Jump to content
Not connected, Your IP:


Popular Content

Showing content with the highest reputation since 12/16/20 in all areas

  1. 16 points

    New 10 Gbit/s server available (CH)

    Hello! We're very glad to inform you that a new 10 Gbit/s server located in Zurich (CH) is available: Xuange. It's the first server we propose with a dedicated 10 Gbit/s line and port. As we have now circumvented several computing limits through load balancing and improved optimization, it's time to gradually test larger bandwidth. The AirVPN client will show automatically the new server. If you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Xuange supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Xuange Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  2. 4 points
    I have a reason to believe that M247 is falsifying a few of its server locations which it sells to VPN companies such as AirVPN. Disclaimer: I am not accusing AirVPN of participating in this falsification, I believe that AirVPN staff has the integrity and honesty to only purchase servers in locations they know are correct as advertised. My hypothesis is that AirVPN was merely duped into buying thse falsified locations because M247 claimed that they were real locations and AirVPN did not have any reason to suspect anything to the contrary. I noticed recently that the M247 "Phoenix" location seems to really be located in Los Angeles, M247 "Barcelona" location seems to really be in Madrid, and the M247 "Berlin" location seems to really be in Frankfurt. Traceroute shows identical routes between each of these false locations and the real location they are in, not to mention that neither Phoenix, Barcelona, or Berlin appear on M247's list of locations on their website Disclaimer 2: All of the data below is shown as it was generated, with the only thing being edited is the redaction of my ISP's traceroute hops for protection of my privacy. Exhibit A: "Phoenix" is really Los Angeles. Traceroute and ping to Indus , allegedly in M247 Phoenix Traceroute to Indus server traceroute to indus.airservers.org (, 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 8 * * * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net ( 73.593 ms 68.449 ms 69.689 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net ( 66.818 ms 71.847 ms 72.087 ms 11 * irb-0.agg1.lax1.us.m247.com ( 89.481 ms et-0-0-49-0.agg1.lax1.us.m247.com ( 79.797 ms 12 vlan2921.as09.lax1.us.m247.com ( 123.200 ms 71.520 ms vlan2909.as09.lax1.us.m247.com ( 74.228 ms 13 * * * 14 * * * Traceroute from Indus to Google traceroute to google.com (, 30 hops max, 60 byte packets 1 ( 69.597 ms 69.603 ms 69.595 ms 2 vlan177.as09.lax1.us.m247.com ( 69.687 ms 69.711 ms 69.778 ms 3 irb-0.agg1.lax1.us.m247.com ( 633.031 ms 633.038 ms 633.034 ms 4 ( 69.490 ms 69.452 ms 69.546 ms 5 ( 69.661 ms te-4-3-0.bb1.lax1.us.m247.com ( 69.769 ms 69.821 ms 6 ( 69.615 ms ( 67.888 ms ( 68.754 ms 7 ( 67.871 ms ( 68.216 ms ( 68.221 ms 8 ( 68.254 ms ( 68.228 ms ( 68.243 ms 9 ( 68.818 ms ( 68.598 ms 68.843 ms 10 ( 68.806 ms ( 69.010 ms ( 76.905 ms 11 ( 76.921 ms ( 80.406 ms ( 75.588 ms 12 ( 81.965 ms ( 78.518 ms 80.377 ms 13 ( 75.650 ms 75.356 ms ( 77.960 ms 14 sfo03s07-in-f14.1e100.net ( 82.906 ms ( 77.106 ms sfo03s07-in-f110.1e100.net ( 103.936 ms Ping to Indus PING ( 56(84) bytes of data. 64 bytes from icmp_seq=1 ttl=57 time=69.5 ms 64 bytes from icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from icmp_seq=3 ttl=57 time=69.1 ms 64 bytes from icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from icmp_seq=5 ttl=57 time=69.3 ms 64 bytes from icmp_seq=6 ttl=57 time=68.5 ms 64 bytes from icmp_seq=7 ttl=57 time=70.0 ms 64 bytes from icmp_seq=8 ttl=57 time=69.2 ms 64 bytes from icmp_seq=9 ttl=57 time=69.7 ms 64 bytes from icmp_seq=10 ttl=57 time=68.1 ms Hmm, I wonder why all the M247 router hops are all labelled as "LAX1" for a "Phoenix" location??? Now we will compare this to Groombridge, a server in M247 Los Angeles Traceroute to Groombridge traceroute to groombridge.airservers.org (, 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 ae-2.r25.lsanca07.us.bb.gin.ntt.net ( 74.561 ms 97.764 ms * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net ( 73.048 ms 70.967 ms 73.707 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net ( 65.112 ms 73.968 ms 71.939 ms 11 irb-0.agg1.lax1.us.m247.com ( 77.359 ms * * 12 vlan2926.as15.lax1.us.m247.com ( 75.003 ms 73.769 ms ( 67.763 ms 13 * * * 14 * * * Traceroute from Groombridge to YouTube traceroute to youtube.com (, 30 hops max, 60 byte packets 1 ( 71.514 ms 71.502 ms 71.493 ms 2 vlan170.as15.lax1.us.m247.com ( 71.810 ms 71.986 ms 72.005 ms 3 * * * 4 ( 75.969 ms te-1-2-0.bb1.nyc1.us.m247.com ( 76.140 ms ( 75.971 ms 5 ( 76.149 ms 76.154 ms te-4-3-0.bb1.lax1.us.m247.com ( 75.138 ms 6 ( 78.254 ms ( 73.797 ms 73.781 ms 7 ( 73.773 ms ( 73.975 ms ( 74.551 ms 8 ( 73.937 ms ( 74.759 ms ( 74.214 ms 9 * ( 74.196 ms ( 74.648 ms 10 ( 86.701 ms * ( 72.588 ms 11 ( 80.460 ms ( 81.648 ms ( 83.700 ms 12 ( 80.580 ms ( 79.787 ms ( 81.349 ms 13 ( 80.326 ms ( 81.308 ms ( 84.462 ms 14 ( 82.598 ms sfo07s16-in-f78.1e100.net ( 80.463 ms 81.950 ms Ping to Groombridge PING groombridge.airservers.org ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=57 time=68.8 ms 64 bytes from ( icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from ( icmp_seq=3 ttl=57 time=68.9 ms 64 bytes from ( icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from ( icmp_seq=5 ttl=57 time=70.4 ms 64 bytes from ( icmp_seq=6 ttl=57 time=69.0 ms 64 bytes from ( icmp_seq=7 ttl=57 time=70.4 ms 64 bytes from ( icmp_seq=8 ttl=57 time=67.6 ms 64 bytes from ( icmp_seq=9 ttl=57 time=68.3 ms 64 bytes from ( icmp_seq=10 ttl=57 time=68.0 ms Hmm, looks suspiciously similar to me... Routes are both the same, ping is near-equal Exhibit B: "Barcelona" is really Madrid Traceroute and ping to Eridanus, allegedly in Barcelona Traceroute to Eridanus traceroute to eridanus.airservers.org (, 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com ( 83.833 ms 82.655 ms 83.244 ms 9 be2325.ccr32.mad05.atlas.cogentco.com ( 86.389 ms 85.839 ms 86.422 ms 10 quantum-sistemas.demarc.cogentco.com ( 110.559 ms 171.268 ms 118.386 ms 11 * * * 12 * * * Traceroute from Eridanus to YouTube traceroute to youtube.com (, 30 hops max, 60 byte packets 1 ( 89.066 ms 89.077 ms 89.072 ms 2 * * * 3 xe-1-2-3-0.bb1.mad1.es.m247.com ( 89.002 ms 88.997 ms 88.992 ms 4 mad-b1-link.telia.net ( 89.157 ms 89.176 ms 89.172 ms 5 google-ic-314668-mad-b1.c.telia.net ( 89.168 ms 89.324 ms 89.328 ms 6 * * * 7 ( 92.637 ms ( 91.657 ms ( 91.548 ms 8 ( 92.059 ms ( 91.787 ms 144.397 ms 9 ( 91.930 ms muc03s14-in-f14.1e100.net ( 91.631 ms ( 91.934 ms Hmm, I wonder why M247's router hops in the "Barcelona" location are all labelled as "MAD1" Ping to Eridanus PING ( 56(84) bytes of data. 64 bytes from icmp_seq=1 ttl=56 time=89.4 ms 64 bytes from icmp_seq=2 ttl=56 time=85.9 ms 64 bytes from icmp_seq=3 ttl=56 time=84.9 ms 64 bytes from icmp_seq=4 ttl=56 time=85.5 ms 64 bytes from icmp_seq=5 ttl=56 time=86.4 ms 64 bytes from icmp_seq=6 ttl=56 time=85.0 ms 64 bytes from icmp_seq=7 ttl=56 time=85.3 ms 64 