Leaderboard

Hello! We are very pleased to inform you that we are taking the necessary steps to completely renovate our infrastructure in the United Kingdom. The current servers will be dismissed and replaced by six 10 Gbit/s servers with newer and much more powerful hardware. Each 10 Gbit/s server will be connected to a full duplex 10 Gbit/s dedicated line and port. Each new server replaces 2.5 current 1 Gbit/s servers in order to increase remarkably the available bandwidth per connected client. At the end of the upgrade, UK will offer a theoretical peak of 60 Gbit/s (full duplex) instead of the current 15 Gbit/s, through adequately powerful servers. According to our plan, three servers will be located in London and three in Manchester. The new servers will start operations around 19-22 February 2026. Current 1 Gbit/s servers will cease operations on the night between 28 February and 01 March (UTC). Any plan changes and/or delays will be communicated promptly. Kind regards & datalove AirVPN Staff

Hello! Starting from February 1st, 2026, Debian (e.g. Trixie) enforces stricter OpenPGP policies and no longer accepts repository signatures involving SHA1-based certifications. As a result, users may see errors such as: Get:4 http://eddie.website/repository/apt stable InRelease [3,954 B] Err:4 http://eddie.website/repository/apt stable InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on C181AC89FA667E317F423998513EFC94400D7698 is not bound: No binding signature at time 2025-01-14T13:07:46Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Warning: OpenPGP signature verification failed: http://eddie.website/repository/apt stable InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on C181AC89FA667E317F423998513EFC94400D7698 is not bound: No binding signature at time 2025-01-14T13:07:46Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z Error: The repository 'http://eddie.website/repository/apt stable InRelease' is not signed. Notice: Updating from such a repository can't be done securely, and is therefore disabled by default. Notice: See apt-secure(8) manpage for repository creation and user configuration details. This was caused by an outdated signing key certification used by the repository. Solution The repository signing key has been regenerated and the repository is now correctly signed again. To restore updates, please re-import the updated maintainer key: curl -fsSL https://eddie.website/repository/keys/eddie_maintainer_gpg.key | sudo tee /usr/share/keyrings/eddie.website-keyring.asc > /dev/null Then run: sudo apt update Sorry for the inconvenience, and thanks for your patience. Kind regards

Hello! Interesting thread indeed, thank you. Our position is close to the EFF position you can read here: https://www.eff.org/deeplinks/2025/08/no-uks-online-safety-act-doesnt-make-children-safer-online We will keep you informed. So far, you probably know well our approach with similar, lower or higher requests from Russia, China and a few other countries, and there's no plan at the moment to change our position. In general, we think that it is impossible that those persons who advance, propose or defend such dangerous laws in so called democracies are in good faith (except in peculiar cases where they suffer from some mental illness or carry a neurological deficit). They have an hidden agenda developed on the myth of pervasive control but more importantly fueled by monetary reward. Yes, that's a motivational reason, maybe almost as strong as monetary reward and votes. Moreover, there is a real possibility that such laws lead on the short run to an increase in support (and therefore votes) which, net of dissent, is positive, even though by tiny tenths of percentage which are anyway not negligible for an embarrassingly inept ruling class that's incapable of developing serious strategies to improve the life of teenagers and children. Their total failure is proven by the official data (England and Whales police records in this case) that show a dramatic rise of sexual offenses against children in the UK in the last 5 years in spite of (and someone could even argue because of) more and more laws allegedly thought to protect children. Where does this 0.1% come from? If you want to stay real please adjust this quota (since 2025, start multiplying that percentage by 250 to begin with). Furthermore, there's no money involved to use Tor, its usage is totally free and well beyond Ofcom abilities to control it. However, it's true that people may find it boring because it's like 10 times slower than a VPN with a decent infrastructure. It would indeed. However, we seriously doubt that the ramshackle British institutions, always short of funds, can surpass the GFW designers and maintainers in efficiency, competence and grandeur of operation. And note that the GFW is routinely bypassed nowadays by the most and least skilled to connect to a wide range of VPNs. Our aggregate data show that this claim is deeply incorrect, at least for AirVPN, if we consider p2p improper usage quantified by DMCA and other warnings. It's not the majority, on the contrary it is a tiny minority. Where does this assumption come from? We would like to assess official stats to compare them with what we gather on the field. Kind regards

