Leaderboard

Hello! We're very glad to inform you that a new 1 Gbit/s server located in São Paulo, BR, is available: Peony. Peony is our first server in South America and we are very proud to start operating there. Special thanks go to out moderator Zhang who helped us find a datacenter with particularly good connectivity The AirVPN client will show automatically the new server. If you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Peony supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/peony Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hi to all! Absolute NOT! We have an old, static copy of previous version as reference (yes LZ1, an old.airvpn.org ). Absolutely any user-content will be the same without re-editing, only please be patience, we are working on that. For all others: i will check each things tomorrow, please wait, i have other priority right now. Unfortunately the BBCodes are deprecated for IPBoard, but there are the equivalent for spoiler, log etc, we need only to tuning and write a guide. I added the Font button to the toolbar now. Some features still exists but are disabled by default in this edition.

Updated to reflect changes on 03-Aug-18 (previously, access was blocked from most servers).

As an European based company I would have expected that AirVPN would have implemented this from the beginning. It would be really great if this could be implemented. So nobody has to wonder whether his connection was established on the second day of March or the third day of February. Most people in the world use 24h notations and the international standard for the date is YYYY-MM-DD. This link summarizes the international standards and explains why this should be used. https://www.cl.cam.ac.uk/~mgk25/iso-time.html Little extract from the page above: "The 24h time notation specified here has already been the de-facto standard all over the world in written language for decades. The only exception are a few English speaking countries, where still notations with hours between 1 and 12 and additions like “a.m.” and “p.m.” are in wide use. The common 24h international standard notation is widely used now even in England (e.g. at airports, cinemas, bus/train timetables, etc.). Most other languages do not even have abbreviations like “a.m.” and “p.m.” and the 12h notation is certainly hardly ever used on Continental Europe to write or display a time. Even in the U.S., the military and computer programmers have been using the 24h notation for a long time."

https://lttelevision.com/product/mango-vpn/ I would love to have a little box like that for Air. Its possible I could simply buy that box and maybe change the config to point to Air instead. Anyone seen anything like this?

Logs attached. When speed drops, nothing appears in the logs. Anything else that would be helpful? Eddie_20190418_004702-m.txt

People frequently leave out all the basic info about their setup. At least provide logs! Save them as a file and upload it here.

Yes, even the i3 should be plenty. Just be sure to enable cryptographic hardware here /system_advanced_misc.php and then select that hardware in your openvpn config you create. Then AES-NI plus whatever else is on the CPU is in use.

You don't need that much ram or storage for pfsense. You need a good CPU and good network card(s). The celeron j1900 is out due to lacking AES-NI which is very important for running openvpn. Both have intel network cards so you're good there.

Would it be helpful if we use the first post to collect all the bugs and inconveniences people notice so that it's easier for you to keep track of at least the community-submitted ones?

Everything looks new, flat and whitespacy alright. I suppose here is where people can suggest sane defaults. Forum loads significantly faster than before. Maybe it's just me, my fonts and my eyes, but the fancy blue forum titles look dizzyingly fuzzy here. I"m going to try and say Haha to LZ1 because he's nice to people and because now I can. edit: Turns out there are now audio notifications too! Check yours here: https://airvpn.org/notifications/options/

Hello! We inform you that in order to complete the migration to our new board, all AirVPN web sites will be unavailable starting from: April 16, 2019 7.00 UTC Expected downtime is not greater than 4 hours. The downtime will not affect VPN connections of those who are already our customers. UPDATE: migration completed successfully in the planned time frame. Kind regards AirVPN Staff

