Leaderboard

Hello! We're very glad to inform you that a new 10 Gbit/s full duplex server located in Denver (CO), USA, is available: Torcular. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. Torcular supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor . Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

Just curious if there are any upcoming server upgrades or additions planned for the Chicago area. It would be great to have at least one multi-gig server there, considering how utilized or nearly maxed out the existing servers are.

Hello! We're very glad to inform you that AirVPN Suite 2.0.0 Release Candidate 1 for Linux is now available. The original post link is updated to show the new download URLs. The important differences from beta 5 are: a bug causing a crash when nft error messages exceeded a definite size has been fully addressed Bluetit features additional pause and re-connection attempts aimed at facilitating re-connection at system resume after suspension and other situations Hummingbirtd --allow-ping default value is now "output" Special note for firewalld users Please read here, it's very important: https://airvpn.org/forums/topic/70164-linux-network-lock-and-firewalld/ Please note that from now on compatibility with Debian 10 and its derivatives, that reached end of long term support and end of life on June 2024, is lost even for the legacy version, mainly because the Suite is now C++20 compliant. The legacy version remains suitable for Debian 11 and its derivatives. Kind regards

Yes, more servers in Chicago are very much needed.

I opened a ticket back in January, 2025 about Chicago's problems. The response was: "Expansions in the USA are on the table and management can act in the near future."

Hello! It must be a bug in the Configuration Generator: only Marsic and Telescopium should be shown when "2.6 DCO" is selected. We are going to investigate. Thank you for the head up. Kind regards

Hello! We're very glad to inform you that Hummingbird 2.0.0 beta 1 for macOS (Mojave or higher version required) is available. Different native versions for Intel and M1/M2 based Mac computers are available for maximum performance. UPDATE 2025-04-05: Hummingbird 2.0.0 beta 5 for macOS is available UPDATE 2025-04-16: Hummingbird 2.0.0 Release Candidate 1 for macOS is available Hummingbird is free and open source released under GPLv3: https://gitlab.com/AirVPN/AirVPN-Suite Main features Lightweight and stand alone binary client supporting both OpenVPN and WireGuard No heavy framework required, no GUI Small RAM footprint Lightning fast Based on OpenVPN 3 library fork by AirVPN and WireGuard Robust leaks prevention through Network Lock based on pf Proper handling of DNS push by VPN servers New, more flexible Network Lock What's new linked against OpenVPN3-AirVPN 3.11 library all libraries and dependencies have been updated added complete WireGuard support by means of the official WireGuard tools provided by its developers. Installation of wg and wireguard-go binaries is currently required, as WireGuard library is not available on macOS. Please check the user's manual (README.md file included in the packages) WireGuard support section for comfortable, step by step instructions. new Network Lock related options offering more flexibility. Now you can accept or deny incoming, outgoing or both ICMP-echo packets, and independently you can permit or forbid IPv6 NDP, which is based on ICMPv6. The new options supported by Hummingbird (please check the readme file for additional details) are: --allow-ping --allow-ipv6ndp Apple ARM based systems version is now C++20 compliant (required by Sequoia) Important note for high speed line users Because of some architectural specifications and implementation in macOS Hummingbird may warn the user about shortage of buffer space, specifically when connected with the UDP. This condition is signaled by Hummingbird with the below messages in the log: UDP send exception: send: No buffer space available ERROR: NETWORK_SEND_ERROR The error is caused by the maximum network sockets size set in macOS, a value usually small and unsuited for modern high speed networks. The solution consists in increasing the maximum allowed size for socket buffers and, in case the problem persists, the number of mbuf clusters. The procedure is simple, please find out all the details in the manual. Open the README.md file with any viewer and consult the "Note on macOS and UDP" section. Download the software here: Apple silicon ARM based machines notarized package: https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-arm64-notarized-2.0.0-RC-1.zip https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-arm64-notarized-2.0.0-RC-1.zip.sha512 Apple silicon ARM based machines package: https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-arm64-2.0.0-RC-1.tar.gz https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-arm64-2.0.0-RC-1.tar.gz.sha512 Apple Intel based machines notarized package: https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-x86_64-notarized-2.0.0-RC-1.zip https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-x86_64-notarized-2.0.0-RC-1.zip.sha512 Apple Intel based machines package: https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-x86_64-2.0.0-RC-1.tar.gz https://eddie.website/repository/hummingbird/2.0-RC1/hummingbird-macos-x86_64-2.0.0-RC-1.tar.gz.sha512 Kind regards & datalove AirVPN Staff

I got referred to AirVPN thru a reddit post because I was unhappy with NordVPN. I'm a network architect and I am thoroughly impressed by AirVPN. OpenVPN and Wireguard options with an intuitive VPN client to boot that had me up and seeding over rates 95MB/s in under 5 minutes. Best 99 euros I've spent this year. Keep up the stellar work, you created a fanboy in me, and I am not easily impressed.