bytes from icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from icmp_seq=9 ttl=56 time=85.8 ms 64 bytes from icmp_seq=10 ttl=56 time=85.3 ms Comparing this to Mekbuda, a server in Madrid M247 Traceroute to Mekbuda [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com ( 83.761 ms 82.333 ms 82.102 ms 9 be2325.ccr32.mad05.atlas.cogentco.com ( 86.121 ms 85.032 ms 86.308 ms 10 quantum-sistemas.demarc.cogentco.com ( 94.879 ms 87.337 ms 88.230 ms 11 * * * 12 * * * Route from Mekbuda to Youtube traceroute to youtube.com (, 30 hops max, 60 byte packets 1 ( 87.692 ms 87.693 ms 87.686 ms 2 vlan29.bb2.mad1.es.m247.com ( 87.696 ms 87.690 ms 87.750 ms 3 xe-1-1-0-0.bb1.mad1.es.m247.com ( 87.762 ms 87.758 ms 87.753 ms 4 mad-b1-link.telia.net ( 87.956 ms 88.558 ms 87.931 ms 5 google-ic-314668-mad-b1.c.telia.net ( 87.836 ms 87.992 ms 87.988 ms 6 * * * 7 mad41s04-in-f14.1e100.net ( 86.846 ms ( 98.934 ms 98.992 ms Ping to Mekbuda PING mekbuda.airservers.org ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=56 time=87.0 ms 64 bytes from ( icmp_seq=2 ttl=56 time=88.4 ms 64 bytes from ( icmp_seq=3 ttl=56 time=86.2 ms 64 bytes from ( icmp_seq=4 ttl=56 time=88.4 ms 64 bytes from ( icmp_seq=5 ttl=56 time=86.7 ms 64 bytes from ( icmp_seq=6 ttl=56 time=85.7 ms 64 bytes from ( icmp_seq=7 ttl=56 time=85.7 ms 64 bytes from ( icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from ( icmp_seq=9 ttl=56 time=88.3 ms 64 bytes from ( icmp_seq=10 ttl=56 time=88.2 ms Once again, everything is near-identical, with only a slight difference in Youtube traceroute. Exhibit C: "Berlin" is really in Frankfurt First we will test ping and traceroute to Cujam, a Berlin M247 server Traceroute to Cujam [Redacted my ISP's traceroute hops] 6 * * * 7 ae-9.r20.londen12.uk.bb.gin.ntt.net ( 73.904 ms ae-11.r20.parsfr04.fr.bb.gin.ntt.net ( 78.812 ms 75.580 ms 8 ae-1.r21.londen12.uk.bb.gin.ntt.net ( 79.099 ms ae-2.r21.parsfr04.fr.bb.gin.ntt.net ( 85.715 ms ae-1.r21.londen12.uk.bb.gin.ntt.net ( 78.384 ms 9 ae-16.r20.frnkge13.de.bb.gin.ntt.net ( 91.553 ms ae-11.r21.frnkge13.de.bb.gin.ntt.net ( 91.521 ms ae-16.r20.frnkge13.de.bb.gin.ntt.net ( 94.728 ms 10 ae-0.a00.frnkge13.de.bb.gin.ntt.net ( 92.855 ms 89.619 ms 90.740 ms 11 ae-8-501.a00.frnkge13.de.ce.gin.ntt.net ( 91.869 ms 92.824 ms 93.136 ms 12 ( 90.856 ms vlan2945.agg2.fra4.de.m247.com ( 92.015 ms ( 89.007 ms 13 vlan2925.as03.fra4.de.m247.com ( 88.304 ms vlan2901.as03.fra4.de.m247.com ( 93.828 ms vlan2925.as03.fra4.de.m247.com ( 89.713 ms 14 * * * 15 * * * Traceroute from Cujam to YouTube 1 ( 89.968 ms 89.978 ms 89.972 ms 2 ( 90.041 ms 90.036 ms 90.134 ms 3 vlan2925.agg2.fra4.de.m247.com ( 89.915 ms 89.910 ms 89.905 ms 4 ( 90.078 ms ( 89.956 ms ( 90.199 ms 5 vlan2906.bb1.ams1.nl.m247.com ( 90.252 ms 90.009 ms ( 90.176 ms 6 ( 90.171 ms no-mans-land.m247.com ( 89.888 ms ( 89.597 ms 7 no-mans-land.m247.com ( 89.851 ms ( 89.962 ms ( 89.649 ms 8 ( 90.496 ms ( 89.578 ms ( 89.598 ms 9 ( 90.067 ms ( 90.020 ms ( 90.430 ms 10 * * ( 90.872 ms 11 ( 99.430 ms * ( 97.794 ms 12 ( 98.329 ms ( 97.997 ms 97.910 ms 13 ( 97.921 ms ( 98.316 ms ( 98.802 ms 14 ( 97.839 ms 98.060 ms 98.173 ms 15 ( 98.067 ms par10s27-in-f206.1e100.net ( 97.811 ms 98.150 ms Ping to Cujam PING cujam.airservers.org ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=53 time=90.3 ms 64 bytes from ( icmp_seq=2 ttl=53 time=91.8 ms 64 bytes from ( icmp_seq=3 ttl=53 time=91.7 ms 64 bytes from ( icmp_seq=4 ttl=53 time=92.5 ms 64 bytes from ( icmp_seq=5 ttl=53 time=91.3 ms 64 bytes from ( icmp_seq=6 ttl=53 time=92.1 ms 64 bytes from ( icmp_seq=7 ttl=53 time=90.5 ms 64 bytes from ( icmp_seq=8 ttl=53 time=91.3 ms 64 bytes from ( icmp_seq=9 ttl=53 time=90.0 ms 64 bytes from ( icmp_seq=10 ttl=53 time=92.1 ms I wonder why there's no mention of "Berlin" in the traceroute hops, instead says FRA4 for Frankfurt.... Next we will compare this to Mirfak, a M247 Frankfurt server Traceroute to Mirfak [Redacted my ISP's traceroute hops] 5 * * * 6 if-ae-66-8.tcore1.l78-london.as6453.net ( 93.049 ms if-ae-66-9.tcore1.l78-london.as6453.net ( 92.427 ms if-ae-66-8.tcore1.l78-london.as6453.net ( 92.662 ms 7 * if-ae-3-2.tcore1.pye-paris.as6453.net ( 94.296 ms * 8 * * if-ae-11-2.tcore1.pvu-paris.as6453.net ( 92.280 ms 9 * if-ae-49-2.tcore2.pvu-paris.as6453.net ( 91.508 ms * 10 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net ( 100.752 ms 91.321 ms 92.308 ms 11 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net ( 88.325 ms ( 96.137 ms 94.877 ms 12 vlan2946.agg1.fra4.de.m247.com ( 94.155 ms ( 93.367 ms ( 91.790 ms 13 vlan2917.as11.fra4.de.m247.com ( 101.641 ms vlan2945.agg2.fra4.de.m247.com ( 90.441 ms vlan2917.as11.fra4.de.m247.com ( 93.836 ms 14 * vlan2917.as11.fra4.de.m247.com ( 94.359 ms vlan2919.as11.fra4.de.m247.com ( 96.080 ms 15 * * * 16 * * * The only difference in this traceroute is that the traffic goes through TATA instead of NTT which the Cujam server goes through, but the destination for both is the same: M247 in Frankfurt Traceroute to YouTube from Mirfak traceroute to youtube.com (, 30 hops max, 60 byte packets 1 ( 96.778 ms 96.764 ms 96.774 ms 2 vlan27.as11.fra4.de.m247.com ( 97.067 ms 97.135 ms 97.329 ms 3 vlan2917.agg1.fra4.de.m247.com ( 96.705 ms 96.704 ms 96.699 ms 4 ( 97.120 ms ( 97.724 ms ( 97.107 ms 5 ( 96.833 ms 96.835 ms vlan2906.bb1.ams1.nl.m247.com ( 96.894 ms 6 no-mans-land.m247.com ( 97.037 ms ( 95.349 ms 95.494 ms 7 no-mans-land.m247.com ( 95.615 ms ( 98.342 ms ( 96.818 ms 8 ( 96.897 ms ( 97.534 ms ( 96.712 ms 9 ( 97.041 ms ( 97.279 ms ( 96.977 ms 10 * * * 11 ( 104.649 ms * * 12 ( 104.672 ms ( 116.455 ms ( 104.324 ms 13 ( 104.748 ms 104.733 ms ( 115.898 ms 14 ( 104.245 ms 104.183 ms ( 104.074 ms 15 ams16s29-in-f46.1e100.net ( 103.791 ms 103.813 ms 102.372 ms Ping to Mirfak PING mirfak.airservers.org ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=53 time=89.3 ms 64 bytes from ( icmp_seq=2 ttl=53 time=89.8 ms 64 bytes from ( icmp_seq=3 ttl=53 time=89.1 ms 64 bytes from ( icmp_seq=4 ttl=53 time=90.6 ms 64 bytes from ( icmp_seq=5 ttl=53 time=89.6 ms 64 bytes from ( icmp_seq=6 ttl=53 time=89.2 ms 64 bytes from ( icmp_seq=7 ttl=53 time=90.0 ms 64 bytes from ( icmp_seq=8 ttl=53 time=90.0 ms 64 bytes from ( icmp_seq=9 ttl=53 time=87.6 ms 64 bytes from ( icmp_seq=10 ttl=53 time=88.9 ms Again, everything is near-identical, suggesting that these Berlin, Phoenix, and Barcelona locations are just falsified geolocation information and nothing more. With near-identical traceroutes, and ping values that don't differ by more than 1-2ms , it is extremely unrealistic that these servers are in the locations they claim to be. If you think my data is wrong/inaccurate, then feel free to repeat my experiment yourself, you will find the same thing. I would like to reiterate that I believe that AirVPN has no part in this falsification and that they have no ill will, I think they were duped/deceived by M247 to believe that the Phoenix, Berlin and Barcelona locations are actually real physical locations M247 has their servers located in. I think after these findings, AirVPN should have a long discussion with M247 staff about this falsification that took place.
  3. 3 points

