this from just a normal fellow in your community. Staff clearly mentioned that there is a legal framework in place. Law should not be commented but obeyed. Which is why AirVPN is obeying and respecting the law, and not allowing customers from Italy. Since there is no legal requirement to ask for face scan or identity card when registering a VPN account, the only way for the service to know where you are ordering from is the IP address you are placing the order from. How will the service know you are buying via a different VPN in the first place? It's not like there is a public record of all VPN addresses (unlike there is a public record for all IP addresses that are flagged in Italy for example) - that could perfectly be a normal IP address. There's a huge chance the provider will not even know you are using a VPN at all when buying. If the IP address of that VPN or proxy or whatever you are using is not in Italy, how will the provider know you are from Italy? You have to click a checkbox to confirm you are not Italian, so the provider has the confirmation that they are applying the correct policy. But it's against the privacy rights to request for ID card copy or facial scan, so it's up to you to provide the accurate information If you order via Tor for example, via the .onion address of AirVPN, how can it be known? So, obviously you must NOT be an Italian if you are purchasing your VPN from there, you are resident of Tor-onion-land. I recommend closing this post for future replies, as the main message has been properly sent, and to prevent more confusing stuff - in case the legal framework will be reversed in Italy (as it should because it's madness, but then again this is something too big and beyond powers to talk here) a new announcement will be made confirming the acceptance of Italian customers.
  23. 1 point
    zedik

    Eddie Desktop 2.24 beta released

    On Linux Mint new version of Eddie 2.24.1 beta does not want to exit (I have to kill it) also I am loosing internet connection when trying to close Eddie. Bellow is the picture of the message: ↓ BTW, I have mono-runtime-common package installed.
  24. 1 point
    mnzx

    Eddie Desktop 2.24 beta released

    When I upgraded from 2.23.2 to 2.24.0 everything worked fine, that means that mono-runtime-common was not uninstalled, but it was uninstalled when going from 2.24.0 to 2.24.1. After the problem I went back to 2.23.2 and now I upgraded directly to 2.24.1, but I didn't need to install mono-runtime-common because this time it was not uninstalled when running apt autoremove. so, confirmed, the workaround works around. But not exactly as expected.
  25. 1 point
    Staff

    Eddie Desktop 2.24 beta released

    @BettyIsBoop @mnzx and anyone with the error "System.TypeInitializationException" Confirmed, hopefully this will be fixed in the next release. As a workaround for now, please install mono-runtime-common: sudo apt install mono-runtime-common @svenmaninov : Hi, it's expected. There shouldn't be any Mono dependency theoretically as it's bundled now. However, there is an issue that is being investigated.
  26. 1 point
    spinmaster

    Eddie Desktop 2.24 beta released

    I can confirm, that this is fixed in 2.24.1 (tested on macOS). Thanks! 👍
  27. 1 point
    drum

    Eddie Desktop 2.24 beta released

    After reboot AirVPN doesn't honour the last server used. This seems to affect at least v2.23.x and v2.24.x Configuration Steps to reproduce: Start the computer with server A Change to server B Reboot or turn off/on the computer without manually closing AirVPN The system will start connecting to server A while it was expected to connect to server B as it was the last used server. On the contrary if AirVPN was manually terminated, after reboot it connects to server B. This is using Wireguard, didn't look for OpenVPN Eddie version: 2.24.1beta / windows_x64, System: Windows, Name: Windows 10 Education, Version: 10.0.19045.0, Framework: v4.0.30319
  28. 1 point
    user972512

    Eddie Desktop 2.24 beta released

    2.24.1 appears to have fixed my problem with immediate crash on launch under Pop!_OS 22.04 LTS.
  29. 1 point
    MarkDubya

    Eddie Desktop 2.24 beta released

    Indeed it is. 👍
  30. 1 point
    Staff

    Eddie Desktop 2.24 beta released

    Version 2.24.1 with some bugfixes released. In some packages, WireGuard was not the default, fixed in 2.24.1. As soon as possible. Tray icon should be fixed in 2.24.1 Fixed in 2.24.1, same issue also for @drum Both under investigation, thank you for your tests and patience! Under investigation, thank you for your tests and patience! Kind regards
  31. 1 point
    @BettyIsBoop Can you please post your message in the following thread: https://airvpn.org/forums/topic/57401-eddie-desktop-224-beta-released/ It's the thread followed by devs for bug reports on 2.24. Thank you in advance! Kind regards
  32. 1 point
    Viaica

    Eddie Desktop 2.24 beta released

    On Xubuntu LTS 22.04 the log is getting spammed with "DNS of the interface 'Eddie' switched to VPN DNS - via systemd-resolved" message. Same thing happened on the previous beta which I posted on the older thread: https://airvpn.org/forums/topic/56428-eddie-desktop-223-beta-released/?do=findComment&comment=229176 Another issue is that minimize to tray still does not work like it hasn't worked for a while.
  33. 1 point
    xmartymcflyx

    Honeypot VPN?