The FAQ at https://airvpn.org/faq/servers_ip/ says that dns1.airvpn.org is the authoritative DNS server. I've been querying this DNS server for a few years now using the dig command shown in the FAQ. Since my ISP uses 464xlat, I'm now planning to switch to an ipv6 only network at home. I noticed that dns1.airvpn.org itself does not have an AAAA record and would not be available over ipv6. Is this something you can fix, or is there a different domain name that has the AAAA record pointing to your authoritative DNS server?

That "internal IP" is part of the data contained in the "device" you chose when you created the config file you are using for your NL setup. You need a different one for your UK setup, so the thing to do is to go into the AirVPN website Client Area, go to the VPN Devices page, add a new device with a name that makes sense to you. Then create your UK wireguard config again but this time specifying the new device name at the appropriate step.

Hello! Passepartout can be run to connect to AirVPN servers by importing a WireGuard or OpenVPN profile generated by AirVPN's Configuration Generator. Kind regards

I've made a Linux shell script for batch-conversion of WireGuard .conf files making them AmneziaWG (awg) compatible: https://github.com/zimbabwe303/awg_conf_patch When patching it shuffles the H1..4 parameters; to re-shuffle you can just re-run it over the same files again. It also can shorten .conf file names generated with the AirVPN config generator to facilitate their usage with the 3rd-party smartphone WireGuard clients such as WG Tunnel (which uses AmneziaWG instead of the vanilla WireGuard).

You need to use only junk packets settings, don't use handshake modifiers

Hello! Starting from version 2.3, firewalld by default owns exclusively nftables tables generated by itself, thus preventing Eddie, Bluetit and Hummingbird Network Lock related operations. If you want to have Network Lock enabled and firewalld running at the same time, then you must configure firewalld by setting the following option: NftablesTableOwner=no in firewalld's configuration file, usually /etc/firewalld/firewalld.conf . After you have edited the configuration file with any text editor with root privileges, reload firewalld configuration or restart firewalld, and only then (re)start Bluetit, Hummingbird or Eddie. Additional insights: https://discussion.fedoraproject.org/t/firewalld-add-flags-owner-persist-in-fedora-42/148835 https://forums.rockylinux.org/t/rocky-9-5-breaks-netfilter/16551 Kind regards

WireSock has worked fine for me

Here are some updates about Airvpn in general as a user about things that I still like about this service and some rather significant downsides Airvpn has as of late. First of all the connection programs for Android and Windows use are still top notch and full of useful features and are up to date. Unfortunately latest Linux version of the desktop program is a bit sluggish for some reason, maybe because it is native code or some such reason - unfortunately it is not as responsive as it used to be. On top of that no dark theme is available and I think that it would fit very well to dark themed operating system of this day and age overall. The Linux suite of programs deserves separate mention because it is full featured, very fast and light and continuously developed and in comparison the whole stack of programs Airvpn provides are of higher quality than it's closest competitors. As a sidenote, I do wonder what happened to the rumored newer desktop connection program, is that still under development or is that false information? What is particularly good about Airvpn is the fact that port forwarding is still available and is even developed further, instead of removing or limiting it like competitors have done. And the user visible client area in the website does provide very good relevant controls - downloadable connection settings and blocklists are a good addition to this service. Good development is that there are more users and awareness about Airvpn which is rightly deserved. Greatest downside I have noticed lately is the persistent high load servers seem to have and the overall slowdown of service due to that. What I would urge Airvpn to do is to either increase the capacity of pre-existing servers and/or bring up more servers. It seems that the influx of new users has reduced the speed, latency and quality of Airvpn service - which for a long time was just excellent. And still think the server selection in quantity and geographical variety is rather limited when compared to other privacy centric vpn-services. Moreover I would hope that Airvpn would investigate circumventing site blocking on some level - most troublesome I find is the de facto monopoly video service, that being Youtube and it's crusade against VPN-services, which results in blocking most vpn exits. I would still like to see the Airvpn Android connection program on F-Droid app store. Bare minimum of connection security in this day and age is Internet Condom they call quality vpn connection and I hope and assume Airvpn is still somewhat independent, and does advance good causes. More exotic request would be investigate more private vpn protocols or integrating dual-hop into connection programs. In closing I do hope that this service has many years ahead, it is still good to have around.