Not new to VPN, but new too Air. And maybe too early to write a review after signing up yesterday. But i wanted to anyway. I doubt that i would change my mind totally as time goes, so here we go When i was new to VPN, i fell for the "Top 5 best VPN!" trap. Just search for VPN, and a million sites will pop up "reviewing" different VPNs. Im sure you know what i mean already. Its just not easy finding a good VPN when looking around for the first time, and following times. I was absolutely sure, that if i would start to use a VPN, those "Top choises" was the real thing. It took some time to understand what was behind the whole hype. Paid reviews of course. As i walked through several VPN providers, i was always feeling a bit uncomfortable. I started to doubt if the VPN i used really was based in some secure location in Panama. So i changed provider after reading up on some other reviews. I remember once when i woke up in the morning, seeing an email from my new VPN provider, asking me how i like their service? I replied that all is fine so far, their reply back was: "Good. This is part of our Privacy Policy" I stopped using VPN that day. Sometimes its better to trust facts instead of feelings. But i had that gut feeling, telling me something is not right. And i couldnt get rid of that feeling, it was bothering me. I took up the chase again, this time determined to find a trustworthy VPN. After some intensive research i think i found one.I have used it for a while, never felt let down. Actually i have been very satisfied the whole time. So why did i even considering signing up for Air, when i already was using a VPN service that i like and trust? Well, while i was reading up, determined to find any serious providers out there, Air was definitely one the list. There was no reason for not picking AirVPN in the first place. I was kinda tired of all the reading, trying to find some independent source, So while having the website up for the previous VPN, i just gave it a go. After a while, i was starting to visit AirVPN more frequently. I was interested still, i mean Air was on my list of trustworthy and serious VPN service in the first place. And my list was far from long. I liked reading on the forums here. There was so much more to learn. Interesting tech discussions, well written guides, some more features in the client, a lot of happy users and great reviews. Now i just had to try. So i signed up. Now i wanted to get started! But instead of download the client, Eddie, I started my journey making 2 support tickets - I couldnt log in to Air from my computer. Later i found out that it was ME who forgot some of my log in details. The payment status was also "Pending" still. Kinda embarrassing creating support tickets, when it was an user error. The solution was of course to remember my log in details, and just give it some minutes for processing the payment. The support staff replied almost right away, that was impressing! Once i found out that the problem was on me, not on Air, everything just works great! The important things, about privacy, terms of service, is very clear, I have been testing out the features in Eddie, i have played online games (I understand theres no limited bandwith, but i figure heavy server load while playing, so please correct me if i shouldnt use VPN while playing online) And i experience absolutely GREAT speed! I have been used having slower speeds with other VPN before, but thats not the case here at all! I really like the client, Eddie. It feels solid, and i can easily change server, change the settings, network lock on, DNS lock, starting up when i start my computer, informative, easy access to the log, its flushing DNS at startup, showing the whole process, I know, only a day has passed, but im really impressed and happy with the service. I wouldnt write this if i wasnt, or if i believed that i suddenly will change my mind. I believe when someone signs up for Air, they are here to stay. At least i am, and i cant see myself going back to anything else! Thank you!

No idea. But I am curious, can this thing really do OpenVPN at 300Mbps with that CPU?

In comparison, OpenVPN has 100k lines + 500k lines of OpenSSL, or StrongSwan, which is 400k lines + XFRM (IPSec) at 13k lines. Even with the crypto code attached it's still tiny. OpenVPN is overwhelmingly complex, with large attack surfaces, using mostly cryptographic designs from the 90's. I do hope the 'simpleton' comment made you feel better, though. I'm sure you need it. So let's get this right. You'd rather trust something unproven, untested, without any real world use cases to speak of against something that's been developed over the last 20 years? Without the little bug fixes here and there, or the casual security issue that gets patched over time? Who's to say what starts as 4k/20k LoC won't spiral into 100k also within the next 20 years? As if that's a metric we can actually use to judge how secure something is. I'm guessing there must be a fixed Integer where a single LoC over makes it 'insecure' by default. OpenVPN is trusted, proven technology. You claim it has a 'large attack surface' but you haven't substantiated those claims. 18 years later and this blog post still holds true today, I suggest reading it and understanding newer isn't always better.

I use opendns on a Dutch server and no problem

I tried to use Qubes yesterday, but apparently my HP Z600 is not compatible. Oh well, Fedora it remains!