    (For me) it does constitute a good reason to take them as a decoy service. Food isn't free, education isn't free, healthcare isn't free, even freedom isn't free. You'd need to do some research on who's behind the company to gather more data to make a proper choice though. Names, experience, previous works, etc.
  34. 1 point
    ersatzzz

    Eddie Desktop 2.24 beta released

    Any idea on when there will be a new STABLE release? Assuming you're using semantic versioning, we've skipped past a 2.22 and 2.23 stable release, and we're still stuck at 2.21.8.
  35. 1 point
    Your own tests are a necessity, so it's 100% of the time. Eddie (or rather OpenVPN/Wireguard) does not consider what you want to do over a VPN connection, so there is no automagical optimization happening in the background. But once you have a selection of servers which showed you good results and you put them on the allowlist, letting Eddie choose one automatically would be okay, of course.
  36. 1 point
    lozera

    7 years and still loving it.

    It's been 7 years since I've come across AirVPN. The ease of access and wide selection of servers to choose from has made AirVPN my to go to vpn service. 😊
  37. 1 point
    xeyet21740

    Termination of service in Italy

    Obviously current subscriptions will be OK as said in their first post " We will not interrupt the service to current subscribers until the natural expiry date "
  38. 1 point
    foDkc4UySz

    Termination of service in Italy

    Exactly. A business migration to an "offshore, sovereign nation" might seem like the best solution here, but it's just a hammer putting an angle to the nail. Sure, (Corporation, et al) Taxes might be lower elsewhere, but the proposed unregulated, dynamic blacklist system being implemented in Italy, applies globally to AirVPN's and all Italian resident-customers. If AirVPN were to still be a registered Italian business, and somehow implement technological bypasses of the blacklist to reallow Italian resident-customers, then even a layman could see an argument for detrimental culpability subject to their own business registation laws, if they wish to continue operating out of Italian jurisdiction. I'm certain that the Owners, Staff, Lawyers of AirVPN, being at least of Italian business registration since inception, are taking this legislative battle to heart. Many others will too: I'd bet there'll be an EU review into the frameworks implementation sooner rather than later, once it's filtering impact and resonance are actualised. @Staff Will do whatever they feel is most legal, and best feasible. But there's one reason why we're customers: A "VPN operated by activists in defense of net neutrality, privacy and against censorship." That time is now.
  39. 1 point
    Riddick

    Termination of service in Italy

    I feel for the Italians, but how can you challenge a corrupt government "this is all part of the plan" not country specific but world-wide ! One small step for Italy, one giant leap for World domination
  40. 1 point
    SimoMil

    Termination of service in Italy

    Sadly there isnt a real "technology and privacy" education here in Italy. Even more, the Privacy Shield has been promoted and required by the Lega Calcio (soccer league) to "protect from illegal streaming of the matches" and here in Italy it seems soccer being more important than privacy and freedom.
  41. 1 point
    Staff

    New 10 Gbit/s server available (US)