    Apple Silicon version?

    Hello! Sure, porting our software to ARM based Mac machines is an option we are seriously considering because during 2021 (and maybe 2022) Mac Apple will abandon development of x86-64 based computers completely. Stay tuned. Kind regards
  4. 2 points

    macOS: Hummingbird 1.1.1 released

    Hello! We're very glad to inform you that we have just released Hummingbird 1.1.1 for macOS (High Sierra or higher version required). Main features Lightweight and stand alone binary No heavy framework required, no GUI Small RAM footprint Lightning fast Up to 100% higher throughput than OpenVPN 2.5 Based on OpenVPN 3 library fork by AirVPN Robust leaks prevention through Network Lock based on pf - working perfectly on Big Sur too Proper handling of DNS push by VPN servers What's new Remarkably higher performance Hummingbird 1.1.1 is based on the latest OpenVPN AirVPN library version 3.6.6 linked against OpenSSL, and not mbedTLS anymore. OpenSSL latest versions in macOS have reached higher performance than mbedTLS both in encryption and decryption based on AES and CHACHA20-POLY1305 ciphers. By relying on OpenSSL and thanks to highly optimized compilation as usual, Hummingbird on macOS is now able to beat OpenVPN 2 performance as well as previous Hummingbird 1.1.0 performance. According to our tests performed on macOS Catalina and Mojave, and keeping AES-256-GCM as Data Channel cipher, throughput increases up to 100%. Comparisons have been performed against Eddie 2.19.6 + OpenVPN 2.5, Tunnelblick + OpenVPN 2.4.9 and Hummingbird 1.1.0. All the tests consistently show a great performance boost, starting from +30% and peaking to +100%. Therefore, we strongly recommend that you test Hummingbird 1.1.1 even if you run Eddie. Remember that you can run Hummingbird through Eddie comfortably and quickly by setting the proper option. New OpenVPN 3 library features Starting from version 1..1..1, Hummingbird is linked against a new version of our OpenVPN 3 library which supports directive data-ciphers: it can be used consistently with OpenVPN 2.5 syntax in OpenVPN profiles. The directive allows OpenVPN 3 based software to negotiate a common Data Channel cipher with the OpenVPN server,, updating therefore our library to ncp-like negotiation with OpenVPN 2 branch. The new library also includes a different handling of IV_CIPHERS variable, fixing OpenVPN main branch issues causing a plethora of problems with OpenVPN 2.5. The implementation, at the same time, takes care of full backward compatibility with OpenVPN versions older than 2.5. ncp-disable directive, which to date has never been implemented in the main branch, is still supported, in order to further enhance backward compatibility with both OpenVPN profiles and servers, as well as connection flexibility with servers running older than 2.5 OpenVPN versions. Please note that if you enforce a specific Data Channel cipher by means of Hummingbird line option, the enforced Data Channel cipher will override data-ciphers profile directive. Changelog 3.6.6 AirVPN by ProMIND - [ProMIND] [2020/11/02] openvpn/ssl/proto.hpp: IV_CIPHERS is set to the overridden cipher only (both from client and/or OpenVPN profile) in order to properly work with OpenVPN 2.5 IV_CIPHERS specifications. The old method of cipher overriding by means of negotiable crypto parameters is still supported in order to maintain compatibility with OpenVPN < 2.5.0 - [ProMIND] [2020/11/24] added "data-ciphers" directive to profile config .ovpn files in order to comply to OpenVPN 2.5 negotiable data cipher specifications. In case "data-ciphers" is found in the .ovpn files IV_CIPHERS is assigned to the algorithms found in "data-ciphers". In this specific case, "cipher" directive is used as a fallback cipher and, if not already specified in "data-ciphers", is appended to IV_CIPHERS Download Hummingbird for macOS is distributed in notarized and plain versions: Signed and notarized version: https://eddie.website/repository/hummingbird/1.1.1/hummingbird-macos-notarized-1.1.1.zip Plain version: https://eddie.website/repository/hummingbird/1.1.1/hummingbird-macos-1.1.1.tar.gz The difference is about how the package is seen by macOS security and it is therefore up to the user to pick the distribution file suiting his or her needs best. The notarized version is compliant to macOS software security scheme and runs "out-of-the-box", whereas the plain version needs to be explicitly granted permission to run by the user in macOS security & privacy settings. Please note that both versions ensure the same functionality in connecting a VPN server, it is however up to the user to decide whether using the signed and notarized version or not. Version 1.1.1 manual is available here https://airvpn.org/hummingbird/readme/ Kind regards & datalove AirVPN Staff
  5. 2 points

    Linux: AirVPN Suite 1.0.0 released

    Hello! We're very glad to introduce a new software suite for Linux. The suite includes the well known Hummingbird software, updated to the latest OpenVPN AirVPN library, and introduces for the first time a D-Bus controlled, real daemon, Bluetit, as well as a command line client, Goldcrest, to interact with Bluetit. New architecture The client-daemon architecture we introduce for the first time in our software offers a more robust security model and provides system administrators with a fine-grained, very flexible access control. Bluetit is fully integrated with AirVPN. The daemon is accessed through a D-Bus interface by providing specific methods and interface in order to give full support to OpenVPN connection and AirVPN functionality, including - but not limited to - quick automatic connection to the best AirVPN server for any specific location as well as any AirVPN server or country. Connection during system bootstrap is fully supported as well. New OpenVPN 3 library features Hummingbird and Bluetit are linked against a new version of our OpenVPN 3 library which supports directive data-ciphers: it can be used consistently with OpenVPN 2.5 syntax in OpenVPN profiles. The directive allows OpenVPN 3 based software to negotiate a common Data Channel cipher with the OpenVPN server,, updating therefore our library to ncp-like negotiation with OpenVPN 2 branch. Hummingbird and Bluetit are already linked against the new library version, while Eddie Android edition will be updated in the near future. The new library also includes a different handling of IV_CIPHERS variable, fixing OpenVPN main branch issues which caused a plethora of problems with OpenVPN 2.5. The implementation, at the same time, takes care of full backward compatibility with OpenVPN versions older than 2.5. ncp-disable directive, which to date has never been implemented in the main branch, is still supported, in order to further enhance backward compatibility with both OpenVPN profiles and servers, as well as connection flexibility with servers running older than 2.5 OpenVPN versions. Please note that if you enforce a specific Data Channel cipher by means of Bluetit configuration file, Hummingbird line option, or Goldcrest configuration file and/or line option, the enforced Data Channel cipher will override data-ciphers profile directive. Changelog 3.6.6 AirVPN by ProMIND - [ProMIND] [2020/11/02] openvpn/ssl/proto.hpp: IV_CIPHERS is set to the overridden cipher only (both from client and/or OpenVPN profile) in order to properly work with OpenVPN 2.5 IV_CIPHERS specifications. The old method of cipher overriding by means of negotiable crypto parameters is still supported in order to maintain compatibility with OpenVPN < 2.5.0 - [ProMIND] [2020/11/24] added "data-ciphers" directive to profile config .ovpn files in order to comply to OpenVPN 2.5 negotiable data cipher specifications. In case "data-ciphers" is found in the .ovpn files IV_CIPHERS is assigned to the algorithms found in "data-ciphers". In this specific case, "cipher" directive is used as a fallback cipher and, if not already specified in "data-ciphers", is appended to IV_CIPHERS Notes on systemd-resolved In Fedora 33 systemd-resolved comes pre-configured to work in "on-link" mode and network-manager works together with it. This very peculiar, Windows-like setup kills Linux global DNS handling, causing those DNS leaks which previously occurred only on Windows. Hummingbird and Bluetit take care of preventing the brand new DNS leaks caused by such a setup. Also note that systemd-resolved comes pre-configured with fallback DNS (Google DNS is a systemd-resolved default fallback DNS, smart choices pile up!) which will be queried if each interface DNS server fails some resolution. In such a case, if and only if you have Network Lock enabled will DNS leaks be prevented. Supported systems The suite is currently available for Linux x86-64, i686 (32 bit distributions), arm7l (for example Raspbian and other ARM 32 bit based systems) and aarch64 (ARM 64 bit). AirVPN Suite is free and open source software licensed under GPLv3. Overview and main features AirVPN’s free and open source OpenVPN 3 suite based on AirVPN’s OpenVPN 3 library fork Version 1.0.0 - Relase date 7 January 2021 Bluetit: lightweight D-Bus controlled system daemon providing full connectivity to AirVPN servers and generic OpenVPN servers. Ability to connect the system to AirVPN during the bootstrap. Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone client for generic OpenVPN server connection Linux i686, x86-64, arm7l and arm64 (Raspberry) support Full integration with systemd, SysVStyle-init and chkconfig No heavy framework required, no GUI Tiny RAM footprint Lightning fast Based on OpenVPN 3 library fork by AirVPN version 3.6.6 with tons of critical bug fixes from the main branch, new cipher support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on ARM, Raspberry PI and any Linux based platform not supporting AES-NI. Note: ChaCha20 support for Android had been already implemented in our free and open source Eddie Android edition Robust leaks prevention through Network Lock based either on iptables, nftables or pf through automatic detection Proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features User documentation (*) and source code: https://gitlab.com/AirVPN/AirVPN-Suite (*) Developer documentation to create custom software clients for Bluetit will be published in the near future. Download links: Linux x86-64: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-x86_64-1.0.0.tar.gz Linux x-86-64 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz.sha512 Linux i686: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-i686-1.0.0.tar.gz Linux i686 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-i686-1.0.0.tar.gz.sha512 Linux arm7l: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-armv7l-1.0.0.tar.gz Linux arm7l sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-armv7l-1.0.0.tar.gz.sha512 Linux aarch64: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz Linux aarch64 sha512 check file: https://eddie.website/repository/AirVPN-Suite/1.0/AirVPN-Suite-aarch64-1.0.0.tar.gz.sha512 Kind regards AirVPN Staff
  6. 2 points

    ANSWERED Canada Servers are not overloaded

    Maybe you already know it. When a country consistently has more than 65-70% allocated (used) bandwidth, we consider the expansion. When a country has consistently more than 90% allocated bandwidth, expansion is mandatory. Currently Canada is around 55% while Sweden less than 50%. However, in Sweden, we have much stronger demand in Stockholm (better peering with various residential ISPs) than Uppsala. If you consider Stockholm as an area of its own, or equivalently Sweden as a country relying essentially on Stockholm, then you have consistently 70% allocated bandwidth. That's why expansion in Stockholm is now under evaluation with higher priority than Canada. Kind regards
  7. 2 points

