Leaderboard

Hello! We're very glad to inform you that two new 10 Gbit/s full duplex servers located in Amsterdam, the Netherlands, are available: Taiyangshou and Vindemiatrix. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor : https://airvpn.org/servers/Taiyangshou https://airvpn.org/servers/Vindemiatrix Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

@Ptwifty Hello! This is a regrettable attempt to irritate AirVPN customers as retaliation by Eddie for not granting him certain benefits after almost 15 years of service. We will have to suppress these attempts at rebellion with a firm and unyielding hand. Joking aside, it seems that you have defined Sheratan as the only server to which Eddie can connect. From your description, you say that you have defined a blacklist with a single server, but in reality you have defined a whitelist with that single server. Please re-check your lists in the "Servers" window. Kind regards

First of all, it's Michigan, a state in the US, not some country, and second, the article also goes into that, stating that the ISPs lack tech to reliably identify VPNs without invasive DPI, which might be a violation of the 4th Amendment. Also, it's a proposed bill, if I read it right, so the statement "will ban vpns soon" is not exactly correct as of today. Relax and calm down first. Anyway, OpenVPN over SSH or SSL or AmneziaWG would probably bypass any of these restrictions, and these have been live for years now.

this is actually a post....... Ich bin ein Berliner

Hello! You will appear on the Internet with the same IP address if you connect to the same VPN server. In order to prevent this from happening please make sure to connect each device to a different VPN server. Kind regards

I can confirm this works on Homatics Dune HD Homatics Box R 4K Plus. It needs to be done through real USB connection. ADB TV was not working for me.

Specs, section Assigned IPs: For the entry IPs, use a DNS query: $ dig a in +short de3.all.vpn.airdns.org 141.98.102.245 141.98.102.189 141.98.102.181 185.189.112.21 37.46.199.68 141.98.102.237 37.46.199.52 185.189.112.29 83.143.245.53 37.120.217.245 141.98.102.229 37.46.199.84 185.104.184.45 185.189.112.13 $ dig aaaa in +short de3.all.vpn.airdns.org 2001:ac8:20:98:ba0a:dabc:45a8:c67c 2a00:dd0:aaaa:7:e021:9b15:8027:f809 2001:ac8:36:3:2935:d57f:fc05:83e0 2001:ac8:20:96:226a:3a84:c3d8:dba8 2001:ac8:20:2b:d428:2f9d:4c0a:77b8 2001:ac8:20:225:1b06:18f:a622:b2af 2001:ac8:20:97:dad1:f205:28f1:bff5 2001:ac8:20:2a:818d:602e:cf31:f199 2001:ac8:20:99:fbf6:b62a:86df:b560 2001:ac8:20:2c:8efe:ed7:7e97:6f97 2001:ac8:20:5:623e:50fc:8023:a65 2a00:dd0:aaaa:9:2a94:d040:418f:de4a 2001:ac8:20:9a:13e6:576a:41cb:a5f 2a00:dd0:aaaa:8:486b:fb23:5878:32ea .

On the Download page, click the Other versions button and select 2.21.8.

Hello! We're very glad to inform you that the Black Friday weeks have started in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership and it was never sold out to data harvesting or malware specialized companies as it regrettably happened to several competitors. Ever since 2010 AirVPN has been faithful to its mission. AirVPN does not inspect and/or log client traffic and offers: five simultaneous connections per account (additional connection slots available if needed) state of the art and flexible inbound remote port forwarding active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 2000 Mbit/s with WireGuard flexible and customizable opt-in block lists protecting you from adware, trackers, spam and other malicious sources. You can customize answers or exceptions globally, at account level or even at single device level. powerful API IPv6 full support comfortable management of your client certificates and keys AES-GCM and ChaCha20 OpenVPN ciphers on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys internal DNS. Each server runs its own DNS server. DNS over HTTPS and DNS over TLS are also supported. free and open source software client side software support to traffic splitting on an application basis on Android and Linux and on a destination basis on Windows and macOS GPS spoofing on Android application AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 330 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: https://github.com/AirVPN/openvpn3-airvpn AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Promotion due to end on 2025-12-03 (UTC). Kind regards & datalove AirVPN Staff

You shouldn't, please read the announcement, thanks! 😋 Kind regards

Dark mode on this site would be nice. Strange that there is no dark theme aleready? I use a huge screen and its like flood-lights when i open this page lol opening airvpn.org:

No problem! It's been working very well for me, I even setup different wg tunnels for some devices. This involves creating another vpn device from the client area page, and generating a config file using that device profile.