Hi Casper31. Thanks for the heads up. I'm a very much a novice here and am getting my head around QUBES and WHONIX. [One problem seems to be, I think I read, that QUBES has problems with some graphics cards.] A problem, I think, is that ToR appears to be compromised to some extent, according to news reports on the Snowden docs and also multiple court filings. So, if you want anonymity, privacy and security, you need a VPN + Tor or VPN + Qubes/Whonix. I have been reading up on the various tech collectives helping folks in repressive countries avoid being detected. For them, it can be a matter of life or death - and so these discussions. There are a number of people advocating a VPN cascade /multihop and ToR - another approach I've seen. But I do not have the technical expertise to judge. Given the way the West is itself engaging in mass surveillance, we may all need such technology soon. Even keeping a hand written diary is now illegal in some countries, if you work for or worked for the government there. Hello 1984.

Hello! Multiple keys allow you to: selectively pick remotely forwarded inbound ports by device/key connect multiple devices to the same VPN server by using a different key on each device have different, device-specific DNS block lists A dedicated panel to manage your client certificates and keys is accessible in our web site. In order to access the main control panel click Client Area while your account is logged into the AirVPN web site. The Devices button provides you with access to a panel to administer your client certificate/key pairs. The panel lets you use a multi-certificate/key support from AirVPN, a comfortable and convenient feature. You can have multiple pairs, renew them and issue completely new ones. From each device of yours you will be free to use any pair you like. Therefore you can keep all of your certificates and keys under control, administer them and also connect multiple devices to the same server and port by using a different key on each device. Eddie 2.13.6 or higher version is required. In Eddie's Overview window a menu which will let you choose a key before you start a connection will appear automatically when you create a new certificate/key par from your account control panel (note: restart Eddie and log your account out and in again if such menu does not appear). To create a new certificate/key pair click the button labeled Add a new device. The Configuration Generator has been modified as well, in order to let you generate configuration files with the certificate/key pair you wish. Let's see in details how to use the "Devices/Keys" options. Device Name and Description: these are free name and description which you can associate to any pair for your comfort. Click the pencil icon to edit. Details opens a window showing various information: Type, Creation date, Last renew date and Last VPN connection. In the same window you can find the following actions: Renew: when you click this action button, the corresponding certificate will be revoked, and a new certificate/key pair will be issued. Delete: this action button will revoke the corresponding certificate, without issuing a new one. DNS: this action button will let you enter the DNS block list panel for that specific certificate/key pair to let you define, activate or de-activate specific DNS block lists, exceptions and additions, which will apply to that pair only. View history and View Active will toggle with each other to provide you with any relevant information on the history of your actions about keys and the current active list. Some caution when using the aforementioned features: if you revoke or renew a certificate/key pair which is being used by some connected device, that device will soon be disconnected in Eddie Desktop edition, you will need to log your account out and then in again to force Eddie to pick a different pair (new or old) (*) - in Eddie Android edition this is not necessary to use new pairs, you will need to re-generate and import configuration files if you use them with some third-party software, or if you run OpenVPN or Wireguard directly (*) unchecking "Remember me" is necessary in older Eddie versions Kind regards and datalove AirVPN Staff

Whitelist the authserver at authserver.mojang.com & their VPN checker at mcoapi.minecraft.net and you can login. The rest of the game traffic will be through VPN. Enjoy! NB: Do not nslookup either hostname and use the IP you find as you will notice when (if) you switch servers, the IP will change. This is because they employ a geographic load balancer on their APIs.