    Hello! The CPU of 10 Gbit/s servers does not have high load on average and the 10 Gbit/s servers have repeatedly reached more than 12 Gbit/s peak performance (6 up + 6 down). They also have quite a remarkable average, for example Haedus on weekends keeps an impressive 8 Gbit/s averaged on the 48 hours! OpenVPN surely loads the CPU, that's unavoidable, but we're topping CPU capacity only when the total amount of connected clients exceed 300, which normally should not happen: Eddie will not recommend connection to servers with approaching to limit connected clients and our areas FQDN will not resolve to those servers' IP addresses. As a side note, consider that the 10 Gbit/s servers marked with "6000 Mbit/s" maximum bandwidth are connected to a 10 Gbit/s port but with our plan the provider guarantees 3 Gbit/s full duplex 24/7, while they are "best effort" burstable to 10 Gbit/s. Kind regards
  42. 1 point
    Hey, pictures would make this post indeed so much better. So, I have done it and posted below. Please note the following: My OPNsense Firewall is "clean" I did a factory reset before conducting the steps and completing the guide. For simplicity, I copy and pasted most of the Text but added it with the missing pictured and did fix where I believe it was necessary. All Credits for this goes to the original poster @Sj0rs I configure OPNsense from the WAN interface. To do this, I did the following steps as a preparation before this guide. Disclaimer In general, DO NOT TRUST ME ! I'm not a security expert. I do not know what I'm doing here ! Preparation (not required if you access the firewall from LAN) Some advice here… Opening the WAN interface to allow administration is not good ! I am doing this because the firewall sits in my private LAN, and I'm not doing any port forwarding on my main router ! If your firewall is connected directly to the internet, do not do this ! Again, in general, DO NOT TRUST ME ! I'm not a security expert. I do not know what I'm doing here ! Now that you know it… 1. Deselect "Block private networks" and "Block bogon networks" in Interfaces → WAN. After doing so: hit save and "Apply changes". 2. Select "Disable reply-to" in Firewall → Settings → Advanced. Hit save at the end. 3. Add incoming WAN rule to allow administration. Go to Firewall → Rules → WAN Add a TCP rule from "WAN net" to "This Firewall" on HTTPs. Step 1. Information gathering. We'll grab some info that we need to configure the WireGuard Tunnel. Go to the Client Area. Got to VPN Devices. Add a device or edit your existing device. Note your Public Key and IPv4 under the heading "WireGuard" Go back to the Client Area. Go to Config Generator Select "router" under "Choose your OS" Select "WireGuard under "Choose protocols" Select your country under "By Countries". I selected Netherlands Scroll way down and download your config. This is an example of a WireGuard config: (the keys and IP are random and will not work, use your own) [Interface] Address = 10.10.10.10/32 PrivateKey = X72xgdx23XDomnSXmcy#S4Jc#9Y5G*vU$wg^n499yn6 MTU = 1320 DNS = 10.128.0.1 [Peer] PublicKey = VTSQ77Uk4^&RY4h%S$#9h8PR2T&xyya&yPTtk6oD^m$ PresharedKey = b7&&7bntmCS5q%&4J*mSKBAUvV4XEqHerwscvbappXQ Endpoint = nl3.vpn.airdns.org:1637 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 15 Step 2. Create the Tunnel configuration. Pre Configuration — Install WireGuard plugin 0.1 Go to System → Firmware → Plugins and install the "os-wireguard" plugin. Peer configuration: in OPNsense go to VPN → WireGuard → Settings → Peers. Create a peer with the following information: Name: wg_airvpn_<country code>. Mine is called wg_airvpn_nl Public key: <PublicKey under heading [Peer] of your generated WG Config> Pre-shared key <presharedKey under heading [Peer] of your generated WG Config> Allowed IP's: 0.0.0.0/0 Endpoint Address: <Endpoint under heading [Peer] of your generated WG Config> Endpoint port: 1637 (default port) Keepalive interval: 15 (default interval) Click "Save" and you should see the below Instance configuration: in OPNsense go to VPN → Wireguard → Settings → Instances Create an instance with the following information: Enable Advanced Mode. (upper left corner) Name: <Endpoint Name i.e. nl.vpn.airdns.org> Public Key: <Public Key as noted with step 1.4> Private Key: <PrivateKey under heading [Interface] of your generated WG Config> Listen Port: 1637 MTU: 1320 Tunnel Address: <Address including /32 under harding [Interface] of your generated WG Config> Peers: <select peer that you created with step 2.2> Disable routes: Enabled. Hit the "Save" button. Enable WireGuard configuration Go to VPN → Wireguard → Settings → General and click on "Enable WireGuard" Hit "Apply" Step 3. Make an exception on your WAN interface in OPNsense go to Firewall → Rules → WAN On the WAN interface, default is called WAN, create a Pass rule for IPv4/UDP port 1647 to your WAN-address. Scroll down and hit "Save". It should look like this: Step 4. Assign WireGuard Interface in OPNsense go to Interfaces → Assignments You'll find a "wg1(WireGuard - nl.vpn.airdns.org)" (or similar) interface. bind it to an interface with a name of your choice. Mine is called WAN_WG1 as is the first site-to-site WireGuard tunnel on my WAN interface. Click the "Add" button Enable the Interface Interfaces → Assignments → WAN_WG1 Enable: Enable the Interface. Dynamic gateway policy: Selected (I found it's not working without this. Not sure why) No further configuration required. Ensure the "Block private networks" and "Block bogon networks" options are not selected, as shown below. Hit "Save" and "Apply changes". Step 5. Create a gateway. Remember, we disabled the routes for the WG instance configuration? Because of that, we need to create a gateway. In OPNsense go to System → Gateways → Single Add a Gateway with the following information: Name: WAN_WG_GW Description: Interface WAN_WG1 Gateway Interface: Select WAN_WG1 as created in step 4. Address Family: IPv4 IP address: Dynamic (leave empty) Far Gateway: Enabled (this I am not sure of, but for now I'm happy it works) Disable Gateway Monitoring: enabled Hit the "Save" button. Step 6. Aliases I did not use aliases in my setup. I use the default LAN network group. Step 7. Create Outbound NAT for WireGuard. (In my setup, I use Manual Outbound Rule Generation because I like to have control) In OPNsense go to Firewall → NAT → Outbound Click "Manual outbound NAT rule generation" then "Save" then "Apply changes". Create a new Outbound NAT rule with the following information: Interface: WAN_WG1 TCP/IP version: IPv4 Protocol: Any Source Address: LAN net (or use alias) Translation /target WAN_WG1 address Description: WireGuard VPN Outbound NAT rule Click the "Save" button and then the "Apply changes" button. Step 8. Create Outbound Redirect rule. In this example we create 2 rules on our LAN interface, one for redirecting to WG, the other to prevent leaks. In OPNsense go to Firewall → Rules → LAN add an outbound Pass rule: Action: Pass Source: LAN net (or use alias) Destination: Any Gateway: WAN_WG_GW (the gateway you created in step 5.) Hit the "Save" button. Add an outbound block rule below that: Action: Block Source: LAN net Destination: Any Gateway: default Hit the "Save" button and then the "Apply changes" button. You need to disable the existing Default rules by clicking on the green arrow then "apply changes" again. (I have removed them as we do not need them anyway) Step 9. Prevent DNS leaks Create an alias to use all available AirVPN servers. Firewall → Aliases Click add Enable: selected Name: VPN_DNS Content: 10.4.0.1 128.0.1 10.5.0.1 10.7.0.1 Click Save Create NAT port forward rule. Firewall → NAT → Port Forward Click Add Interface: LAN TCP/IP Version: IPv4 Protocol: TCP/UP (DNS traffic is usually UDP, but I thought it's better to do it like this) Source: LAN net Destination: This Firewall Destination port range: DNS Redirect target IP: VPN_DNS (the alias we created in 9.1) Redirect target port: DNS NAT reflection: Disable Filter rule association: None Hit "Save", then "Apply changes". Your WG VPN tunnel should now work. Test with https://ipleak.net Step 10. Port forwarding (Optional) If you need port forwarding for something, make sure It's configured in your AirVPN Member settings ! Firewall → Rules → WAN_WG1 → Add Action: Pass Interface: WAN_WG1 Direction: In Protocol: select your protocol Source: any (or if you can define it, do this here) Destination: Single host or Network and the IP of the device Destination port range: select the port (range) reply-to: WAN_WG1_GW (this is very Important!) Hit "Save", then "Apply changes". Firewall → NAT→ Port Forward → Add Interface: WAN_WG1 Protocol: Same as in 10.5 Destination: WAN_WG1 address Destination port range: Same as in 10.8 Redirect target IP: Same as in 10.7 Redirect target port: Same as in 10.8 Hit "Save", then "Apply changes". That's it for port forwarding. Test the setting. Let me know if something is not correct or clear. END of the Guide... Everything below here can be ignored. It seems the board software adds all the pictures I have added again to the bottom of the post, so ignore everything below here ! Thanks
  43. 1 point
    I was digging around CourtListener RECAP - a free archive of US court cases containing some public court records from PACER that have been uploaded to it by CourtListener RECAP users - and decided to search for AirVPN. I found several hits in the case United States v. Klyushin (https://www.courtlistener.com/docket/61629108/united-states-v-klyushin/) and the very basic gist of this case is that Klyushin was convicted of hacking into a few financial firms to do insider trading. If you go to the CourtListener page linked above you can access all the PACER court documents that have been uploaded to RECAP. Just to clear up any misunderstandings these are all public federal court records that have been freely made available through RECAP. The most interesting of the documents from the case is #183 (https://www.courtlistener.com/docket/61629108/183/united-states-v-klyushin/) which is a transcript of day 4 of the jury trial. (PDF attached to this post.) Within this transcript it is stated: 1. IP address 185.228.19.147 (incorrectly said 288 here, but 228 elsewhere) belongs to DediPath, and was used by AirVPN (pg. 132). 2. A "pen register" or "trap and trace" was placed on this IP address which is a "caller ID of who is communicating with that IP address" (pg. 133). 3. The pen register was authorized by a federal judge (pg. 133). 4. The pen register was active on that IP address from January 28th, 2020, to February 23rd, 2020 (pg. 135). 5. The pen register records were from DediPath, the transcript does not state any involvement or knowledge by AirVPN (pg. 138). Document #217 (https://www.courtlistener.com/docket/61629108/217/united-states-v-klyushin/) is a transcript of day 9 of the jury trial. (Also attached to this post.) It provides confirmation of point 5 above and offers more detail on what the pen register captures: 1. The pen register was "sent to the company that hosted the destination IP" meaning DediPath directly (pg. 38). 2. The pen register captured headers only, meaning timestamps of packets, inbound and outbound, and directionality, but not any content of packets (pg. 38-39). This is quite interesting as I have seen this sort of tap hypothesized as something that could be used to log VPN servers, without the provider's knowledge (no matter what provider) - but up until now I was only aware that it was possible, not that it had actually been done. gov.uscourts.mad.232574.183.0.pdf gov.uscourts.mad.232574.217.0.pdf
  44. 1 point
    Staff