Hello! Please see here: https://airvpn.org/forums/topic/79065-eddie-desktop-apt-repository-signing-key-update/ Kind regards

I open a support request https://airvpn.org/contact/

@thetechnerd @MikeHawkener Hello! Some additional related information that may be valuable for you both. When you run OpenVPN: the assigned VPN IP address depends on the daemon of the VPN server you connect to. Each one lives in a separated /24 subnet somewhere inside 10.0.0.0/10 When you run WireGuard: WireGuard lacks any DHCP feature it lives in a unique, gigantic 10.128.0.0/10 subnet throughout the whole AirVPN infrastructure the VPN IP address of each node is linked permanently to the node's key and it is unique in the whole WireGuard address space thus you will have always the same VPN IP address when you use the same key and you don't renew it, no matter which VPN server you connect to Kind regards

Its a shame. These were among the absolute fastest (especially Chumukay) when they came on board. They smoked the high powered Chicago servers but they are not reliable for the past week or two. Right across the border in Chicago apparently nobody is attacking those servers.

Hello! We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor : https://airvpn.org/servers/Castula https://airvpn.org/servers/Chamukuy https://airvpn.org/servers/Elgafar/ Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

Singapore needs a 10G server. All the servers are very congested and are super slow. Thank you.

These servers are not blocked if using QUIC whitelisted SNI spoof. However a simple junk isn't enough to unblock them, probably because M247 (and other similar hosting services) are targeted in a special way

@ASiC666 FYI, NextDNS user here. If you haven't tried them yet, I highly recommend them. The controls, logging, and features are quite powerful, and easy to use/navigate. Side note.. you can also use NextDNS with Wireguard/AirVPN by just adding them in the wireguard tunnel config files (even though that's not what you were asking about).

Hi I hope you're having a lovely day. The network interface names in the Linux kernel are limited to 16 characters including the null terminator. This means your name can actually only have 15 chars. The longest valid name is "0123456789abcde.conf" where ".conf" doesn't count. Wireguard tools behave dumb with regards to this and take the entire file name as the interface name. Predictably it fails when the file name is too long. wg-quick shows the following error with long names: "wg-quick: `verylongconfignamehere1234567890' does not exist" or "wg-quick: The config file must be a valid interface name, followed by .conf" Wireguards Android app when you try to import a long config: "Unable to import tunnel: invalid name" The problem is that the Config Generator creates very long names. Here's one: "AirVPN_CA-Toronto-Ontario_Gorgonea_UDP-1637-Entry3.conf". There doesn't exist an option to make it generate shorter names. Not only is it up to the user to figure out, why the original config is invalid, but renaming them is a chore too. The shortest legible name format I can come up with is something like "GB-Westerl1637.conf". One more char left or two, if you consider the dash. If you wanted to fit more crucial information namely IPv4 or IPv6 entry and entry IP, it's not gonna look pretty: "GB43Westerl1637.conf" and if the port needed 5 digits, the name would've been cut off more. This is something that has been bothering me for a while with AirVPN and Wireguard. Thanks for reading.

https://www.phoronix.com/news/OpenVPN-2.7-Released Quick snippet from the article: "The OpenVPN 2.7 user-space can also work with the OpenVPN DCO kernel module for data channel offload that was upstreamed into the Linux 6.16 kernel in enhancing the OpenVPN performance. The OpenVPN DCO kernel driver performance yields some nice gains as the project recently showcased."

Hello! The "range" is specified by mask /32, so it's this single unique address. Yes, it's plausible that some past event flagged the IP address. We don't know the internals of Tailscale but definitely this behavior should be investigated. Why an attempted connection to this specific IP address and why this port? Kind regards

Hello! There's nothing listening to port 54037 on any AirVPN server. We can't see why Tailscale seeks a connection to it, anyway we are sure now that there's no malware there as there's nothing. Probably Malwarebytes behavior comes from some past event or it's yet another over-blocking case. Kind regards

the effective MTU of the tunnel is limited by the smallest MTU anywhere along the path Hello! On our servers the MTU limit is 1420 bytes on a standard Ethernet frame because of IPv6 over IPv4. For PPPoE see also https://www.hitoha.moe/wireguard-mtu-over-pppoe/ So, if you set 1432 bytes MTU for your WireGuard interface, the fragmentation will occur on our servers, not on your side. The upper, actual limit is the lowest MTU in the path, in other words the smallest MTU on the path silently limits the tunnel. The 12 bytes difference may be negligible and most packets will not be fragmented, and you will not see fragmentation on your side, but you could notice a performance hit on upload (upload from you to the server we mean). Kind regards