About ChromeOS / ChromiumOS Chromium OS (or Chrome OS) is an operating system designed by Google that is based on the GNU/Linux kernel and uses Google Chrome web browser as its main user interface. CloudReady is the free, easy way to convert your computer to Chrome. Steps Go to Client Area > Config Generator in our web site, choose ChromeOS and other options. Download files: you need user certificate "user.p12" file and Openvpn connection "<filename>.onc" file. (If you download the ".zip" archive format that contains "user.p12" and "<filename>.onc" you must extract the archive to have the two files outside the archive as two single files on the system. See How to Unzip Files on ChromeOS.) Click your bottom-right panel, and then the gear to open the control panel. Type "certificates" in the search box and select Manage Certificates. In some version of ChromeOS the certificates menu entry is accessible only in the browser: open chrome://settings/certificates in the browser On "Your Certificates" tab, click "IMPORT AND BIND", and select the "user.p12" file. If asked, leave password empty. You should now see your certificate and “(hardware-backed)” if done correctly. Note: if "IMPORT AND BIND" is not available it's because in your device TPM chip is disabled or not available, see here. With no Bind ("hardware-backed") certificates the VPN connection cannot work. In the browser, open chrome://net-internals , and click ChromeOS at the bottom Choose File. Select the .onc file. It will look like it did nothing. Now in your bottom-right panel, you will have a VPN connection. Click to connect. If you are forced to enter a password, type anything, it doesn't matter what. Check whether connection is ok in the bottom-right panel. Many thanks to @nopcode85 for his help.

Almost all tor exit nodes are controlled the the us govt.Read about how they raid people who run tor exit nodes.I say tor is 100% compromised

I had the same error in the begin but when I select direct udp during making the confige files. and imported it again. Then it will connect well. I just wonder if I have to do more steps before I can use Sonarr for example.

I just started tinkering with VPN on my Synology as well. I have set it up succesfully using the above guide. But I have some connections that need to go around the VPN as well (mainly SSL connections to usenet servers). I have created a passthrough by adding static routes to the routing table in the Synology configuration that explicitly go to the specific usenet server (ranges). This seems to work quite well, but of course is not useful if the IP address of the destination servers do change.

Take a look at 3rd point in my tutorial. After you do that, you need to forward ports on your router, but if that worked before, I guess you already forwarded your ports. Then you only need to connect to your REAL IP (IP given by your ISP), not AirVPN IP address and it will work.

Attempting to log in to your Mojang account (which you must do to play Minecraft) fails from some AirVPN servers, for instance Celaeno, Netherlands. Unhelpfully, you just get the error message "Login failed. Invalid username or password." which can lead you on the wild goose chase of changing your password etc. Everything works fine from other servers, such as Mebsuta, Belgium.

Apologies. Original question was just to find out if the symptom is something that's known and where some obvious try-this-out solutions exist. Seems it's not, and I will provide logs as I get it reproduced again - today it seems to have worked ok. Regarding basic setup - Win10 64bit, NATted home network (same symptom, be there NAT or not), only affected unit is the pc with airvpn - non-VPN'd or units using other VPNs not affected.

Hello! Have you checked out the stickied/pinned threads? You might also want to append some Eddie logs. Instructions in my signature.