    New 3 Gbit/s server available (US)

    Hello! The server features a 10 Gbit/s NIC connected to a 10 Gbit/s port. 3 Gbit/s (full duplex) are guaranteed and unmetered. Fully burstable to 10 Gbit/s best effort, 3 Gbit/s (full duplex) commitment 100% guaranteed. Kind regards
  45. 1 point
    I just found out how to detour the blocking without using old.reddit.com. All you have to do is make a cookie following the next rules: - domain: .reddit.com - name: reddit_session - value: any value as you want. It supposed to have your Reddit session data, but it can be anything just to detour the blocking. e.g., 0 - path: / I used cookiebro extension to import and export a cookie but how to add a cookie is up to you. It is naive but it works anyway. I hope it helps, and they don't block this solution too soon. Or maybe you can use the cookiebro-cookie-.reddit.com-reddit_session.json which I confirmed working on firefox and chromium.
  46. 1 point
    Hello! Google Search should never be used for privacy reasons (Google profiling techniques are so advanced that you risk to create a correlation between your real identity and your VPN identity at the tiniest error) and ethical reasons, but you can rely on startpage.com if you really need Google Search. Startpage will proxy your queries to Google Search and serve you back Google reply, therefore an additional protection layer stands between your node and Google and you usually avoid captchas. A very good search engine offering privacy protection commitment is Brave Search: https://search.brave.com Kind regards
  47. 1 point
    Please do enlighten the readers. Frankly, Android doesn't care about the VPN protocol, and neither do mobile operators. Android only cares whether there is a VPN connection active using the VPNService API, which it is if Shadowsocks uses that same API to work. So what you wrote is not 100% accurate. Consider yourself reminded of the fact that AirVPN is a VPN provider, not a proxy provider. Support for any kinds of proxy services will not see the light of day for the forseeable future. Others requested it in the past:Now, Shadowsocks and V2Ray are proxies, SoftEther is not a protocol but a software supporting other protocols in both server and client mode, and "something else" must be named for evaluation.
  48. 1 point
    zhang888

    ANSWERED Slow Speeds With PFSense

    My hardware setup is quite decent. Intel® Core i5 CPU 650 @ 3.20GHz Are you sure about that? It's not the setup or us, its' your hardware. https://ark.intel.com/products/43546/Intel-Core-i5-650-Processor-4M-Cache-3_20-GHz Launch date: Q1 2010 This is not exactly decent. By any means an 8 year old CPU is usable, but cannot be expected to achieve high speeds with OpenVPN AES-256. We don't exactly have any benchmarks from this CPU but a 30-40Mbit mark is my high bet. Note when you build a high end dedicated box for OpenVPN/other tasks, you have to consider it's max throughput before - CPU and RAM from the past 5 years should cost almost the same and give about twice better performance. Just as you can't expect running some games on such machine, or running new apps on a phone from 8 years ago, this is almost the same. Your CPU is the Galaxy 1st gen / iPhone 3G of today standards.
  49. 1 point
    FromtheWalls

    How do I use AirVPN?

    Well, to give a completely rudimentary course in how to get it up and running: Assuming you use windows you go to the "Enter" tab on this site while logged in, click on the windows icon and download the client from there. You then install the client. Then you find the "AirVPN" icon on your desktop and click it, then choose "connect to a recommended server" and wait for it to finish connecting. Then point your web browser to https://ipleak.net/ to confirm it's working, and it doesn't show your real info anymore. This should get you started using it, at least. You should be safe with the default settings. I then recommend searching the forum for any specific features you wonder about with the client, if you need port forwarding to work you can look at some of my recent posts on here for example. Oh, you might want to turn on the network lock on the login screen as well.
  50. 1 point
    Probably because they decided not to use women and children as suicide bombers, or fire rockets indiscriminately into civilian areas. But this isn't really the place to discuss it.
×
×
  • Create New...