@Zack Hello! The IP address you mention is assigned to AirVPN server Asellus in the Netherlands. Please mention explicitly port Y, we want and must verify what your app (mention the app too if possible) will find on that port, it's important. Kind regards

I'm seeing the same issue. For now you can still download from Eddie's own website. I know it looks kind of sketchy but this is a real website by AirVPN and is linked to in the FAQ. https://eddie.website/

Thanks a lot for the quick fix and the clear instructions! I removed my temporary Sequoia policy workaround, re-imported the updated maintainer key as posted, and apt update is working again on Debian Trixie. Much appreciated.

Hi, since 2026-02-01 my Debian Trixie system can’t update the Eddie APT repo. Debian repos are fine, only eddie.website fails. Error: http://eddie.website/repository/apt stable InRelease sqv: Policy rejected signature because SHA1 is not considered secure since 2026-02-01T00:00:00Z Key: C181AC89FA667E317F423998513EFC94400D7698 Is there an updated repo signing key / re-signed InRelease available (SHA256+), or a recommended fix/workaround until it’s updated? Thanks!

Thanks for sharing. This workaround helped on my system too. I’ll use it temporarily, but a proper fix would be an updated/reissued repo signing key (no SHA1). Any update from the maintainers?

Had this Problem yesterday too and found a Workaround. Treat this as a temporary workaround. apt uses "Sequoia PGP" to verify signatures. By default, sqv is configured to accept the SHA1 hash algorithm only until Feb 1st 2026. To Resolve this for a period of Time, reconfigure sqv, copy /usr/share/apt/default-sequoia.config to /etc/crypto-policies/back-ends/apt-sequoia.config, and change the date from 2026.02.01 to 2026.06.01 in the line the Repo should Update again until 2026.06.01, better Solution would be an updated signing Key.

Hello! No need for MSS clamping when using WireGuard, just modify the MTU if necessary. Since MSS clamping 1. becomes necessary only when you can't modify MTU, 2. needs packet mangling (WireGuard does not expose any option for it) and 3. requires anyway a server side modification, just operate through MTU. (*) In OpenVPN (only when working over UDP), where networking management is a bit different, you can seriously consider the mssfix directive if you have any "fragmentation" problem that causes packet loss and poor performance. mssfix announces to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed max bytes. See also OpenVPN manual: https://openvpn.net/community-docs/community-articles/openvpn-2-6-manual.html In Eddie you can add custom directives for OpenVPN in "Preferences" > "OVPN Directives" window. (*) EDIT: there is a special case where MSS clamping becomes necessary with WireGuard too, although it is a consequence of bad PMTUD handling. If an intermediate link doesn’t correctly handle PMTUD (Path MTU Discovery), TCP packets larger than the tunnel MTU may be dropped, and the client will observe hanging connections or stalled downloads, possibly only for certain destination. In this case MSS clamping helps for sure. Kind regards

Yes, works for me too.

Yes, no problem on my end. For all intents and purposes:For all intents and purposes: For all intents and purposes: - UnifiOS 5.0.10 - Network 10.0.162

Loving these new speedy servers! Would love to see some upgrades to the 2 overworked connections in Montreal.

finally managed to connect via my phone, thanks to New app version. If you are located in .Ru just use any free working vpn to reach airvpn server to log in, than disconnect and use airvpn. For me worked amnezia with default parameters. Thanks staff for your work.