OK, that makes sense, but I want to add to your statement: "As Windows does not support multiple routing tables, there is no trivial method to have multiple VPN connections in a way that each one is unique to each other", however there is a band-aid way (work around) that will trick windows- virtual machines. To indirectly accomplish what OP is trying to do, he would have to run the following setup: router (with VPN profile 1), Windows with no additional startup/launched VPN, emulated virtual OS with startup/launched VPN, second emulated virtual OS with no dedicated VPN but launching TOR. This setup will work flawlessly as I have utilized it myself. The downfall to this setup is that it is memory hungry- not an issue if your play machine is powerful (for many the play machine is your old workhorse, hell many don't even have a "dedicate" a stand alone play machine)). You will need to have at least 4GB memory dedicated to Windows, 4GB memory dedicated to VOS 1, and 2GB (preferably 4GB) of memory dedicated to VOS 3. You can leave this user logged in performing whatever launched task you desire and still utilize fast user switching to log in with another user who will still report the router firmware's VPN IP. This method sucks because you will not have enough system memory left for User 2 to do anything productive, and is User 2 tries, User 1's account will start running shitty. Now if the system has 16GB or more ram you may be able to pull this off, but do to other contingencies I would recommend at least 20-24GB for this. Again, my system in question is maxed out at 8GB, so I was hoping that someone out there figured out or new of third party software to be able to manipulate Window's routing tables. BTW, I really wish people would stop always saying that if you run multiple VPN interfaces and multiple gateways (Windows) that you will face a lot of problems. Yes, you do have to do it right, but when done right it works great- and gives you awesome security. I think it is better to tell people that if they are going to stack VPN's there are only a few ways to do it that will prove productive, and often you need to know exactly what hardware they are utilizing (or tell them what to get) to give the best advice. Why??????? -Air VPN will tell you that they don't log and that they are all about respecting privacy- and they are- but... -Air VPN could get hacked, could have an informant compromise the staff (think how long an undercover cop spends proving himself to the Hells Angels before he "gets in") -What if Air VPN is offered a zillion dollars for the company and sells out? Probably not going to happen, but if it did happen they would have to be extremely sneaky about it because otherwise subscriptions would drop like flies. -What if undercover NSA agent offers a zillion dollars for the company, but wants to verify a few things at the office before they buy. They are somehow left alone for a few minutes (compromised- probably wouldn't happen but possible) or now have a company "map" for future premises break ins. -I could go on, but the point is if we are smart, we always have to assume the worse case scenario so we are not sitting in cuffs pleading ignorance. 1)You need to start with the VPN router (VPN 1 kill switch enabled). This should be PARAMOUNT (and make sure your router firmware is CLEAN). This ensures that your system never phones home with your organic IP address before the VPN kicks in, no matter how fast your VPN kicks in. What I love about Eddie so much is the network lock. This is in theory doing what the routers VPN is doing. 2) You need to have the second VPN profile to act as your buffer for the TOR entrance and exit nodes. VPN profile 2 (kill switch enabled) should ideally be from another company (I vote AirVPN for this one). 3) Connect with Tor or like software. If Tor gets compromised, the square fcks have to brow beat two different VPN companies to get what they want. Members like "LZ1" are advanced enough to be a little more cocky- but I assure you they are constantly covering there ass also. They just aren't script kiddies so they have some advantages that most of us don't. They also know more advanced ways to manipulate Tor entrance/exit nodes than "the average download it and click install" user does. The more unique your setup, the better off you are. As soon as you start using a cloned sold-out setup that everyone else is using, the NSA ect start hyper-focusing resources on compromising said set-up. Many would say screw all that, just boot a Tails USB from VPN'ed router and you are good to go. I agree that not leaving any evidence is pretty awesome, but you still have limited layers of IP protection. Now if you run Tails in the second virtual machine and do as I described above, now you are starting to get somewhere. Just be careful how you link yourself to the purchase of the serialized USB drive...

A word of warning: The current v0.8.2 does work with Debian 9.7 but not with testing and sid. The dpkg-new not found thing occurs. It is very likely that the differences between the major versions are too big.

More problems now when I visit IP Leak page - none of the usual info tabs are showing anything about my connection. The only thing showing is the green light confirming it's an AIrVPN Exit Node - other than that, nothing on two seperate browsers. Was working fine not long ago.

I am trying to install the VPN on my android phone, however going to airvpn.org on my phone is not possible as the government here blocks the site. Can I work around this, and how? (I have AirVpn on my laptop.) Thanks. Gerry

Email is cheaper to run than a VPN service so that might be financially possible. There are much less expenses per user for a mail provider rather than a VPN provider for the same 5$/month. However, the amount of abuse and support tickets they will be dealing with will quickly make them reconsider this model.

FINALLY. what a clear guide. thanks a lot!! It works

I followed the latest instructions to set up a vpn client There's just one small thing: When the DSM is rebooted and I check the vpnconnection it say connected but there’s no traffic movement. but if I go into control panel network interface and disconnect the vpn connect then reconnect it, it works. Also I can disconnect it from client area and it will reconnect but still no traffic movement Latest DM6…… Sorry no logs What am I doing wrong??????

Website: http://lifestyle.alice.tv/ Italian TV Streaming Status: OK Routing: All servers to IT route.