    forwarded ports no longer working

    I have the same problem. Port forwarding has stopped working today, ( Not reachable, Error : 110 - Connection timed out).
  8. 2 points
    @arteryshelby @ZPKZ Hello! Stay tuned, infrastructure expansion will go on. Kind regards
  9. 2 points
    Hello ! Introduction Welcome To AirVPN! This is a guide meant to help new people. Whether you're new to VPNs in general or just new to AirVPN. I've tried to keep it fairly short, by using bullet points & spoiler tags. This hopefully also makes it more readable and less scary. I think AirVPN is a FANTASTIC VPN and while I don't own or have any stake in AirVPN myself, I'm a huge supporter of it. However, it can be quite scary and confusing to use when you first get started, so hopefully my little guide willl help you! This guide also includes links to resources provided by Air and other users, but I don't mean to take credit for these things. So please feel free to scroll to the bottom of this guide! Index: Introduction First Questions Getting Started With AirVPN After Downloading The Eddie Client [includes Troubleshooting tips] AirVPN Guides Section [Look here to find guides about: Security/Torrenting/Port-forwarding/Plex/etc.] Other Noteworthy resources Credits Why I made this guide: AirVPN was said to be very technical and thus hard to use. But since it's such a quality VPN, I don't want that to always be the main bad side to this great service. Therefore, this guide is also a response to this problem, so that newcomers can hopefully feel less overwhelmed about the idea of the air to breathe the real Internet. The Air staff clearly put in a lot of work every day and are extremely knowledgeable people, from all that I've seen. It's just that for newcomers, it can be hard and overwhelming finding all the relevant pieces of information and it can easily be too technical, so I hope my little guide will also be useful in that regard. This is also why, I collect other people's guides and put them in this guide, so that they're easier to find. However, Thank you to AirVPN, Staff and the many knowledgeable members of this community who help out people like myself quite a lot, through their contributions to the site everyday :] Feel free to leave feedback on this guide, both good and bad, if you want to, because I'll happily read it ! First Questions Do I have to be really technical to use this VPN stuff? AirVPN is one of the more technical VPNs out there and this is pretty much its only major drawback, when it gets reviewed. However, it offers unmatched attention to security and privacy. Not all reviews are entirely accurate either, sadly. Which the AirVPN Staff haven't hesitated to remark on though. So in short: No. But if you're new to VPNs in general and not a tech-savvy user, you do have to accept that you might be confused in the start. But this forum is here to help :]. Due to all the marketing and sometimes paid reviews, it can be hard to find out which VPN to trust at all. This is without even getting to the technical features. Air tends to somewhat pride itself on not overselling things however and so on the face of it, AirVPN can seem like it's no match for other, apparently bigger VPNs, but AirVPN has a lot to offer if you take a look. Will I become totally anonymous or completely secure? Please be aware that when using AirVPN or any VPN, while signed in to things such as your e-mail or other online accounts, you might get incorrect notices of being hacked. You have not been hacked most likely, it's just that when services see you log in from several different IP addresses, they get suspicious. Simply keep calm and investigate the issue. No, definitely not. But in terms of steps you can take to reach very high levels of privacy and security, this is one of the best steps you can take. Privacy and security are hard things. To achieve even higher levels involves sorting out things like your operating system, browser, various habits and using networks like Tor, in addition to a VPN like this. Security is hard. It's rarely, if ever, just a one-off solution. Often, security is as much a process, as it is about a single good product, like this VPN. However. just because a VPN doesn't do everything, it doesn't mean it's useless. A lot depends on what you're trying to do/achieve and who your "enemies" are. Yet it should be said, that AirVPN is quite extreme about security. For Air, it's "all or nothing" in many ways. AirVPN is so focused about security, that they even fix issues before they're published! However, VPNs and others technologies are becoming more and more important, as new spy laws like the UK Snoopers Charter & US Rule 41 Amendment crop up. Please check the question "What does AirVPN do to make it safe to use and does it log or track people?" further down, for more details. VPNs A & B have features X & Y, how does AirVPN compare? For this, check out the forum made specifically for that. It's often the case that features from other VPNs are either already included in AirVPN, aren't included because they're unsafe or just aren't as good as they sound. For instance, a rival VPN might say "We offer PPTP and many other secure protocols!", while Air doesn't, because Air knows PPTP is unsafe. Or they might say they offer a "multi-hop" VPN, which may or may not be useful, according to AirVPN Staff. Support for the protocol known as IKEv2 is another example of where Air doesn't support something, but has good reasons for not doing so. As a final example, you will sometimes see competitors speak of their super-secret "camouflage", "4Dstealth" or "hidden" protocols or servers. This is just marketing for gullible customers . But such aforementioned marketing can greatly confuse efforts to compare Airs product with the competitors. So if in doubt, ask the competitor who is offering "stealth"-something, what it is. If I use AirVPN, will I be able to use service XYZ with it? Please be aware that when using AirVPN or any VPN, while signed in to things such as your e-mail or other online accounts, you might get incorrect notices of being hacked. You have not been hacked most likely, it's just that when services see you log in from several different IP addresses, they get suspicious. Simply keep calm and investigate the issue. Please also be aware that it is NOT the main purpose of AirVPN to get access to geo-restricted content because it's a losing battle and Air cannot control how companies such as the BBC and Netflix act. Being able to get access to a site, generally depends on which service you want and which country it's in. AirVPN doesn't have servers in every country. In general, you can get access to everything. Although services like BBC iPlayer and Netflix actively try to block VPNs. Even services as normal as payment processors, such as PayPal don't always make things easy. This means it's not always possible for a VPN provider to do anything about it. But we do have forums to discuss and notify AirVPN on, so that AirVPN can try to solve it as best as it can. But before you post in that forum, make sure to Read This First, as it might help you & will make your posts more helpful to others. AirVPN has a very useful tool called the Route Checking tool. It allows you to test access to a website from ALL AirVPN servers. Just put in a full link in the search field and click the search button. Then press F5 or hit the refresh button in your browser. Green results usually mean there's access; red results mean the opposite. This is useful for seeing if it's only you who has a problem or only the server you're on. As well as which servers don't have a problem, so that you can switch to using those ones instead. It's most important that it's green in the "HTTP" column. There's many different HTTP Codes, so here's a list. VPNs generally slow down your connection a little. But AirVPN is so good that it's still possible to play Multiplayer games through it, without your connection slowing down too much, in my own experience. What does AirVPN do to make it safe to use and does it log or track people? AirVPN isn't just safe because it promises to be so in its marketing. Instead, it backs things up with hard technical specifications and high standards, that you can verify yourself. AirVPN is logless and can't be forced to log surreptitiously, fully supports P2P on all servers & as per #5 ignores all DMCA requests. Remotely-forwarded ports aren't logged either. Here's additional things Air does to increase its security and privacy: AirVPNs infrastructure conforms to a high degree of openness & transparency. This helps show that none of Airs locations are fake, but only bare-metal & lets users compare with one another. AirVPNs encryption standards are military grade and so for all intents and purposes unbreakable. It also only uses the most secure VPN protocol too: OpenVPN. No PPTP/SSTP/L2TP/IKEv2. AirVPN doesn't use any third party tracking on its website, such as Google Analytics or Social buttons, because they leak. Instead, it uses open-source analytics Matomo, which is closed loop. AirVPNs website meets the highest SSLabs security standards: A+. AirVPN takes its mission to fight censorship and manipulation of the Internet extremely seriously. This also means being highly willing to help out journalists and human-rights defenders. AirVPN only uses FOSS (Free and Open Source Software) in its Eddie client. Therefore the software running on your system is not a security "blackbox", but can be independently verified. AirVPNs Eddie client supports a wide selection of protocols. Including SSL and SSH. As well as anonymising services such as Tor; so that you can "partition trust" and need not trust AirVPN. AirVPN fully accepts crypto-currencies. Including to the point where it accepts Bitcoin directly. No middlemen. So if done right, you can use AirVPN with Air knowing nothing about you. AirVPN explains how it doesn't need to inspect or monitor traffic in order to check for breaches of ToS. AirVPN is against security through obscurity, including in its client software Eddie and so shows all the information it can; which leads some users to erroneously think there's logging going on. AirVPN has since then expanded on this point. AirVPN uses in-house support technicians and not outsourced third-party technicians and external packages such as Zendesk. So as with #3, it's closed-loop. No leakage. AirVPN has a strict location policy, so that it doesn't just set up servers in a new, potentially unsafe or questionable, location. One which can't supply the performance required, either. AirVPN has its own DNS servers and "killswitch" feature. With Network Lock on, any accidental loss of connection from Airs servers won't leak anything about you; including WebRTC. AirVPN is run by extremely knowledgeable technical people and not just businessmen. So they're easily able to both explain, defend and attack subjects on a purely technical level. AirVPN supports the auditing of some of the crucial security software that underlies different systems and also supports other projects/groups/services such as Tor, Edri and OpenNIC. AirVPN runs this forum, which can seem like a small thing, but it's actually really important, as it allows for the open sharing of knowledge, providing of technical support and mythbusting. AirVPN already acts as a "multi-hop" VPN and takes many other measures to increase security, such as separate entry & exit IPs, Perfect Forward Secrecy and HMAC SHA1. AirVPN has a strong focus on avoiding marketing fluff and overselling. Which means you know exactly what you're getting and don't need to deal with deceptive use of technical details. AirVPN is highly consistent with staying constantly on top of any security issue. AirVPN is based in Italy and is therefore within the EU. This has a range of other benefits too. That's 20+ ways in which Air has extremely high security "by default". All made nice and easy for you to use. If you want more, there's a simple 3 step guide for that. But seriously, there's always more you can do yourself. When will AirVPN add country or server XYZ? AirVPN Staff do not usually tell the community when a new country or server will be added. They simply add them. So it's easy to miss. The Eddie client will automatically show them. AirVPN frequently adds new countries/locations. This can be seen in the announcement forum, so please try to check this and the Eddie client (if you use it) before asking. Thank you. Requests for a specific location or addition to an existing one, are fine. But demands to know when something will happen, are futile, since AirVPN follows a strict location policy. The technical specifications regarding security/encryption for the Air servers that are used, can be found here. Further, those technologies and standards allows Air to pursue its Mission. Please remember that even if a country you want hasn't been added, you may still be able to get access to the web-content of that country, thanks to Airs micro-routing feature. Here's some old posts regarding different locations, so that you may not need to ask. Please note that some, such as Japan as of 2018 & Austria, were already added: Italian Servers? Japan/Korea Servers? [staff Comment] Russian Servers? Danish Servers? Middle-East/North African Servers? Indian Servers? Panama Servers? Australian/New Zealand Servers? Latvian Servers? French & Belgian Servers?