Hello! As noted the claimed vulnerability and PoC was/were not filed through the proper channels. According to the report we could finally access, the vulnerability affects macOS (not Windows or Linux), only in case the user checks "Preferences->UI->CLI" in order to have "eddie-cli <options>" available in a command line interface. macOS is the only system for which the stand alone Eddie CLI version is not offered. While the report is being investigated please do not enable that option and run Hummingbird if you need a CLI based program to connect. We will update this thread and of course, should the problem be confirmed, the devs will release a new version. Kind regards

Hello! Eddie Android edition 4.0.0 beta 2 is now available featuring improved AmneziaWG support and strengthened logic against AirVPN bootstrap server blocks: https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/ Kind regards

Hi, This may be the case. Regardless, the question stands: are the Eddie developers looking into this? Development of Eddie seems really lacking at present, there are several open issues on Github, particularly on Mac, that have not been fixed in spite of being reported over a year ago. The issues have not even been replied to. This really isn't filling me with confidence. Please can a member of staff assure us customers that this issue is being looked in to? And when can we expect a fix for the macOS permissions issue? Thank you.

giga omega based kornephoros was struggling to cope with extra demand after wurren was decommissioned. this is gonna be awesome.

I don't understand. Except adding IP in Network route out of VPN, I don't have any solution.

Hello! We're very glad to inform you that two new 10 Gbit/s full duplex servers located in Amsterdam, the Netherlands, are available: Taiyangshou and Vindemiatrix. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor : https://airvpn.org/servers/Taiyangshou https://airvpn.org/servers/Vindemiatrix Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

Congratulations on the launch. This is great news for CA which has had most of its 2 Gbit/s servers pretty saturated during peak hours. Hopefully the ghost of Wurren does not come back to haunt us.

Hello! We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

@Stalinium Yes, the packets you obtain yourself are better suited to your network environment. If you find that troublesome, you can also try other people's parameters. Here are my parameters. Jc = 8 Jmin = 86 Jmax = 892 S1 = 0 S2 = 0 H1 = 2 H2 = 3 H3 = 4 H4 = 1 I1 = ... I2 = ... I3 = ... I4 = ... I5 = ... CPS I1-I5(bing.com-initial QUIC).txt

Other VPN clients support this functionality. I don't know how it's done on the technical side. But Eddie's development on PC seems to have been abandoned. Last update is from almost a year ago. So I guess the chances for new modern features is basically 0.

Jc = 10 Jmin = 53 Jmax = 488 S1 = 0 S2 = 0 H1 = 2 H2 = 4 H3 = 1 H4 = 3 I1 = <b 0xc800000001142041eb35d428321d4c7b5a54f4a25b2eb42b1473144d6f82c2a7fb72748e0ec1cb05dbee502b24ad1f008000047c54b2c6fd1b8d38cc5b2898ffb4ab45a98e34500df11f17d7a00e6feee8b1689e65d3de8267c53ab147353c33bb36072efc65b807af56031e5531651e06f604b15a2cffe4ac57a2611c5b4ed0de39c051de95ad48ca096859db12be3164a2b4c4780c20889a6d9f592cb30b7c0de1636492f9c708ba5ef94c62ff52355782fdc80a7cb7c271004b31164f17ae1164b2a6879182d4e43c06cc29803ee6817da5f08a2c43757cc0f1748ef45fd8b69559b96ecc22828bf5eb9c5796db363da6cd1e675808ff1fa60ed2f226ea9347b6aead0a77419dbea8c03053c6c78e98652faa8b3d7c266d508586f2bc642b55adadbfbeae7d36bf1555e5769b8bf21f81908da3418882937d394e73284fa254926373aeb3d9093f837281c533688e29dacf3d798a36e32ae5d06683b4fba6031652f3abd817d4e585dc8682d2fc661d58242f9148cf051ecd0bfc4d3d1ebbd5db752567389710d3f39d963e01d39240e79a83e5043455609733b00cf2abec95270125882327c93bb2702d2beb03fcf8e5df1234e10f28768d76458f5380a256c27d6623774deabcd327c845e1398006bf288fd3732ea36d13a661ee551d024403283bfde1213ff4e767fefac1db3a2555ae0ffc5ab72251c269bc5115cf4bb65280ffa35c62468801e191131d35ad081659abb97a8fbe26049556ffe87f4d7f592a6f4423133e79661a26928511288cf98e54e34a4e8ecdd4d8c6e1af469ded38a159d625e45e549b3a711ef293f7930040c72b7cd975045ed7e629b60104cced6cb5afb75712eefd60bd705c040bf2143de63d2f637f825c69e53034e183aadb94858d63f2506d42d4faed810ba98172d2340b9d2eb63a4665a5480124f6ce5369cccf2bf18d512fc1b52c0ae7f64ca4380a17d19882b69bcda00277f73b8e02160cddfd913b807149e8519cfbdcb216b80a377a735ad31b87b41c7fb966ebcaae7213e6d4915beb845f926f6e29a284ea11a4f3a63ed22a61d0110cd33b1c31a8a0538b312e9266b773621cdeb9aa862db0d99e04b3cfa1e9ab03ff35cf6a6d3b72be1a6e039104547f9041e007d02c3769510d507f07ea3ebf38a326a9d82977a1cd32b25af02ccf1ddac08389dfb0a30932161f20b53b7a19b6fa8850d86f67b4420eb65f5ed45ba282ad1b82bf341cb9ad3b36437a1f007ad98ce2058fef118a650c908ac9c8cfaffc6eb37f203946a05b1d1698a0e325fc25594d41df81e5984486209aaf3ec854bea023663a7b8c63d31aea21921dcfca5d828b10fca0dd0855ffcaf4e9f0ae83372ff1674f2229954b7dd5dedff81a34aea41537f4536a86a746fa1e28c06985bc029e76df04d383fa7559679d67aa53e153663653ea75cc29a400e20f7ec5c55d13669d08eb9a5615b6871f51c08fde02ddb3bdaa0cc28ef207c6ff51f52bbd3cd49fab6708db0ccda23c7cfd6bd7aae5143b4a88aedf4d232ef39645ddb5bfe794b3e7175cb0b355c4f44df07b53bc48c11e80c3b62319f6a26f8a9b300306c2077b3c0a06028ed9cc2ffabb9984500cd98420b58a6649be2ac1969c3cc2b2fe62dae03c4e48b080ae812c7e105f45fc4ad3544e46d38e25662177644d6ea87e99a892> It is highly preferred that you get your own QUIC packet for I1. You could do that with Wireshark and "curl --http3-only (possibly any Russian website that is whitelisted)" . Select first QUIC Initial packet, right click "QUIC IETF" below -> Copy -> Copy as a Hex Stream. (Mozilla Firefox QUIC packets did not work for 16 kbyte blocked subnets for me)