Hello! We're very glad to announce that AirVPN Suite 2.0.0 Release is available. Special thanks to the outstanding community beta testers whose continued support in over a year and a half has been invaluable and decisive to find out and address several, insidious bugs. AirVPN Suite 2.0.0 introduces AirVPN's exclusive per app traffic splitting system, bug fixes, revised code, WireGuard support, and the latest OpenVPN3-AirVPN 3.12 library. Please see the respective changelogs for a complete list of changes for each component of the suite. The 2.0.0 Suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN and WireGuard servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN and WireGuard servers Hummingbird: lightweight and standalone binary for generic OpenVPN and WireGuard server connections Cuckoo: traffic split manager, granting full access and functionality to AirVPN's traffic split infrastructure airsu: a "run and forget" tool to automatically set and enable the user environment for the X.Org or Wayland based ecosystem without any user input WireGuard support WireGuard support is now available in Bluetit and Hummingbird. OpenVPN or WireGuard selection is controlled by Bluetit run control file option airvpntype or by Goldcrest option -f (short for --air-vpn-type). Possible values: openvpn, wireguard. New 2.0.0 default: wireguard. Bluetit run control file (/etc/airvpn/bluetit.rc) option: airvpntype: (string) VPN type to be used for AirVPN connections. Possible values: wireguard, openvpn. Default: wireguard Goldcrest option: --air-vpn-type, -f : VPN type for AirVPN connection <wireguard|openvpn> Suspend and resume services for systemd based systems For your comfort, the installation script can create suspend and resume services in systemd based systems, according to your preferences. allowing a more proper management of VPN connections when the system is suspended and resumed. The network connection detection code has also been rewritten to provide more appropriate behavior. Asynchronous mode A new asynchronous mode (off by default) is supported by Bluetit and Goldcrest, allowing asynchronous connections. Network Lock can be used accordingly in asynchronous connections. Please consult the readme.md file included in every tarball for more information and details. Word completion on bash and zsh Auto completion is now available by pressing the TAB key when entering any Goldcrest or Hummingbird option and filename on a bash or zsh interpreter. Auto completion files are installed automatically by the installation script. AirVPN's VPN traffic splitting AirVPN Suite version 2.0.0 introduces traffic splitting by using a dedicated network namespace. The VPN traffic is carried out in the default (main) namespace, ensuring all system data and traffic to be encrypted into the VPN tunnel by default. No clear and unencrypted data are allowed to pass through the default namespace. Any non-tunneled network traffic must be explicitly requested by an authorized user with the right to run cuckoo, the AirVPN traffic split manager tool. AirVPN's traffic splitting is managed by Bluetit and configured through run control directives. The system has been created in order to minimize any tedious or extensive configuration, even to the minimal point of telling Bluetit to enable traffic splitting with no other setting. In order to enable and control AirVPN's traffic splitting, the below new run control directives for /etc/airvpn/bluetit.rc have been implemented: allowtrafficsplitting: (on/off) enable or disable traffic splitting. Default: off trafficsplitnamespace: (string) name of Linux network namespace dedicated to traffic splitting. Default: aircuckoo trafficsplitinterface: (string) name of the physical network interface to be used for traffic splitting. All the unencrypted and out of the tunnel data will pass through the specified network device/interface. In case this directive is not used and unspecified, Bluetit will automatically use the main network interface of the system and connected to the default gateway. Default: unspecified trafficsplitnamespaceinterface: (string) name of the virtual network interface to be associated to the Linux network namespace dedicated to traffic splitting. Default: ckveth0 trafficsplitipv4: (IPv4 address|auto) IPv4 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv4 address belonging to the system's host sub-network (/24) Default: auto trafficsplitipv6: (IPv6 address|auto) IPv6 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv6 address belonging to the system's host sub-network (/64) Default: auto trafficsplitfirewall: (on/off) enable or disable the firewall in Linux network namespace dedicated to traffic splitting. The firewall is set up with a minimal rule set for a very basic security model. Default: off AirVPN's traffic splitting is designed in order to minimize any further configuration from the system administrator. To actually enable traffic splitting, it is just needed to set "allowtrafficsplitting" directive to "on" and Bluetit will configure the traffic split namespace with the default options as explained above. When needed, the system administrator can finely tune the traffic splitting