I know for a fact it's possible because I use DCO clients for other servers (not AirVPN) that are not running DCO.

That's exactly the issue I'm having, and I don't know why that happens (or rather, why nothing is happening). If OpenVPN is to be believed, tun on server and dco on client is possible (and vice versa). In any case, ovpn-dco is apparently mature enough to be included in net-next, so it's queued for kernel 6.16.

It does, though. One of the variables in Score() is set to a high value, causing the addition to return a high number, which in turn yields a low decimal when scoreF is divided by 70 in ScorePerc() (= the star calculation). It might be the ScoreBase variable since it's divided by a whopping 500 when ScoreType is Latency, and used as is when it's Speed (= divided by 1 in the code). I don't know where this one is set. Or it really might simply be the result of a high user count and high load, those are also "divided by 1" with Score and by 10 with Latency. That's the thing: They all get a score, and that score is 0 stars if you select Speed. That the result of the calculation of ScorePerc(). We can debate whether it's correct or not, of course, since it does look kinda suspicious. As for me, my best servers are NL with just three stars and less for Speed. For Latency, everything below 135 ms is 5 stars, above are less. But I'd sort by latency, anyway, and choose one of the top 10 with reasonable load; I wouldn't pay attention to some score. Doesn't reflect my needs, anyway. It's probably also worth noting that I get shown portions of stars, too. Maybe the whole thing changed a little in the last four years.

I noticed recently that there are 8 servers that now appear to support DCO. That is, in the config generator they appear when openvpn 2.6 is selected. However, when I tried connecting to one in the same way I connect successfully to Marsic no traffic flowed through the tunnel. Are those servers appearing in the DCO list in error or is DCO intended to work for those servers? Thanks. edit: looked again and now there are 12 servers that appear with openvpn 2.6 selected

.

Try changing the Scoring Rule to Latency.

With the way browsers are fingerprinted and users are tracked via cookies, etc. chances are "they" know who you are whether you use a VPN or not.....unless you do everything you can to create a new identity through the VPN and totally separate that from your other self(s). And that takes effort and some technical knowledge.

Solved.

Hello! A momentary outage of the datacenter (or part of it) that lasted for approximately 3 hours 42 minutes. You can also check the servers monitor to see all the details (click a server name to see specific server stats). https://airvpn.org/status Kind regards

Sorry, what do you want to say?

unless you are going to emulate amd64 then arm is all you got

Very nice to have another option for the interior US. Thank you!

Hello! The failure probably comes from the fact that Eddie service can be installed only on systemd based systems. MX Linux by default uses SysVInit, according to the documentation. We deliver the AirVPN Suite for Linux that supports SysVInit too. In the Suite, Bluetit is a daemon that can run both on SysVInit and systemd based systems. If you are interested: https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available/ Kind regards

Congrats to RC1! As someone who has used Hummingbird a few years back and then switched to Eddie for Wireguard Support, I am tempted to go back to Hummingbird when v2 is being released, as it now includes WireGuard as well - great news. Just a minor thing: instead of mentioning availability for "M1/M2" based Macs, I would maybe change the wording to "Apple Silicone" or "Apple ARM" in general (writing this on my M4 MacBook). It might be a little confusing to some users when only certain M* chips are mentioned in the description.

Hello! We're very glad to inform you that Hummingbird 2.0.0 Release Candidate 1 is now available for macOS, both for Intel and M1/M2/M3 based systems. The links to the latest RC 1 and the main changes have been updated in the first message of this thread. This version differs from beta 5 for some updates on the OpenVPN3-AirVPN library. Besides, the M1/M2/M3 version is now C++20 compliant. Kind regards

Contabo is growing, and with growth comes pressure. It was just a matter of time in my eyes.

