Leaderboard

Hello! We're very glad to announce that Eddie Android edition 4.0.0 Release Candidate 1 is now available. New CPS QUIC database: now Eddie features a CPS database of more than 30 real web sites allowing accurate QUIC + HTTP/3 mimicry of real services through AmneziaWG. Each database entry is identified by a clear label for immediate selection in the app's settings. Eddie will take care to compile AmneziaWG In parameters accordingly: no need for manual input, which anyway remains an available option. This addition significantly bolsters Eddie's arsenal against blocks. New: IPv4 and IPv6 traffic can now be wrapped over an IPv6 tunnel with WireGuard and AmneziaWG too. Minor bug fixes The original message of this thread has been updated accordingly. You will find on it the new download link and checksum, as well as detailed Amnezia description. If you decide to test, please report at your convenience any bug and problem in this thread. If possible generate a report from the app in a matter of seconds: by tapping the paper plane icon on the Log view bar rightmost side you will generate a full system report which will include both log and logcat and have it sent to our servers. Then you just need to send us the link the app shows you (open a ticket if you prefer to do it in private). Kind regards & datalove AirVPN Staff

Hi, I'd like to suggest a feature that lets user to use a hostname that resolves to the best server from a user-defined list of servers. It will be similar to *.vpn.airdns.org but only resolves to one of the servers in the user-defined list. Eddie has a feature that works similarly by adding servers to allowlist. However, when Eddie can't be used, it is inconvenient. I hope you consider this suggestion. Thank you and have a nice day. Regards,

Hello! Or that any "Network Lock" mode is disabled by setting "Network Lock" box to "None" in "Preferences" > "Network Lock" window (default: "Automatic"), as it is indeed the case according to the system report (important option not at default: netlock.connection false) and considering that the user's system does have nft and iptables-* installed. Splitting the different cases with different messages and logging them will be suggested to devs. Kind regards

I need more features but I do stick with AirVPN! Please give us dark mode, an easy way of doing split tunneling as well and maybe sort out something so tailscale can work side by side so we can have our computer meshes working outside the tunnel!

Hello! We're not ignoring it, did you read the update on the first message of this thread? Kind regards

Dark mode pretty please!! Keep up the good work! Thanks

Hello! We do agree and we are planning to implement on our software per app traffic splitting on Windows too. Currently you can enjoy per app traffic splitting on Linux (AirVPN Suite) and Android (Eddie Android edition). If the machine you use for Steam is based on Linux you can already have per app traffic splitting with our software. If you run Windows, in the meantime you can consider WireSock, which offers traffic splitting and reverse traffic splitting (on an application basis) and is fully compatible with our WireGuard servers. The Configuration Generator will generate the profiles you wish. Kind regards

I have been facing a predicament for months, which is that Steam thinks i'm a bot and doesn't let me play any multiplayer games in.. multiplayer, and I can't turn my VPN off to use all 5 ports on it to host numerous servers. The problem is, there isn't a way to IP or domain whitelist Steam, since I don't know any of the ip's it uses to connect, and they change alot. This is where app-based tunneling would shine though, and here is why 1. App based tunelling would most likely save you guys alot of bandwidth, now people can tell the VPN to send web browser connections through their actual internet, and then you won't have alot of traffic taken up by YouTube streams 2. This defeats the need to switch to other clients, which is clunky and complicated. 3. It lets you do everything in one app (Eddie), which is extremely convenient and simple for newcomers to use, probably bringing more subscribers to the VPN too since split-tunneling is a useful feature 4. It straight up lets you split tunnel some stuff in the first place, such as Steam i've already mentioned, which uses a variety of ip's and domains i don't know, and i'm not about to spend a few hours in wireshark getting all the ip's/domains and adding them. So please, 4 good reasons on why app split-tunneling should be added to Eddie. P.S. another thing I noticed was that the split-tunneling already in Eddie didn't seem to work until I reconnected the VPN, is this a limitation, a bug, or just something that isn't added? - Thanks, a pleading CS2 player and server hoster

With some help from Claude I have put together a GTK4 client for Linux. https://gitlab.com/snotra.uk/airvpn Uses the API to grab servers and configs, uses network manager to setup the wireguard connections, and firewalld for the network lock. Seems to be working well for me. might be useful to someone. cheers Shaun

Youtube is asking for login now over all new UK servers.. What a pain in the arse Youtube is. Any ideas? I hate creating a google account only for that

Hello! Welcome aboard. 1. Yes, correct. 2. Yes, correct. 3. With a port linked to "All devices" this is not possible, because you create an unsupported case in forwarding rules, i.e. the same packet to a specific VPN server public IP address port should be forwarded to the port of multiple VPN IP addresses. This is not implemented and also poses a technical challenge in our infrastructure that's not trivial. To overcome this situation you must use unique key pair for each device and take care to link each port to a single device. Alternatively, a simpler solution is just connecting each device to a different VPN server (your 2nd scenario). Kind regards

I'm not sure how viable would be to have a UK region going forward... UK daddy government is constantly forcing ISPs to block access to sites. I had a number of trackers failing in Prowlarr and the reason was the above. So I had switched over to another region, although I'd love to use the shiny new UK servers. Also Cloudflare has been acting weird lately

They said earlier that it is coming to other platforms, but can't help but wish for it to come soon. SSH>TCP and SSL>TCP works so far, but some servers are weird in terms of speed and being able to connect on some days. Hopefully amnezia support for pc comes soon.