service by using the above directives. Power and limitations The adopted solution offers a remarkable security bonus in terms of isolation. For example, it gets rid of the dangerous DNS "leaks in" typical of cgroups based traffic splitting solutions. However, the dedicated namespace needs an exclusive IP address. If the system is behind a NAT (connected to a home router for example) this is not a problem, but if the system is not behind any NAT, i.e. it is assigned directly a public IP address, you will need another public IP address for the network namespace dedicated to traffic splitting. You will need to manually set the other public IP address on the trafficsplitipv4 or trafficsplitipv6 directive as the guessing abilities of Bluetit may work only within a private subnet. Please keep this limitation in mind especially if you want to run the Suite with per app traffic splitting on a dedicated or virtual server in some datacenter, as they are most of the times NOT behind any NAT. Introducing Cuckoo, the AirVPN traffic splitting manager tool To generate out of the tunnel traffic, any application software must be run inside the "traffic split" namespace by using the dedicated traffic split tool cuckoo which can be run by users belonging to the airvpn group only. It cannot be used by the superuser. The usage is documented in the manual and on the inline help. The traffic split namespace uses its own routing, network channels and system DNS. It will not interfere or communicate in any way with the default namespace using its own encrypted tunnel. Programs started with cuckoo are regular Linux processes and, as such, can be managed (stopped, interrupted, paused, terminated and killed) by using the usual process control tools. The programs started by cuckoo are assigned to the user who started cuckoo. As a final note, in order to work properly, the following permissions must be granted to cuckoo and they are always checked at each run. Owner: root Group: airvpn Permissions: -rwsr-xr-x (owner can read, write, execute and setuid; group can read and execute, others can read and execute) Special note for snap packages users Snap is a controversial, locking-in package management system developed by Canonical and praised by Microsoft. It packages applications as snaps, which are self-contained units that include all necessary dependencies and run in a sandboxed environment in its default namespace. Therefore, "snap" applications will bypass the order by the system via Cuckoo to have an application running in one specific namespace created for reverse traffic splitting. As a result, snap applications will jettison the Suite's reverse traffic splitting feature. Currently, you must avoid snap packages of those applications whose traffic must flow outside the VPN tunnel. The issue is particularly relevant ever since Ubuntu migrated certain packages exclusively to Snap, such as Chromium and Firefox. At the moment it is still possible to eradicate snap from various distributions, including Ubuntu, quickly. Special note for firewalld users Please read here, it's very important: https://airvpn.org/forums/topic/70164-linux-network-lock-and-firewalld/ AirVPN Switch User Tool Airsu Running an application in a graphical environment requires a user having a local environment properly set, in particular variables and access to specific sockets or cookies. They are usually set at the moment of graphical login, while they may not be properly set in case a user logged in by using the system tool su. In this specific case the user will not probably be allowed to access the graphical environment, so any GUI application will not start. AirVPN’s airsu is used for this specific purpose and configures the user environment to the current X.Org (X11) or Wayland based manager, thus allowing access to GUI applications when run through cuckoo. Note on GUI software and Web Browsers Complete compatibility with both X11 and Wayland based environments has been implemented. Because of the specific Linux architecture and namespaces, some applications may need to specify the graphical environment in order to start and use the currently selected window manager on an X.Org (X11) or Wayland based habitat. Cuckoo can automatically do this by “injecting” predefined options to some preset applications, in particular those based on the chromium engines, most of them being web browsers. To see the list of predefined applications, please start cuckoo with --list-preset-apps option. When running an application with cuckoo, the user should make sure to actually start a new instance. This is usually granted by starting an application from the command line (such as running it with cuckoo). By starting an application from the desktop environment this may not happen. Download AirVPN Suite 2.0.0 The Suite is available in various flavors: ARM 64 bit, ARM 64 bit legacy, ARM 32 bit, ARM 32 bit legacy, x86-64 and x86-64 legacy. Download page: https://airvpn.org/linux/suite/ Changelog and source code Changelog for each component is available inside each package and on GitLab. Source code is available on GitLab: https://gitlab.com/AirVPN/AirVPN-Suite Kind regards and datalove AirVPN Staff