[uPDATE: French Servers Momentarily Withdrawn] Austrian Servers? Central/South American Servers? AirVPN now allows 5 connections per account instead of 3, but is it possible to buy more connections? AirVPN has increased the limit from 3 to 5 connections. Thus it's unlikely to be possible to buy more connections at any point. But you can use a modified router if you still need more than 5. If you change your router firmware(software) to something like DD-WRT or Tomato for instance, you can make all devices on your Wi-Fi/Router go through AirVPN. However running a VPN on a router is quite hardwork for most routers. So you either need high-grade commercial ones or computers like the ZBOX Nano, converted into routers. That ZBOX Nano PC would be excellent for a VPN to run on, as the hardware is very good; even more than the commercial routers. Only savvy users should consider this. Who runs AirVPN & moderates the forums? The Staff account is the Official voice of AirVPN. Private messages cannot be sent to them. Clodo & pj are the most visible AirVPN employees. Clodo is the developer of AirVPNs "Eddie" client software, while pj is a co-founder of AirVPN. Community moderators: zhang888, giganerd and LZ1. Note that we are NOT AirVPN employees, have no access to Air infrastructure and do NOT speak for Air in an official way. Instead, zhang888, giganerd and LZ1 are a part of what the Air Staff call the Air "forum Staff". Note that member profiles can't be accessed by others by default, unless you add them as friends or they made their profile public. Air itself is based in Italy and so that's where their staff will be sourced from. What are some of the "Status" page functions for & how do I use AirVPNs "Micro-routing" feature? The first page you see when you go to the Status page, is an overview of Airs servers & service. Useful for seeing if any server is down or very busy, downloads and how many users there are. The Ping Matrix shows the latency between Air servers and if there's any (severe) packet loss somewhere. No packets = no connection. The Top Users page can help you verify if others are still getting good or bad performance, compared to yourself. The Checking Route page is for seeing if Air servers can or can't connect to a website you select. Unlike the Ping Matrix. There's also the special AirVPN "Micro-routing" service. To use it, simply make sure you connect to Airs servers & DNS. (Automatic when you use Airs Eddie client). Without the micro-routing, if you want to watch French TV for example, you would have to connect to a French server. But with micro-routing, you can connect to ANY Air server and still watch French TV, as long as the TV's website is on the "Website support" list. It's possible to make requests to get sites added to these lists. Anyway, this micro-routing is very very useful ! Because it means that EVEN IF Air takes all French servers offline for some reason, you will still be able to access French content! Is it free and if not, why should I pay for it? AirVPN is not free, but you can get a short trial if you ask nicely. The Trial has unlimited data and full speed. But you can only get a refund if you have used less than 5GB. Free services don't offer many of the very nice features which let you get around website/service blocks. But it can be hard to market these features to non-technical people, because they're not always easy to explain. Yet once you try them, you will appreciate them. AirVPN has quality servers & connections, as well as guarantees a certain speed, with no limits. So it's possible to play multiplayer games through it. Free services often have to exploit their users in order to survive. This is normally done by tracking you, possibly undermining your security and selling your data to 3rd parties. If a free service is leaking your data due to poor practices and technology by accident or selling it on purpose, what's the point in using it then? VPN means Virtual Private Network. Even if a free service doesn't exploit you, you still don't have the same level of security or assurances, because how would a free service pay for that? Real security is hard and costly. Would you rather go through 5 bad free services, risking your security and privacy or would you rather take your privacy and security seriously the first time, for a small fee? If you only need a VPN 1 time, then it's probably not worth it to use a paid service. But if you know you'll need it often, it's worth the investment. Air has a very cheap 3 day plan too though. Free services often have many limits. But AirVPN is logless, allows 5 devices per account, allows P2P and other protocols, has no data/bandwidth limits & very high security. So basically, you need to be able to Trust your provider, yet why would a free service be trustworthy? They don't owe you anything. But a paid one at least does - not that all paid services are great either though. Not all services on the web offer the same level of protection either, whether free or not. Many services, paid & unpaid, lie to you about where they have servers. Fake GeoIP addresses. Since AirVPN isn't free, is it possible to buy a Lifetime subscription, as with other VPNs? Does AirVPN hold sales at all? This question has received its own dedicated topic, so please click the link below All sales related questions are answered in this dedicated thread. Getting Started With AirVPN If you run into a problem with Airs software for some reason, then please make sure to check if there's an experimental version of the Eddie client you can download. Experimental versions aren't always available. How do I start using AirVPN? There's 3 simple steps: Create Account Choose a Plan Choose your setup Creating an account: You don't need a valid e-mail address. The site software, called IPB, just needs the field to be filled with something. Remember that password recovery will NOT work without a valid address. If you can, don't use something which uniquely identifies you. So even if you name your account ninja10834, that's still better than something about your real name, location or even interests. With this account, you can also post on the forums. However in the beginning, you won't be able to post on these forums immediately. This is because a moderator has to make sure that whatever you post, is both genuine and from a person. So when you click the "post" button, your own post will NOT show up immediately; so just be patient, when asking a question. After around 5-10 posts being accepted, your account will increase in level and you will be able to post things immediately, without any supervision. There's 2 names associated with your account. The first is your login name, which cannot be changed and can't be seen by others. You would need to make a new account, to change it. The second name is your forum display name. In my case, it's LZ1. This can be changed by you at any time, but only matters in the forum. NOTE: it's your login name you use for logging into the Eddie software, together with your login password. Choose a plan: At this stage, you pick both how you wish to pay and how much. It's possible to pay in currencies known as "cryptocurrencies". These cryptocurrencies, most famously Bitcoin, have a range of benefits when it comes to things like security and privacy, if used correctly. If you want to pay using a cryptocurrency, there's some guidance on what to do, further down, in the guides section. However if you're just starting out, it's fine if you just use your credit card or whatever method which suits you. It's also possible to ask for a short trial. You can also scroll back up to the "First Questions" section and look for the information on Air's sales, if you want to wait for a discount. After paying, you will be a "Premium User" and will be able to see how many days you have left of your subscription, at the top of the screen, when you're logged into your account. Choose your setup: AirVPN provides a mobile version of its Eddie app for Android. An iOS version is NOT available due to Apple's restrictive policies. This stage is pretty straightforward. Just make sure you select the right versions and hit Download. Your OS: Find out which Windows Operating System you're running or which GNU/Linux you're running. Mac users must use either Mavericks or something newer. Your Architecture: Most will be locked into 64-bit here, as 32-bit is outdated. Your Format: Windows users should select "Installer" & MacOS users select "PKG Package Installer". Ubuntu/Linux users pick according to distro; adding a PPA will enable auto-updates of Eddie. Your User Interface: Most people should pick Graphical UI. Unless you want to run some kind of headless install, as some technical users do. Then click the big blue Download button and follow regular installation procedures. Now you will be downloading the AirVPN software. DONE. No further reading is required from here. Just open Eddie and click "Connect to Recommended Server". Unless you need a guide for something or want to know some of the finer details. This software is called a "client". This "client" is called "Eddie", because that's what AirVPN calls it. So when you hear talk of "Eddie", it's referring to the software you downloaded. If you don't want to use Eddie for some reason, there's ways of getting around it. But for new and casual users, it's recommended that you use it. If normal Installer Formats create problems, you can sometimes fix them by using the portable formats. A portable download is also useful if you want to store Eddie on a USB stick. If the latest Stable or Experimental release doesn't work for you, then you can download an earlier version, by clicking the "Other versions" link under the blue download button. How and where do I manage my AirVPN settings? You do that in the Client Area Some of the most important things in this area include: Configuration Generator Ports Referrals Number 1 is where you automatically generate the files that your VPN needs to work (if you don't use the Eddie Client, such as if you use Android), after you tick some boxes. Number 2 allows you to tell the VPN which "ports" or "virtual doors" to open, which can speed up things such as your Bittorent client (qBittorent, uTorrent, Vuze, Transmission, etc.) Even though it looks confusing, the only thing you actually need to change, is putting the right number in the "Local Port" field. So if your torrent program uses port 7634 for instance, then you put 7634 into the "Local Port" field and simply click the green add button. Then a number will automatically be generated and put into the big white box at the top. All done. Number 3 shows you the link you can share with other people. If they buy an AirVPN plan, you get 20% of what they pay. Then you can use this money to pay for your own plan. What if I need help during the process? If you need help from Air, you can easily contact them. If you're wondering why AirVPN doesn't have "Livechat" or might take a little longer to reply than other providers, then this is why. However you can also just come to these forums. If you can't post yet, then you can read the various guides which exist. In the AirVPN program called Eddie, there's a tab called "logs", which lists various information about what's happening. You can copy this and post it on the forums so we can help. But when you post your logs, MAKE SURE you post them inside "spoiler tags". If you don't use spoiler tags, you will annoy and make things more difficult for everyone, including yourself. I've used untold numbers of spoilers in this guide, as an example. What are logs, where are they and how do I use spoiler tags? When the AirVPN Eddie software is running, it creates a list of what it is doing. What's connecting, when, where, if something went wrong and so on. A log of events. So when you ask for help on these forums, we will often ask about your logs, because without logs, we do NOT know what is happening, in your specific situation . If you open the AirVPN "Eddie" client software, you will see a "Logs" tab. On the top right-hand side of the window, the 2nd button from the top, lets you copy your logs quickly. After copying the logs from Eddie, paste them into your posts when you need help. Do so by typing the short codes necessary; which we call using "Spoiler tags". This makes it much more convenient for everyone; just like this question and answer, is inside a spoiler . Please try to do it, thank you! Is there anything in my AirVPN account I should change? Go to the top-right corner of the screen and click your account username. Then click "My Settngs" in the