Hello! We're sorry to inform you that, due to inadmissible requests from provider Contabo, which demanded the blocking of p2p-related protocols, we have decommissioned Mesarthim server in Germany. The infrastructure in Gemany remains oversized, also thanks to the recent addition of 10 Gbit/s line and server. Kind regards AirVPN Staff

Hello! AirVPN Suite 2.0.0 beta 5 implements the required features: https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available/?do=findComment&comment=247401 Kind regards

Hello! A very important update which improves the system dramatically has been finalized. Now you don't have to worry anymore about pools and p2p programs. Find the new features in the original message. The paragraphs that do not apply anymore appear with strike through characters. The new system is simpler, fully scalable and with zero impact on current and future users. Enjoy AirVPN! Kind regards & datalove AirVPN Staff

Could you please elaborate on this, perhaps give an example with a fake string ip for your http example, because what you wrote as example is kind've confusing as to what I am supposed to write into the custom server access url. Also is that all you did? Create the port, manually specify the port in the plex "remote access" page, and then add what url in the network settings? I have the same question for you, could you please tell me exactly what you did to get it working? I've changed the local port to what plex is expecting (32400), but then how did you configure it in plex to connect correctly? For some reason the private ip address in plex becomes [Real IPV6 Address]:32400, but the public ip does become [VPN IPV4 address]:[VPN Generated Port]. I also noticed that the public exit IP in the AirVPN eddie desktop app is different (very slightly) compared to what is shown on the "test connection" screen after clicking said button on the forwarded ports page Is the private ip supposed to be: [real ip address: 32400] and the public being [VPN address: VPN Port]? Honestly if anybody could just give me a step-by-step of what they do (from activating VPN connection, to starting Plex server, to connecting to port), I'm still so lost, but I am glad others are finding solutions on this topic.

To the great staff and founders and the helpful (non-toxic) community, Recent unanticipated life things are forcing me to cut all but the most essential things from my "budget," which is not much. I've been using the veep for nearly 8 years, that's a long time to stick with a single service in internet time. I have recommended airvpn countless times and continue to do so, often in the same breath as "...but there's also ProtonVPN and Mullvad, and Duckduckgo which I have yet to try." In other words, airvpn is always at the top of recommendations. I still believe in the essential mission and need of services like AirVPN. When you find how difficult it is to actually research corporate VPNs like Nord, which do not have the best track record, it can be difficult because their parent companies own some of the top review outlets (PC Magazine, tomshardware) or influence them with ad revenue. Even the "anti-scammer" youtube celebrities take sponsorship deals from sketchy or at least unverifiable VPN companies, because Nord and Express and Ghost etc. aren't open source, so we have to rely on a fly-by-night "auditing authorities," which don't answer to regulations or transparent oversight either. It's a battle not many people feel is worth paying attention to, but I have tried. You will find my trails of AirVPN recommendations across forums over the past 7 years, and I hope they helped. Maybe I'll be back in a month. Maybe a year. I don't know with my life right now. Goodbye! Gow

And thank you. <3

Hello I am experiencing the same issue as in this post starting approximately 1 hour ago. https://airvpn.org/forums/topic/49412-fetch-url-errorssl-peer-certificate-or-ssh-remote-key-was-not-ok/ I am on Eddie 2.24.5 (I think this was a beta version, to fix some other issue). The fix as mentioned by rosewellzz in the thread above worked for me. > Getting the same issue, only way I got it to work was to [DNS Panel] unitick "Check AirVPN DNS" ; untick "Ensure DNS Lock" on the [Advanced Panel] untick "Check if the tunnel works". As an aside my system crashed and could be related to that although my troubleshooting as of current was unsuccessful and my system is working normally in all other regards, and to access the internet and make this post connected to AirVPN with the above workaround. Thanks

Hello! (Solved by disabling the route and DNS check). Kind regards

on Mac 3.2 GHz 6-Core Intel Core i7, MacOs Sequoia Version 15.3 the hang over the speed and conecction time report on the main window is still there, occurred after 26:07:13 hrs of service, as before VPN is still up an running. Seem an hard bug to be fixed... the only way to fix it is to to restart the Mac.