@Bohdan Kushnirchuk Hello! How to solve: To grant Terminal full disk access (except some specific critical directories) on macOS, follow these steps: Open System Settings (or System Preferences): On macOS Ventura and later, click the Apple menu at the top-left of your screen, then choose System Settings. On macOS Monterey or earlier, choose System Preferences. Go to Privacy & Security: In System Settings (Ventura and later), select Privacy & Security in the left-hand menu. In System Preferences (Monterey and earlier), click Security & Privacy, then go to the Privacy tab. Select Full Disk Access: In the Privacy & Security or Security & Privacy tab, scroll down and click Full Disk Access in the left menu. Unlock Settings: At the bottom-left of the window, you might need to click the lock icon and enter your admin password to make changes. Add Terminal: Once the lock is open, click the + button beneath the list of apps with Full Disk Access. In the file chooser window that pops up, go to Applications > Utilities, and select Terminal. Click Open to add it to the list. Restart Terminal: Close the Terminal app if it’s open, then reopen it to apply the changes. 2. Open the terminal and change ownership of the relevant files: sudo chown root /Applications/Eddie.app/Contents/MacOS/* Kind regards

Hello I would like to give my personal recommendations to help with network censorship in Russia. I may not have time to write a authoritative, proper guide, but wanted to share this. Everything "clicked" once I read a comment how the DPI works to determine a new connection. Preface IP and subnet blocks came first. They completely blackhole all traffic to blocked IP addresses. The only thing you can try is IPv6 in place of IPv4. Some Air servers are blocked by IP. The Deep Packet Inspection (DPI) is a required installation for residential ISPs and (as of late) industrial networks like data centers. It works to dynamically block known protocol traffic, anything "forbidden" that's not yet in IP blocklists from above. This system was put in law many years ago. Nevertheless, the networks across the country are at various stages of rollout and their capabilities will differ. Real example: residential ISP did not block OpenVPN->Air, yet the mobile carrier did. Yet in 2024 the residential ISP upgraded their DPI system and started blocking OpenVPN too. Common methods of circumvention Mangle traffic locally to fool the DPI systems. It will allow you to connect to servers not blocked by IP (TLS SNI name detection). Proxy/VPN server: A prerequisite is an outside server, it must not have been blocked by IP. If it's a private server and OpenVPN or Wireguard work - you're lucky. However be prepared to still get blocked by DPI any day for using a VPN protocol. There are many proxy tools, especially developed to combat the Great Firewall of China. They don't run directly on Air, so this is something for self-hosting or other services to provide. We're talking about Air, so let's get that VPN working. Everything below requires you to find a reachable Air server (no direct IP blocks). The configuration server used by Eddie is IP blocked, so it won't work at all. I suggest you to generate all server configs in advance and see which are reachable from Russian networks. Airvpn.org seems to be reachable though. OpenVPN over SSH to Air It is possible to set this up on mobile, however the connection is reset after 10-30 seconds due to a lot of traffic being pushed. I used ConnectBot and it didn't restart the SSH connection properly, anyhow OpenVPN and ConnectBot had to be reconnected manually each time --> unusable. Since both apps are easily downloadable from app stores/F-Droid, this can be enough to generate and download configs from AirVPN's website in a dire situation. This connection type works like this: SSH connects to Air server, forwards a local port -> Air (internal_ip:internal_port) OpenVPN connects to local_ip:local_port and SSH sends the packets to Air's OpenVPN endpoint inside this tunnel Once the connection is established, it works like a regular OpenVPN on your system OpenVPN over stunnel to Air I haven't tried, desktop only? OpenVPN (TCP) over Tor to Air While connecting to Tor will be another adventure, do you really need a VPN if you get Tor working for browsing? If yes, I suppose it could work. I haven't tried. OpenVPN (TCP) to Air May start working after hours on Android, if the connection was established initially. Until then you'll see a lot of outgoing traffic but almost zero incoming traffic (NOT ZERO though!) It is unclear to me whether this is because Android keeps reconnecting after sleeping or sometimes it pushes so little traffic over the established connection that DPI forgets or clears the block for this connection only. OpenVPN (UDP) to Air Doesn't work. Wireguard to Air Doesn't work, it's always UDP and very easily detected. AmneziaWG client to connect to standard Wireguard Air servers This worked for me almost flawlessly. The trick of AmneziaWG is to send random trash packets before starting the connection sequence. This is what the new parameters are and some of them are compatible with standard Wireguard servers. The DPI only checks traffic within the initial traffic size window of the connection. If it doesn't find VPN connection signatures (and it doesn't due to random data) then it whitelists the connection. Wireguard then sends its connection packets and connects to Air. Full speed ahead, no throttling. The VPN connection works! What's the catch? The AmneziaWG packet configuration must be right. This worked for me across all networks I encountered: MTU: 1320 (safe value, higher MTU will give better bandwidth, if it works at all and doesn't begin to fragment packets) Junk Packet count (Jc): 31 Junk Packet minimum size (Jmin): 20 Junk Packet maximum size (Jmax): 40 Init packet junk size (S1): none (afaik only with AmneziaWG server; delete from config or try to set 0) Response packet junk size (S2): none (afaik only with AmneziaWG server; delete from config or try to set 0) Magic header settings changeable afaik only with AmneziaWG server: Init packet magic header (H1): 1 Response packet magic header (H2): 2 Underload packet magic header (H3): 3 Transport packet magic header (H4): 4 Example: [Interface] ... other default values, including MTU ... Jc=31 Jmin=20 Jmax=40 H1=1 H2=2 H3=3 H4=4 And how would you know what numbers to set? This single insight: This means flooding small random UDP packets at the beginning is the winning strategy. That's how I optimized someone's config from "sometimes it works, sometimes it doesn't" to "works 100% of the time, everywhere". You actually don't want to blast big packets and be blocked because of it. Smaller random packets are good for mobile traffic too. How would you setup AmneziaWG to connect to Air (Android)? Generate and download AirVPN Wireguard configs, for each individual server, try different entry IPs too. DO NOT USE THE DEFAULT (OFFICIAL) WIREGUARD PORT. We don't want long-term logging to highlight the working servers for the next round of IP blocks. Download AmneziaWG-Android VPN client (the Android edition is actually a fork of the official Wireguard app aka "AmneziaWG". Don't download their regular all-in-one client aka "AmneziaVPN"!): amnezia.org or https:// storage.googleapis .com/kldscp/amnezia.org or https://github.com/amnezia-vpn/amneziawg-android/releases Import Air's configs in the app Apply "Junk Packet" settings from above Try to connect Try different entry IPs and servers if the connection doesn't work. See if the server IP is completely blocked either with: ping "<entry IP>" nc -zv -w 10 "<entry IP>" "<port 80 or 2018 for OpenVPN TCP>" This is GNU netcat Keep in mind: on Android the safest way to avoid any traffic leaks is to go to system settings, Connection & sharing > VPN, or search for "VPN", click on (i) for advanced settings, Enable: "Stay Connected to VPN" & "Block All Connections not Using VPN". If you ever disconnect from VPN by using Android's system notification, you'll need to re-enable these settings. If you switch between VPN apps (like Eddie -> AmneziaWG), I suggest to make sure these settings are always enabled like this: Turn off Wi-Fi (or mobile data) For previous VPN app disable: "Stay Connected to VPN" & "Block All Connections not Using VPN" For next VPN app enable: "Stay Connected to VPN" & "Block All Connections not Using VPN" Turn on Wi-Fi / connect using next VPN app Android battery optimization: Finally, go to app's settings (or Settings-Battery then app list somewhere) and make sure the AmneziaWG app is "not optimized" for battery. This way it will not be interrupted in the background and potentially drop connection until the screen is awake. -- https://dontkillmyapp.com/ for guides and more info Thanks for reading. Big politicians are not your friends, stay strong and propagate what you truly believe in.