drop-down box. Under "Profile Privacy", you might wish to un-check the checkbox, if you want others to be able to view your profile when clicking your name. Under the "Notification Options" tab and then under the header "Topics & Posts", check the box which lets you auto-follow things you reply to. This is very useful. Because then you'll get a little notification in the top-right corner, every time someone replies to a thread you made. This makes getting help more convenient. It's also good for following what's happening in threads that you post in. Remember to check the boxes on the right-hand side, so that you can choose if you want to be notified via the forum or via E-mail . You can also enable notifications for when people "like" your posts, since that can be quite encouraging! Under "Profile Settings", you might be curious about who visited your profile. So you can make it show the last 5 visitors. Everything else such as signatures, allowing others to add you as a friend and so on, are up to you. Enjoy! Is there an Experimental or Beta version of the AirVPN Eddie Client I can try? If so, where is it and why would I want to try it? Note that whenever you download the Beta/Experimental Client, you'll always receive the latest one. You can check your version number after you open Eddie and go to its "About" page. There aren't always any Experimental clients to download and new clients are continuously released. So keep an eye on the announcement section, for Beta/Experimental clients. Just because a release is called the "Stable" version, it doesn't mean the Beta/Experimental client is "Unstable". However don't be surprised if you run into issues . You can find the Beta versions [if one is available] on the download page of your OS, under "Other versions": If for some reason an Eddie client doesn't work, try downloading a "portable" version on the OS download page, under "Format". Being Beta/Experimental, you might run into some bugs. However I use the latest all the time, with no problems really. For more information on what features are added and bugs taken away, go straight to the changelog The Beta/Experimental client often includes fixes for bugs which the "Stable" version of Eddie has, as well as various extra features and changes. This helps all platforms. For example, for Windows, a prior Beta release used WFP (Windows Filtering Platform), instead of Windows Firewall, which meant it became easier to use 3rd party security software. 3rd party security software, are things such as Comodo firewall or Avast anti-virus. Things which you install yourself. In addition, it also comes with the latest software updates "out-of-the-box", such as the latest TAP drivers and OpenVPN patches, so you don't have to update them yourself. It may enable some things by default, which a current Stable version requires you to change yourself (as explained in the next section of this guide). By using the Beta, you can also help AirVPN by providing feedback, which means Air can then make things even better . Each Beta release has its own feedback thread. Just remember to describe the problem, tell us which system you use (Linux/Windows/MacOS/etc.), the client version (Go to Eddie client "About" page) and some logs in spoilers! : D. Thanks! After Downloading The Eddie Client Please remember to share your Eddie logs and use spoiler tags, when you need help from the community. How to do so, is answered in the previous section, thank you! What's "Network Lock" & should I use it? Please be aware that using Network Lock with Tor can be contradictory to try. It's not currently planned for. Please also note that it's expected that Eddie turns off Network Lock, when Eddie is shut down. Network Lock in AirVPN, is what many other VPN providers normally call a "killswitch". So this is Airs own "killswitch". Network Lock (NL) is a way for the AirVPN software to force all of your computers network communications through the AirVPN service, so that nothing "leaks out" about your identity. For new users, I don't recommend using it too soon. I recommend waiting a few days and just getting comfortable with the day-to-day running of the software and then using it later. With NL on, your internet connection will stop entirely, if you lose connection to the Air servers. This is great for preventing information from leaking & is a feature, not a bug. Why is this important? Well, I don't want to name & shame other providers, but one poster showed that his last provider leaked his real IP address during server changes. This shouldn't happen. But with NL on, this won't happen to you, because changing servers in Eddie will mean disconnecting from server A to go to server B. Thus the connection is stopped first & then resumed. No leaks. But if you want maximum security right away and aren't afraid of small technical issues, you can start using it right away. It can always be changed back.. How can I test that AirVPN is hiding my IP and DNS addresses correctly? Turning on Network Lock in the Eddie client will protect you from WebRTC leaks. You can use AirVPNs own service called ipleak.net. Make sure it's .net and NOT .com. Since ipleak.net is run by Air, it has now received its own sub-forum, where you can ask questions, give suggestions and receive information on any changes made to ipleak. Un-configured, browsers like Mozilla Firefox and Google Chrome will "leak" (show) your real IP address through a technology called "WebRTC". To stop WebRTC, scroll to the bottom of the ipleak page and read the very short and simple instructions on how to fix it. It's not overly technical, don't worry. If you torrent files, there's also a torrent on the same website, which you can download in order to test which IP other torrenters would see if you torrented a real file. It's recommended you use Free & Open Source Software(FOSS). With this client, you can make it bind itself to whichever network adapter is using the VPN, which is convenient, so that it only torrents when using a VPN. I can recommend setting ipleak.net as your browser start page, so that every time you start your browser, you'll quickly be able to see if everything is working as intended. Eddie can't connect or is very slow, what can I do? If none of the below solutions work, then it's time to ask the forums or Air support. In BOTH cases, please supply your logs, as detailed before. Otherwise no one can help you. First, please make sure your client is updated to the latest Stable or Beta release. You can see your version number in Eddie>Top Left Corner Menu>About. Head to download page if not. Please try different protocols, at Eddie>Menu>Preferences>Protocols>Uncheck "Automatic">Select a protocol, such as SSL or TCP 443> Save>re-connect to an Air server. Please try connecting to not just different servers, but different countries too. Proximity to your location does not automatically mean better connections; due to routing technicalities. If you're an online gamer, you may benefit from changing the buffer sizes, as mentioned by Staff. If you're a Linux, MacOS or Windows user and webpages aren't loading fully or there's less than optimum speed, you can try the so-called "mssfix". If it's simply a problem with connecting to airvpn.org, then please try the alternate entry: airvpn.info - note that sometimes Air comes under attack from within and so you get an error page. If Eddie, such as in its Logs, says there's problems with route checking, please refer here for a solution. Note: disabling Preferences>DNS>Check Air DNS can be tried at the same time too. If you enabled Network Lock and can't connect to the web without Eddie turned on, then please disable Network Lock or reset your firewall and/or DNS, as shown in the two posts here. If torrenting speeds are slow, then please remember to port-forward and configure your torrent client correctly. For detailed guides on this, please go to the Guides Section below. For some ISPs, such as Virgin Media, please check the Guides Section below, for specific tutorials on how to optimize speeds. In some cases, especially if you run Air directly on your router, it's possible that your computer hardware isn't new enough to handle the encryption quickly enough. For Windows users, updating or downgrading the TAP adapter may work. But this shouldn't be tried as the first thing, as it's often not necessary now. For Windows users, you can try downloading a program called TCPOptimizer. Which other steps can I take to increase my privacy and security? Using AirVPN with Tor is a strong answer, among many other good ones. Here's a further explanation of how AirVPN & Tor work, when together. There's also many other ways to handle privacy and security on multiple fronts. If you're looking for a technical challenge, you can install pfSense on a very powerful computer, to make it act like a router, so that all devices connected to your Wi-Fi will be covered by the VPN. Why not just use an expensive commercial router? Because even expensive ones struggle to handle the protocol known as "OpenVPN" efficiently enough to give excellent performance. You can change the software & hardware you use & support the organisations which try to make things better; such as the FSF/EFF. If you're a geek or networking enthusiast, you can also check out things such as the Turris Omnia router, which offers very powerful hardware & software. AirVPN Guides Section Make sure to check the date of the posts you read below. Hope you like it ! Guides, How To's & Troubleshooting Amazon devices like the Fire Stick, Fire TV Cube and others can be used with Android Eddie without sideloading, according to Staff. Mini-guide by Staff on how to test if your connection is being shaped/throttled [How-To] Use AirVPN with Network Manager on Ubuntu/Mint [How-To] AirVPN via SSL/stunnel on Android 6/7/8 [How-To] fix Virgin Media Connection Drops/Bandwidth Issues Plex Server Guidance (Until someone makes an actual Plex guide) Paying with Bitcoin/Cryptocurrency Guidance. (Until someone makes an actual Cryptocurrency guide) Mini-guides On How To Improve Torrent Speeds Mini-guide On Torrenting With Tixati Client How To Autostart AirVPN As Root With No Password (Linux) Note: security risk & What Staff Says(OSX/MacOS) How To Setup The Eddie Client On Raspberry Pi 3 How To Port-Forward & Use A Torrent Client Guide To pfSense 2.3 For AirVPN Guide to pfSense 2.1 For AirVPN Firefox Extensions Guide Guide To Setting Up VPN For Torrenting On Windows Guide - What To Do When A Site Is Blocked AirVPN Forum Styleguide How To Improve Smartphone Security How To Block Non-VPN Traffic With Windows Firewall How To Connect To AirVPN With Your Fritz!box Router Using AirVPN Through Stunnel On Android Using AirVPN Over Tor Using AirVPN on iOS Check Your TAP Driver Version Explaining The Use Of AirVPN With Tor How To Configure A Synology Device For AirVPN AirVPN & iOS Other Noteworthy Resources Links Please be aware that AirVPN, unlike most, does NOT buy or otherwise use paid-for reviews. An alternative VPN client to Eddie, for Linux. Best VPNs 2016 & AirVPNs results Advanced Networking & Computing How To Break The Internet (Cory Doctorow) (Recommended Watch) Why the OpenVPN protocol that Air uses is good Guide to all things privacy Five Eyes Countries Schneier on Encryption CGP Grey explaining Encryption 10 Myths About VPNs (Ignore the self-advertising) (Recommended Read) The Eternal Value Of Privacy (Recommended Read) Credits Thank you to: AirVPN & Staff for their excellent service and explanations. inradius for his guide on how to use Air with Network Manager on Ubuntu/Mint Omninegro for his pertinent guide on extensions. The always crazily knowledgeable and helpful zhang888, whom I owe a lot to for all his work here. Thanks man. Omniferums excellent guide on securing Windows. pfSense_fans guide on how to use the excellent pfSense firewall software. The always very friendly and helpful giganerd! NaDre for his excellent torrenting guide. neolefort for his Synology guide. sheivoko's guide on using AirVPN through stunnel on Android bigbrosbitch for starting a guide on mobile security Zensen for his guide on how to autostart Eddie on Linux with Root sagarbehere for his nice guide on how to set up Eddie on a Raspberry Pi 3 rainmakerraw for his mini-guides on improving torrent speeds and how to torrent. lewisisonfire for his guide to fixing out Virgina Media-related issues and with nice pictures too. Khariz, giganerd and ~Daniel~ for their helpful posts. I hope the guide was of use! If you find any inaccuracies, feel free to tell me. I worked hours on this tiny guide, so I want it to be perfect haha. I hope your experience with AirVPN will be a good one! Mine certainly has been. If you have any questions, feel free to ask. Thank you for reading :] P.S. I consider myself pretty savvy, but I remember being confused when I got here. So I can only imagine how it is for less savvy individuals. P.P.S. I know it lacks images, but images do evil things to my spoilers, lol.
  10. 2 points

