Leaderboard

Hello! We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor : https://airvpn.org/servers/Castula https://airvpn.org/servers/Chamukuy https://airvpn.org/servers/Elgafar/ Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

Yes, works for me too.

Yes, no problem on my end. For all intents and purposes:For all intents and purposes: For all intents and purposes: - UnifiOS 5.0.10 - Network 10.0.162

Every time a VPN connection is started, there is a chance Eddie will crash, most often by the third connection attempt. Here, I just tapped on the same server (but it could be any server) three times, then Eddie quit and the VPN disconnected. This doesn't happen with Eddie 3.3.0. https://eddie.website/report/46708ecc/

Hello! We think that the problem is on your side. Castula is absolutely perfect just like other servers you experience this problem on. We have no complaints whatsoever about any of the servers you mention. Note that Castula, Chamukuy, and Elgafar are all connected to the same upstream in the same small subnet. Your tests have been instrumental to make us aware of the problem (SYN flood and similar events) frequently occurring on specific Canadian servers, so thank you! A good thing you can do on your side is black listing the servers that don't work well for you. You have anyway a vast range to pick from. Keep us informed if the problem suddenly appears on one or more of the servers that are perfectly fine for you now. Kind regards

I checked the list of AirVPN updates and saw that there has been no update to the Windows application for a year. What's happening?

Hello! We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

🙄

Use 'Policy table' not Object networking. Then create a NAT rule. I would prefer that they catch up with the competition on the basics (Like supporting IPv6 in VPNs), rather than reinventing yet another way to manage firewall rules 😕

Some differences between yours and mine are: I also use Wireguard and I have "- WIREGUARD_PUBLIC_KEY=[redacted]" and you don't; I don't have any volumes set up, everything in the docker compose; You aren't specifying the latest image, consider using "qmcgaw/gluetun:latest"; I do not use CIDR notation for the "WIREGUARD_ADDRESSES" and you do, consider trying it without the "/32"; Are you sure your forwarded port is in AirVPN's pool #1? For P2P it has to be. For qBittorrent: again use the latest: "lscr.io/linuxserver/qbittorrent:latest" consider adding the following for robustness: "depends_on: gluetun: condition: service_healthy restart: true" You don't have "TORRENTING_PORT=[your pool #1 port number]"; Its usually best to have these in the same stack, not separate containers. Keep trying, it DOES work.

Let me just add the observation that only a few percent of domains you might be looking up in a DNS system are going to be DNSSEC signed anyway. While it's nice to have DNSSEC functioning as a sort of future proofing and for the rare cases when it matters now, becoming alarmed at its absence in a DNS system at this stage is seriously inappropriate. Example: in the US the only major financial institution that I can find that signs its DNS entries with DNSSEC is the Internal Revenue Service! Yes, irs.gov is signed, as are some other US-gov't agency sites. But the big banks do not use DNSSEC, and neither do the well-known large brokerage houses. (Every site foo.bank is a DNSSEC-signed bank site, but see https://www.register.bank/dotBANKers/# to see which banks have bothered. They're all small.) In the VPN world, AirVPN.org is signed, mullvad.net is signed, and privateinternetaccess.com is signed. Every other well-known VPN service that I've tried depends on unsigned DNS entries. So basically at present, DNSSEC from the consumer point of view is little more than a cute toy.

NOTE: if you run Eddie or Hummingbird you don't need this guide, but you might need to get rid of update-systemd-resolved which, in one of its various working modes, can interfere fatally with DNS handling. This post describes how to accept OpenVPN servers DNS push on Linux, OpenBSD, FreeBSD and some other POSIX-compliant OS when: resolvconf package OR openresolv package is installed OpenVPN is run directly (i.e. NOT through any OpenVPN GUI/wrapper such as network-manager) OpenVPN version is 2.1 or higher Warning: the specified "update-resolv-conf" script path refers to many Linux distributions and OpenVPN package installation, but NOT to all of them. Please check the correct path of the mentioned file before proceeding (for example: it could be /usr/share/openvpn instead of /etc/openvpn). If the script is not on your system, you'll need to create it. See the typical script here: https://wiki.archlinux.org/index.php/OpenVPN#DNS Important: in the same above linked page, note that if you have a system based on systemd you might need some important modifications: Add to your OpenVPN configuration file(s), either in field "Custom Directives" of the Configuration Generator or by editing the configuration directly, the following lines: script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf In this way update-resolv-conf will record the DNS push and through resolvconf or openresolv will modify the nameserver accordingly. When OpenVPN quits, update-resolv-conf restores the previous nameserver line(s). Kind regards