Upgraded from the previous stable version and unfortunately, this release is a huge step backwards. UI performance is simply horrendous (Arch-based EndeavourOS with Plasma 6.2.5 running under X11) There are: - lags and delays when highlighting or clicking various UI elements (tabs or buttons) - delays, glitches, and stuttering when scrolling through the server list - degraded pinger showing inaccurate results (100-200-something ms for locations which usually give me 20-30ms; thankfully, the actual VPN connection performs as expected) - glitches when minimizing and maximizing app (transparent window for a sec or so) - broken formatting on Overview page (public exit IP) All in all, during my 4+ years with Air, sadly this is the first time I'm seeing such an unpolished piece of software. S

Hi there, I really love your service and will renew with the next big sale event. Being able to pay with crypto currencies is a must in the industry nowadays I find. I am glad you accept a variety of different currencies, especially Monero. Bitcoin payments are oftentimes prohibitively expensive due to high mining fees to get into the next block. Also they can take a long time if the mempool is overflowing with unprocessed transactions. It would be great if you could also accept payments over the lightning network which makes transactions instant and final for you, basically free for me to send and my service can be instantly activated instead of having to wait a certain amount for blocks to be mined. Integrating lightning payments is easy, free and secure. And even comes with some privacy improvements over regular Bitcoin transactions, so that nobody knows who paid you. please consider adding lightning support to make paying with Bitcoin cheaper, faster and more private while also reducing the load on the main blockchain. Resources like BTCpay Server make it easy to accept lightning payments along regular on-chain transactions all without a third party. Thank you so much, I am looking forward to opening a channel to you ! ☺️

Thank you so much for your touching words and stellar feedback. And for your commitment in so many years. However, were you really under the illusion that you could escape so easily? Kind regards

Whoever just helped me, I am literally crying. That was so nice. Jeez.

Hi, yeah no worries since I am only going to use one connection I can still use this port or I will just request another port for a different device? Anyhow this is the fixed config... I was stupid reading forum entries on how to set it up when it was all correctly stated in the readme.... : version: "3" services: gluetun: image: qmcgaw/gluetun cap_add: - NET_ADMIN networks: mvl-200: ipv4_address: 10.60.1.5 ports: - 41870:41870 - 41870:41870/udp - 80:80 environment: - VPN_SERVICE_PROVIDER=airvpn - VPN_TYPE=wireguard - WIREGUARD_PRIVATE_KEY=xxxxxxxxxxxx - WIREGUARD_PRESHARED_KEY=xxxxxxxxxxxx - WIREGUARD_ADDRESSES=xxxxxxxxxxxxxx - SERVER_COUNTRIES=Netherlands - FIREWALL_VPN_INPUT_PORTS=xxxxxxxxxxxx volumes: - /media/glueton:/gluetun maybe somebody as dumb as me googles this and it helps^^

Let's be clear. French web isn't closed, we can consult foreign websites unlike in North Corea, Russia or China. Name me any propagandized country who allows his people to consult other medias. Telling we wouldn't see anything is insulting our intelligence. Why don't we talk about US government who wants to ban TikTok, like Huawei and many others ? The difference between Rumble in France and Tiktok in US is pretty simple. Tiktok didn't boke US laws so the government had to find excuses related to "national security". Rumble hosts prohibit contents according french and european laws. France asked to Rumble to remove these contents (accounts belonging to russian medias doing disinformation (these medias are not only banned in France but also in whole Europe), to far right ppl, etc...). In France you're not allowed to publish anti-semitic speech in front of a nazi flag and that's normal. Sorry to tell you but it's the only truth, there's no conspiracy theory in this affair.

Hello everyone, I am a new user of AirVPN, tried searching for tutorials in youtube, tutorials in google, reddit, searched inside the community forums, but I cannot find two simple things: 1- The manual for how to use Eddie. 2- A button inside Eddie to change my connection from OpenVPN to Wireguard. When I go to the Protocols section on the Preferences menu inside Eddie, there is a checkbox saying "Automatic". But checking or unchecking the checkbox just changes the grayed-out color of the table, but I can't click, right-click, double-click or do anything to "activate" the wireguard protocol. Would anyone help me and answer these two questions? I am using Debian Bullseye. Thanks in advance.

Via IP.

Hello! In order to avoid confusion and unnecessary anxiety, we have just now destroyed all the old "name" fields and reset them to login name. This action has not been performed for users that had already changed their display-name in the new website. We are confident that this solution will meet the needs of everybody. Kind regards