    Christmas 2020 Sale

    Thanks for the Christmas sale! I've tried several other VPN's over the years but somehow overlooked AirVPN. It feels good to know I've found one of the best and have settled in for 3 years. Wishing everyone a Better New Year!
  11. 2 points

    New 10 Gbit/s server available (CH)

    This new Xuange server works really well and fast as well as stably! I've been using it all day on my Smartphone and computer. I have noticed that this connection is much faster than I what the other Servers in the Air! I will always use this server in the future. Thank you for this new server, and Merry Christmas everyone!
  12. 2 points
    Aristotle Skotos

    My POV as a newbie here

    As a long time GNU/Linux enthusiast & evangelist I am very privacy & net neutrality concerned, and care a lot about the software I run. Eddie is the very first VPN client I happily run on my Manjaro box. Though I still enjoy personally adding & managing VPN configurations thru the Network Connection Manager, I now see why a VPN client might be interesting: Eddie simply works out of the box and does not make a GNU/Linux user feel a 2nd class citizen (eg, network lock feature included by default), & provides detailed info on latency & load. What about transparency? Simply astonishing. In this world where money is the only religion, transparency is often an abused concept of the past. Not here. When geographic location is not mandatory, I love operating from the currently fastest server available and not overload the others.. The number of locations seems to be low and the servers number a bit odd, but it works well. A well balanced infrastructure indeed with access points in strategic places all over the world. I love the servers names! As time passes, they become close friends. What about sponsorship? The fact that the company cares about some of the most important open source projects & organizations is definitely a plus. Not to mention that the community simply looks great. Thank you!
  13. 1 point
    If you are able to find a used Netgear R7800 (X4S Nighthawk) at a reasonable price (new ones are pricey), that is pretty universally agreed in the dd-wrt forums these days to be the least troublesome router with solid speed for use with dd-wrt. Supposedly it runs OpenVPN at around 100 Mbps, and there are flashing instructions in the forum at https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614. The AirVPN setup how-to is at https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321856, though note it has not been updated yet for OpenVPN 2.5. Find general dd-wrt OpenVPN guidance, including notes on changes needed for OpenVPN 2.5, at https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327398. You'll need to register as a forum user and be logged in to download the pdfs. The forum that discusses the R7800 and related routers is at https://forum.dd-wrt.com/phpBB2/viewforum.php?f=28, and it's important to check the new-build thread there for any build you are considering flashing, just to make sure R7800 owners are not having trouble with it. There is a dd-wrt router database that is referenced in a million online how-to articles outside the dd-wrt forums. Ignore it. Its build recommendations are poor, sometimes disastrously so. Usually the latest build is the right one for that router. Re solutions other than dd-wrt, I do know that those Asus routers running AsusWRT offer OpenVPN, though they use Broadcom wifi hardware rather than the generally preferred Atheros wifi hardware. If you go that way, pick a model that is supported by (with many users) AsusWRT-Merlin (see https://www.asuswrt-merlin.net/), so that you will have the option of eventually upgrading your firmware to it. AsusWRT-Merlin is much less aggressive than dd-wrt with adding exotic features. It fixes bugs in the original AsusWRT and extends router capabilities in certain areas in a relatively gentle way. I believe I remember that OpenVPN Policy Based Routing (routing some but not all clients through the VPN) is one of its additional features. You'll either want PBR or two routers, one for VPN and one for bypassing it, in any practical router-VPN setup. I know little about other options so will let others comment. Good luck.
  14. 1 point

    forwarded ports no longer working

    Hi, I have used forwarded ports with no problem over the last year but suddenly none of my forwarded ports are working. I'm getting "Not reachable on server IP over the external port XXXX, tcp protocol. Error : 110 - Connection timed out" when I try to check them in the client area here. Any ideas what the problem might be?
  15. 1 point

    macOS: Hummingbird 1.1.1 released

    Yep working great with the new Eddie on Big Sur here! Gave it 24 hours before I posted to make sure haha.
  16. 1 point

    forwarded ports no longer working

    What ports are forwarded in your modem. If any? What sort of application is in question here? What firewall do you use on your computers?
  17. 1 point
    I'd say it's much closer. Is the application still listening on the VPN interface, for example?
  18. 1 point

    Polish Server

    Discussed here:Again: What constitutes (un)lawful speech? Who defines this? EU making Poland pay for a wall in south EU really being fake news is probably unlawful and exempt from this, but so might be news about Poland replacing "inconvenient" judges which is true in nature but might be seen as unlawful and therefore exempt, therefore free to be removed, too. Double-edged sword. My thoughts are the same: Due to this a Poland server is unlikely, why exposing the AirVPN community to this crap?
  19. 1 point

    macOS: Hummingbird 1.1.1 released

    thank you, it's working with the latest version of Eddie
  20. 1 point

    forwarded ports no longer working

    I rebooted the PC and the modem and it's still the same. I also disabled my firewall briefly to check if that helped but it's still giving the same error even with the firewall off and freshly booted.
  21. 1 point

    AirVPN is faster than NordVPN but...

    @freak Hello! Good, the infamous bottlenecks caused by the OpenVPN TAP driver should be resolved. However it's strange that CHACHA20 provides you with higher performance than AES does. A possible explanation is that your system does not support AES-NI. Your CPU does, though, so you should beat CHACHA20 performance with AES-GCM, if you can enable AES-NI. Wireguard must be faster than OpenVPN with CHACHA20, because Wireguard runs in the kernel space and CHACHA20-POLY1305 implementation should be fine,. Running in the kernel space, however, has security implications that must be considered. OpenVPN with AES, in an AES-NI supporting system, linked against latest OpenSSL which includes assembly code (at least for Linux), is faster than Wireguard according to our tests, even though OpenVPN runs in the userspace. Wireguard offer is planned, but as you know it's a wreck lacking many basic features: no DNS push, no dynamic IP address assignment, no AES or other ciphers support, no TCP support, fixed bijection of real IP addresses onto client keys/VPN address, clients real IP address storage in a file, thus posing paramount privacy as well as technical issues. Many people will be disappointed and worried when they understand the implications of all of the above. Many other people will not be able to use Wireguard at all (mobile ISPs blocking or shaping UDP, countries blocking or shaping UDP etc.). We will release software aimed to patch, when possible, those numerous problems, but we need to keep approaching and offering Wireguard with care. Kind regards
  22. 1 point

    Apple Silicon version?

    Anyone know when there will be an Apple Silicon universal binary version that will run natively on M1 Mac's without using Rosetta2?
  23. 1 point

    Christmas 2020 Sale

    Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68.6% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. You can do that in your account Client Area -> Your membership: Purchase and credit -> Print X-Mas after you have bought a coupon. Code shown in the above picture is an example, not a real code If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff
  24. 1 point
    The other way round for me, 500 Mbit/s with AirVPN and 90 with NordVPN. NordVPN is slower most of the time. Set buffer to 512 KB. Connect to some server that isn't loaded too much, check the blue bar on the servers in https://airvpn.org/status Cheers, happy new year to everyone!
  25. 1 point

    Apple Silicon version?

    I was also unable to click anything on the GUI when running Eddie on my Apple M1. I did find a fix though.. Click on the Eddie icon in the menu bar and select Show Main Window. This should allow you to enter your user name and password. You may need to tab and enter instead of mouse clicks to save your settings.. Once connected, set your app preferences to remember settings and to reconnect on startup so you don't have to go through it again. Although it works, it definitely doesn't like to play with with the M1 so this needs to bee looked at.
  26. 1 point
    Poland does not protect their citizens from ideological/government censorship, which is by far the greater threat there. https://rsf.org/en/poland https://rsf.org/en/news/poland-about-censor-privately-owned-media-its-hungarian-ally It is important to note that this is a double-edged sword which will definitely be used against people, even if implemented with good intentions. The underlying question is: What justifies removing a piece of information? A post about EU wanting to make Poland pay for some wall in the south against the waves of refugees will be a candidate since it's in fact wrong, and the problem is that an article about the govt. replacing "inconvenient" judges and journalists will be, too, being an inconvenient truth that will inevitably divide people. Exposing everyone in the world to this nonsense is a very, very bad idea. Which is why a Poland server is… improbable.
  27. 1 point
    solved. I'm unable to replicate the issue now, as this seems like an issue only at initial setup. When eddie was first run, the 'main window' is automatically shown in order to provide login credentials. This window is NOT able to be brought to focus by using the gui/mouse. No amount of clicking on the window (even quitting the program or restarting the computer) would give the window focus. Only by going to the menu bar and selecting the option 'Show main window' will give the window focus and allow me to enter the credentials. Once this was done I was able to get logged in/connected. Now, the 'main window' does not show automatically on launch. The only way to get to the window is with the menu bar selection. FYI this is the last series of intel i5 macbook prior to the M1 release running Big Sur 11.1
  28. 1 point
    Operating System: openSUSE Leap 15.2 KDE Plasma Version: 5.18.6 KDE Frameworks Version: 5.71.0 Qt Version: 5.12.7 Kernel Version: 5.3.18-lp152.57-preempt OS Type: 64-bit Processors: 8 × AMD Ryzen 5 3400G with Radeon Vega Graphics Memory: 15,3 GiB In the first and second beta, I didn't have this problem.
  29. 1 point

    New 10 Gbit/s server available (CH)

    @Staff When can we expect one of these 10gbit/s wonders in Canada(Toronto)?
  30. 1 point
    Hello! We're very glad to inform you that AirVPN Suite 1.0.0 RC 1 for Linux has just been released. It addresses all the problems reported so far, except: problems reported in unstable distributions but not occurring in the same distribution stable release the specific problem reported by @OpenSourcerer as we failed to reproduce it: please report if you find anything similar to what OpenSourcerer has reported because we can't manage to reproduce the malfunction in spite of very many efforts Links to download packages have been updated in the first message of this thread. Kind regards
  31. 1 point

    Safety of .ovpn file

    No, they are strictly for authenticating OpenVPN clients against the servers. The key negotiation is using the Diffie-Hellman Key Exchange algorithm and is based on a general randomness, perhaps best described by the color mixing illustration on the Wikipedia page for this algorithm: https://upload.wikimedia.org/wikipedia/commons/4/46/Diffie-Hellman_Key_Exchange.svg Alice will be the client, Bob will be the server. Eve will be the evil eavesdropper/cracker/whatever. Alice and Bob both agree on a common color which is known to both. They choose a random secret color which they keep to themselves and add them to the common color, creating two different mixtures of color. Those mixtures are exchanged. Now when Alice adds her secret color to the mixture she received from Bob and Bob does the same with his color to Alice's mix, they end up having the same final color. That is the key used in encrypting and decrypting messages. Eve will know the common color and the mixtures they exchanged. She can try every conceivable color on both mixtures to find out both secret colors which will hopefully lead to something able to decrypt messages. The big catch: She's got 60 minutes for that. At this point I'd wish her best of luck. Now, spoken in maths, the common color are a few values of variables agreed upon. The secret they keep to themselves is another variable used in a more less simple mathematical equation. They exchange their result of that. When they use their own secret variable on the other's result in a similar equation, both will get the same result – the symmetric encryption key, since AES is a symmetric cipher. Eve will know the common variables and the result. She can try all the values for this in a brute-force fashion and hope to find a key able to decipher their messages correctly. The big catch: It's easy to use that formula in a straightforward way. It's a mathematically more difficult thing to calculate the secret variable while hoping to find a key that will successfully decrypt messages. All that within 60 minutes. Best of luck. The only real thing someone can "do" to you if he/she got your keys is take up all the connection slots for themselves so that you keep getting disconnected. But you can stop this by simply invalidating your key pair in the client area – and slot abuse is no more.
  32. 1 point
    Considering this post is nearly a week old I find it a little disconcerting that no one from AirVPN has even bothered to reply to this
  33. 1 point

    Christmas 2020 Sale

    Done.... 😉
  34. 1 point
    Okay. Try this instead: keepalive 5 10 It's short for ping 5, ping-restart 10. Maybe you need to lower the ping frequency, too.
  35. 1 point