🙄

Hello! Not anymore, and even less in the near future. HTTP/3 is quickly spreading. Today, HTTP/3 is used by 36.5% of all the websites, including major web sites inside countries that enforce blocks against VPN. Furthemore, blocking UDP as such is no more realistic, not even in China, where UDP has become an instrumental protocol for many companies in any sector (video streaming, video conference, VoIP, marketing, social media marketing, regime propaganda and more), for regime aligned or regime owned activities. In China you have a near 100% success rate and no shaping (apart from the normal shaping for anything outside China) with the current Amnezia "weak obfuscation" (no CPS) implementation, i.e. at the moment you don't even need QUIC mimicking (which is anyway available and very effective). Currently, bypassing blocks via UDP than via TCP is more efficient in China. At the moment there is nothing more effective than mimicking QUIC with the signature / fingerprint of an existing web site that's not blocked, and you have this option right now. We see > 95% success rate, which is better than the success rates of SSH (not exceeding 75%), shadowsocks and XRay, V2Ray etc (but a lot faster!). The success rate is similar to any VPN protocol over HTTP/2, but, again, dramatically faster. We're glad to know it. It is also very flexible. Thanks to CPS, you may mimic any transport layer protocol built on UDP, for example DNS, QUIC, SIP. Kind regards

@zimbabwe @AG999 @Upre1943 @Stalinium @Nonsense @H12345h12345 Hello! Eddie Android edition 4.0.0 preview implements full AmneziaWG support: https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/ Feel free to test and report back (bug, glitches...)! Kind regards & datalove AirVPN Staff

Use 'Policy table' not Object networking. Then create a NAT rule. I would prefer that they catch up with the competition on the basics (Like supporting IPv6 in VPNs), rather than reinventing yet another way to manage firewall rules 😕