The Problem VPN speeds are significantly decreased despite trying to account for all variables I can think of. Significantly decreased in this case means that absolute best I can temporarily get is 250/250 out of my 500/500 connection as measured with iperf3. However, "real life" use with bittorrent and usenet is much slower. i have consistently had a max upload speed of less than 500 kB/s with transmission. downloading from usenet which normally can max out my connection is stuck at 5 to 6 MB/s (it's about 60 MB/s on same device and network w/o VPN ie ~ 480 mbps on my 500 plan). I am absolutely stumped, any advice is very much appreciated. Steps I have taken Confirmed expected speed w/ iperf3 when vpn is disconnected. I tested between local machines, with remote public iperf3 servers, and between iperf3 docker container and remote public iperf3 servers (~ 1 gbps locally on gigabit ports, and ~500/500 mbps externally with my 500/500 plan as expected both directly on host and in docker). i also tested with iperf3 in gluetun container with vpn activated (best result was 180/150, most much lower) Tried different servers in different geographical regions, including my home country Tried OpenVPN vs Wireguard Tried using specific ports like 53 to bypass potential ISP throttling Tried TCP only for same reasons Disabled all ipv6 Tried adjusting MTU for wireguard Tried LSIO wireguard docker image, gluetun docker image, and regular (non-docker) wg Tried with and without VPN port forwarding (with gluetun) disabled UFW because at this point, why not right? Tried all of the above with several different VPN providers (Proton, OVPN, AirVPN) and spun up my own wireguard vpn server on two different VPS providers with same result I have swapped out my older router with a brand new one since the 500/500 is an upgrade from my previous 250/~25 connection and I have many devices connected. I got a slight improvement from 450 mbps down without VPN to 500+. No discernible improvement with VPN connection. Suspecting potential VPN throttling from my new ISP, I have even got a second ISP to try things with. both are 500/500 and provide speeds as advertised. i even tried gluetun on a different computer. the second computer i tried had 11th gen i9 with 32gb ram and was debian 11 (from an older PC running current LTS ubuntu server). same issue Since everything is "working" (successful tunnel connection), I have no idea what I can provide in terms of logs or whatever to help resolve this.