    Firefox outside vpn

    If you are using Windows: https://github.com/tool-maker/VPN_just_for_torrents/wiki/Running-OpenVPN-on-Windows-without-VPN-as-Default-Gateway "Then the client programs meant to use the VPN must be bound to the VPN interface IP address. The client program has to provide this capabilty. Torrent clients like uTorrent, qBittorrent, transmission, deluge and Vuze provide this. The script works because of the way Windows handles source address routing. If the program is bound to a source IP address, that IP address is used as the source IP address for connections sourced from that socket and the adapter associated with that source IP is used as the source interface. The route table is searched but only for routes that can be reached from that source interface. When OpenVPN starts, it will attempt to override the default gateway by adding routing table entries that will mask the original default gateway. VPN_gateway_hide.bat adds routing table entries that mask the entries added by OpenVPN. So the default gateway remains in effect. When a program is bound to the VPN IP address, the routing table entries added by VPN_gateway_hide.bat will be ignored, and the VPN will be used. The routing table entries added by VPN_gateway_hide.bat are temporary, and will be gone after a Windows restart." I believe it is possible to bind eMule to a source address. But I do not have it installed any more to check.
  36. 1 point

    Firefox outside vpn

    You can route certain apps through the VPN while the rest is routed normally with certain tricks, but not the inverted case, at least not so easy. That is because OpenVPN works with IP addresses rather than applications. If it's a more or less simple website, you can always exclude its address from routing via the route directive in OpenVPN or the Routes settings in Eddie.
  37. 1 point
    Edit: .... hmm, so far speed is not impressive, barely getting 150-200 Mbits on a gigabit connection.
  38. 1 point

    A manage ports bug

    Hi AirVPN, I've noticed that when visiting the Client Area > Forwarded ports section there is a HTML value that does not need to be there as it is displaying on the submit button: This can be fixed if you remove the value field from the HTML, I cant see why its there, please correct me if i am wrong: Hope this helps
  39. 1 point
    Just out of curiosity, what's your ISP and country? A daily reconnect sounds very familiar to what Fritz!Box routers in Germany are configured to do on DSL by default, but that's not needed with most ISPs in Germany anymore. So if you're in Germany, you might as well disable that to fix this altogether if the ISP is right. Otherwise, I'd probably drastically lower connection timeouts. The OpenVPN default is 120 seconds, AirVPN servers push 60, and you might be able to lower this to 10 or even 5 if you need. Pay some attention to your connections when setting this so low, as OpenVPN will forcibly reconnect, no matter if the line is under high load or it's really a disconnect. Add this to the config: ping-restart 10 .
  40. 1 point
    I had the same problem when I installed v2.19.6 I ended up uninstalling the existing Wintun install as well as Eddie and Openwent for a clean install of v2.19.6. I also used CCleaner to delete left over registry files. Restarted my PC and it worked straight away. My OS is Windows 10 Home v 20H2 up to date.
  41. 1 point

    Wireguard plans

    @Flx The first message was approved by some moderator in the wrong thread, not a big deal. Then we moved the message on its own thread, this one. Then user "wireguard" posted more messages which were all approved by some moderator. @Brainbleach Of course. We were replying to "wireguard" who invites surreptitiously to punish AirVPN because AirVPN uses and develops actively OpenVPN: "Needless to say, investing in AirVPN means investing in OpenVPN, and that's not acceptable to me at this point," . He/she also kept claiming that "it's time to retire OpenVPN" (sic), that OpenVPN is a "truly disgusting hack" (sic) and so on,. showing his/her embarrassing ignorance and lack of good faith. Nothing to do with your messages. Funny how bogus account writers are so eager to become from time to time AirVPN software lead developers, general managers for AirVPN strategies, marketing directors and more. 😀 We wanted to prove beyond any reasonable doubt that his/her claim are unreasonable and based on wrong assumptions and terrible omissions, showing how Wireguard can not replace OpenVPN for a significant percentage of our customers and how our OpenVPN development has been beneficial for many users around the world. That said, we claimed that Wireguard needed to be developed and tested further years ago, so at the time our claim was totally reasonable. We also claimed years ago that the problem was not with CHACHA20 which to the best of nowadays knowledge is a very robust and secure cipher. Now the problems are different because Wireguard is asked to offer something which it was not designed for, i.e. providing some kind of anonymity layer. Such problems include lack of DNS push, lack of dynamic IP address assignment (with subsequent problems with client key-private address static correspondence, a very tough legal problem for us but above all for our customers), need of keeping client real IP address stored in a file. We have resolved them one by one with external software and internal work around. Once the problems are resolved in a robust way, which means testing thoroughly the adopted work-around, we can offer Wireguard, not earlier. Kind regards
  42. 1 point
    Fredrik Beeman

    VPNs - Caught in Lying!?!

    This is the reason i trust in you guys. I've been searching like every one says one thing "no logging". But in the end such as NordVPN, HidemyassVPN has been caught data leakage or selling private info. Not many VPN offers TOR or investing for free speech. They have VPN server in China how cool is that.
  43. 1 point

    VPNs - Caught in Lying!?!

    @arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards
  44. 1 point
    @BlueBanana Hello! Check the stats about used bandwidth on the total infrastructure day by day: As you can see, the used peak bandwidth has increased remarkably in the last days, up to 80200 Mbit/s. On the whole infrastructure, it is still slightly more than just 1/3 of the total available bandwidth (236900 Mbit/s). We will closely monitor, on top of that, used bandwidth country by country, of course. About the countries you mention, even the last peak usage does not exceed 60% of total available bandwidth in each of those countries. We are still well within the range of the quality of service ensured by the terms of service and actually most available bandwidth has not ever been used. That said, we will not hesitate to add servers when it is really necessary, of course. We are monitoring closely, as usual, peak demands country by country. Kind regards
  45. 1 point

    Wirecutter Review of VPNs

    For the sake of a good review and a marketing stunt, no, probably not. What I noticed: While most of their points they explain are quite right, considering That One Privacy Site as a source and requiring public audits and server/location amount as necessary is questionable. All of Reddit knows by now that That Guy has little knowledge of the stuff he writes about and reviewed all VPN providers solely based on what they wrote on their website at that time. You really can't top that method. I could set up a VPN service promising everything under the sun on its website and for him it'd be the best VPN he'd ever witnessed. Also, The Verge. Location amount doesn't really count because faking a server location is a thing and it was proven that NordVPN for example does this. It's even possible to find out who does it for yourself, and it was even mentioned on these forums somewhere. Although, to be fair, they rule NordVPN out because of even more points. They still take warrant canaries into consideration, even though not a must. They're considered a failure, lulling people into a false sense of security and are generally thought of more like a running marketing gag. Some questionable things are their speed tests which really depend on your location and setup, server choice, used config, etc, as they correctly write. It's possible you get a much better result on many occasions, so it shouldn't be a necessity. Minor thing: The possibility to do VPN over Tor wasn't even considered, something only Eddie offers so far. Only Tor over VPN got screen time, but it gets screen time everywhere and isn't even strictly a VPN topic, no idea why it gets two full paragraphs in that article. And... hold on, what the hell is that? They can't possibly be serious. So the public audit is their one k.o. argument? And they only tested five, FIVE, providers extensively? :DDDDD
  46. 1 point
    Bitwarden has been my go to for awhile. I think some others may say Keepass.
  47. 1 point

    Why You Can’t Trust NordVPN

    Hello! The situation is not what you describe, since, according to the article we linked: 1) the CEO of Tesonet, the CEO of ProtonVPN and the CEO of CloudVPN are all the same one person. 2) CloudVPN is not a payment processor. It uses PayPal to collect subscriptions from NordVPN. It's not that you pay to NordVPN via a payment processor called "CloudVPN", you pay to CloudVPN via some payment processor (PayPal for example). In such transactions CloudVPN is not the payment processor, it is the final beneficiary of your payments. To allow such payments via a web site interaction with PayPal, PayPal wants that the beneficiary is the web site owner. Additionally, the developer of NordVPN application in the Google Play Store is CloudVPN. The developer of ProtonVPN application in the Google Play Store is Tesonet. So you know that: - CloudVPN is not a payment processor in the transaction phase, but the beneficiary of the payment - CloudVPN signs the application(s) of NordVPN (therefore it has full access to Google Play Store keys of NordVPN) - Tesonet signs the application(s) of ProtonVPN (therefore it has full access to Google Play Store keys of ProtonVPN) - the CEO of Tesonet, CloudVPN and ProtonVPN is the same person - CloudVPN introduced itself to PayPal as the web server owner of NordVPN This is a matter of trust, and when trust is involved, a lack of transparency should trigger a red alert. This is plainly incorrect even under a purely technical aspect. With Wireshark etc. you can only see that your packets go to or come from the VPN server. You have absolutely no idea of what happens once they are there, outside of your control. As an additional side note, please keep in mind that data mining does not necessarily involves inspection of the traffic content, which is rather trivial and obvious (another trivial consideration: otherwise end-to-end encryption would have meant death of intermediary data mining worldwide ). Kind regards
  48. 1 point

    eddie on whonix workstation

    I have a connection and can surf the web fine without eddie, but it just doesn't connect if i open it. is there anything anyone can think of as to why it doesn't work?
  49. 1 point

    SSH Tunnel

    This can be done using a VM and a SOCKS server on it. Then you can force some applications on the host use the VM as a SOCKS5 proxy, which has a route to AirVPN. Actually SSH is not necessary for this task at all.
  50. 1 point
    Here id how I imperfectly handle it (and why being able to have 2-3 airvpn sessions is a killer feature) at the moment. Main box\host - We'll call it "Sugar" + Created small VM - "Daddy" that runs on Sugar on the localnet Installed [insert various proxy\Sproxy apps here] & AirVPN client, also allow routing\sharing on the tap nic. Sugar's Normal operation - steam,skype,etc things I want on my isp's ip... I don't make an AirVpn connection at all on Sugar. If I want something vpn'd on Sugar like FF\IE\Az\Vuze\etc or anything else that has proxy settings or interface binding settings I'll set those to point to the properly configured port on Daddy's ip ...who will in return use the vpn. Now if something comes up where there are no proxy settings, and temporarly routing all traffic (flipping my DGW) through Daddy doesn't cut it for some reason, then I'll just fire up AirVPN directly on Sugar (make a second session) do what I gotta do and disconnect. Works for me 95% of the time, but then again I have the 2gb of ram to spare to keep the vm running all the time and it's used for other purposes as well, and while no expert I'm definately not the average consumer but it's really not hard for someone to setup something similar. Various ways one can go about skinning this cat, but for those like nolehce who make the AirVpn connection directly on their router there really is no good option there from a "per-app" perspective unless what you don't want to route over the tunnel is confined to certain netblock(s), like say your corp's net, in those cases you can usually set a static route to not trigger or foward said traffic out the Air tunnel, but out the DGW, or probably in that example the tunnel to your corp - then just pray said corp and air aren't using the same private addressing space. But I digress.. /2cents
  • Create New...