Hello! VPNs are not in the scope of both the legislation and trivial tech considerations, as we don't have the keys for the communications: chat, instant messages and e-mails are encrypted end-to-end without our keys, but with the keys of the parties and/or the keys of the service offering e-mail / chat / messaging service, so we can't decrypt anything in any case. With that said, this abomination must be fought. We repute it is incompatible with the Charter of Fundamental Rights and with various CJEU decisions on data retention and privacy. We feel to share the position and the consideration offered by Tuta and EDRi here and here: https://tuta.com/blog/chat-control-criticism https://edri.org/our-work/most-criticised-eu-law-of-all-time/ Unfortunately, opposition has become more difficult because big AI actors see chat control as a great opportunity and they have spent tens of millions to lobby in favor of this abominable regulation. This is the main explanation that tells you why various politicians have changed their positions. Kind regards

I can’t be the only jock customer in the UK, can we please get some dedicated servers north of the border in Scotland please? Even if it’s only one, just give us a 2Gb up and down? thanks 🤞

Some differences between yours and mine are: I also use Wireguard and I have "- WIREGUARD_PUBLIC_KEY=[redacted]" and you don't; I don't have any volumes set up, everything in the docker compose; You aren't specifying the latest image, consider using "qmcgaw/gluetun:latest"; I do not use CIDR notation for the "WIREGUARD_ADDRESSES" and you do, consider trying it without the "/32"; Are you sure your forwarded port is in AirVPN's pool #1? For P2P it has to be. For qBittorrent: again use the latest: "lscr.io/linuxserver/qbittorrent:latest" consider adding the following for robustness: "depends_on: gluetun: condition: service_healthy restart: true" You don't have "TORRENTING_PORT=[your pool #1 port number]"; Its usually best to have these in the same stack, not separate containers. Keep trying, it DOES work.

I agree with your sentiment - it takes a lot of time when you're unfamiliar with this stuff and are already busy doing something else. But it is easier than it seems. To renew the certificate: - Go to https://airvpn.org/ - Sign in - Select the "Client Area" tab - Under "VPN Devices" click the "Manage" button - Click the "Details" button - Click the "Renew" button Then do what Staff says in the above post: - run Eddie - on Eddie's main window uncheck "Remember me" - log your account out - log your account in (you'll need to re-enter your AirVPN credentials) - try again a connection

I have been working with AirVPN support to solve this problem. I know they have just acquired a Pi5 for testing and hopefully there will be a patch for Eddie In the meantime they suggested I try AirVPN suite which is the Command Line version of their VPN client. I had problems getting it to run on the Pi5 too but they worked with me to solve the problems and now it works a charm, if you are comfortable with Command Line (I’m middling myself and I muddled through) I prepared for my own reference the following summary of the tweaks required in my instance: Running AirVPN Suite on Pi5 Install AirVPN Suite Please avoid the 32 bit version. You need the 64 bit version (NOT the legacy version), direct link: https://eddie.website/repository/AirVPN-Suite/1.3.0/AirVPN-Suite-aarch64-1.3.0.tar.gz If AirVPN Suite Fails to Resolve DNS Requests DNS requests should not affect system ability to resolve names. Test for successful resolutions. Example from a terminal: dig airvpn.org If the result is a failure then produce the Bluetit log taken while the problem is ongoing. From a terminal: sudo journalctl | grep bluetit > bluetit.log Send to AirVPN support Check if systemd-resolved is running From a terminal: sudo systemctl status systemd-resolved For me this showed that systemd-resolved was not installed on my system. I installed it with: apt install systemd-resolved Reboot and run sudo systemctl status systemd-resolved again This solved my DNS resolution problems

I will share my setup which I think is close to what you want to achieve: 1. I have created two devices in the Client Area -> VPN Devices: 2. I forwarded ports and assigned them to devices: 3.a In Eddie a drop-down menu appeared (you may need to re-login in the app) and I selected the device: 3.b For the other device I used config generator (in the Client Area) and I selected the other device in the menu. With this setup I can connect to the same VPN server on both PC and Laptop and the port forwarding works because system knows which ports to open for each connection/device. Of course there is no need to do all this if both devices connect to different servers. The default behavior if I recall is that the newest connection to that VPN server will override the port forwarding rules for older connection(s). Result: PS. Kudos to AirVPN for having the most flexible port forwarding system on the market 😉

Probably because they decided not to use women and children as suicide bombers, or fire rockets indiscriminately into civilian areas. But this isn't really the place to discuss it.