Mr. veryhadu, watch your language. You are being very provocative for no apparent reason. Mr. mackerel's original post actually is something of an example to follow when asking for troubleshooting help: It describes the exact problem and what have been tried, and would've provided logs if the issue was easier to trace with them. Very few other posts boast this level of detail. So you're really barking up the wrong tree here. Though, Mr. mackerel, setting --verb to 4 or 5 could maybe help. The config generator and Eddie default is 3, omitting some technical information. You could try setting this to 4, then connect and do something causing this throughput. Maybe someone is attentive enough to spot something.

You're either a troll or completely unhelpful. Next time read the post. This isn't a problem particular to AirVPN, and since I have tried literally everything I can think of and spent several hundred dollars in the process of doing so, I am seeking help on the possible causes. Preferably from people who know what they are talking about. I'll take your style advice in consideration 🙄

AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES. The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction. Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union. The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure. Given all of the above, we repute that these acts: - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights; - are an attack against the Internet infrastructure and the cyberspace; - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired; and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses. In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time. Kind regards AirVPN admins

Hello! This is interesting. We are gradually activating IPv6 on every server, but you have IPv6 disabled at OS level, and this causes a fatal error. For the moment, you can: - Reactivate IPv6 No good reason is known to disable IPv6 at OS level. If you are scared about IPv6 leak when connecting to servers without IPv6 support, a cleaner solution is simply blocking IPv6 traffic with ip6tables. OR - Append the following directives in your .ovpn files: pull-filter ignore "dhcp-option DNS6" pull-filter ignore "tun-ipv6" pull-filter ignore "ifconfig-ipv6" This will skip IPv6 configuration of tunnel and avoid your error. We are considering related options to Config Generator. Kind regards