"We are currently working on a substantial codebase refactoring aimed at evolving Eddie Desktop into a more modern client." More than needed. The UI looks like one of XP times. Not a single other provider uses a ancient UI like that. I also need to use a 3. party Client (WireSock) to use application/folder split tunneling. Application Split-Tunneling is also something every single other provider has since a long time now. The reason i use Air is trust. If i look at the outdated applications i raither use other providers who hold theirs more up to date but most i just dont trust at all so im stucked with Air and a 3. party application for now since i use split-tunneling 24/7.

Hello and thank you for your reply. I just solved my problem; the AirVPN server list wasn't up to date, so I updated my Gluetun client, and now the Taiyangshou server is working. However, SERVER_NAMES is indeed plural, as indicated in the Gluetun configuration. https://github.com/wolffcatskyy/gluetun-airvpn-edition

I'm inclined to write: seeing as the post has absolutely no information to start troubleshooting. Unless you expect someone to hack into your system. Or read your mind. Let's start with something simple anyone can do. Close Eddie, reopen, try a connection, then provide a system report..

Consider Kagi. You get a search engine that's actually not selling your data, and access to all the AI models to boot.

I've made a Linux shell script for batch-conversion of WireGuard .conf files making them AmneziaWG (awg) compatible: https://github.com/zimbabwe303/awg_conf_patch When patching it shuffles the H1..4 parameters; to re-shuffle you can just re-run it over the same files again. It also can shorten .conf file names generated with the AirVPN config generator to facilitate their usage with the 3rd-party smartphone WireGuard clients such as WG Tunnel (which uses AmneziaWG instead of the vanilla WireGuard).

Yeah, the lockup is a problem worth investigating (for the devs), but the underlying cause is it not detecting tools that are clearly there, which is just as puzzling. Explains the report output, then. Thanks!

Hello! Available in "Settings" > "System" > "Application Filter Type" > select white or black list, then compile the list on the new "Select applications to be *listed" menu item that will appear. BLACK LIST enabled: all the traffic is tunneled except the traffic of the black listed app(s). WHITE LIST enabled: only white listed apps will have their traffic tunneled. Kind regards

I see in the changelog for the UniFi Network App 10.2.93: - Added IPv6 support for WireGuard VPN. I'd given up hope, I tell you!

Hello! We're glad to inform you that we have just released: "Road To OpenVPN 2.6" migration plan - https://airvpn.org/road_to_openvpn26/ A new version of Config Generator with options related to OpenVPN 2.6 A new Eddie Desktop beta release (2.23.0) related to the road above, feature-locked to reach stable release https://airvpn.org/forums/topic/56428-eddie-desktop-223-beta-released/ A new server (Marsic), the first running OpenVPN 2.6 powered by DCO (server-side) and ready for client-side DCO. UPDATE 2026-03-12 After careful evaluation and considering that: DCO for OpenVPN 2.6 is now considered obsolete the new DCO is aimed at OpenVPN 2.7 only DCO kernel module is included on mainline Linux kernel starting from 6.16 AirVPN VPN infrastructure is based on kernel 6.12 and OpenVPN 2.6 (typical setup of Debian 13, RHEL 10 etc.) OpenVPN usage declined dramatically: today only 24% of connections are based on OpenVPN, and the decline continues at a steady pace the combination of WireGuard and AmneziaWG is more effective than OpenVPN over TCP at bypassing blocks valuable packet payload padding (against encrypted traffic pattern analysis) is offered by AmneziaWG and not DCO: the plan has been momentarily frozen. It can be re-activated when the VPN infrastructure moves to kernel 6.16 (or higher version) and OpenVPN 2.7. Our priority goes to wider AmneziaWG support, on the client software first and then on the server side too (important especially for padding). Kind regards & datalove AirVPN Staff

I didn't bother waiting. Service seems worth it, I got a trial account and lived up to my expectations. Thank you

These were very much needed so I'm glad to see them added to the list

Roughly 60 GB. Always on. And if I did provide liberation services to the world, I would still stay below 100

Most of the encryption algorithms are handled by hardware, using CPU extensions. But packet switching still requires vanilla CPU power. So yeah, CPU horsepower still required but not as much as the days of old. Also the newer, more efficient ciphers help a lot as well.

With 300+ users you would need some beefy CPUs in the server. I would guess that is the bottleneck, not the actual connection. VPNs are encrypted and require the processing power to handle the number of users connected. Not sure what their server specs actually are, but would be curious to know.

Its a shame. These were among the absolute fastest (especially Chumukay) when they came on board. They smoked the high powered Chicago servers but they are not reliable for the past week or two. Right across the border in Chicago apparently nobody is attacking those servers.

Hello! Yes, current DDoS / flood unfortunately. Kind regards

Do you know why these new servers are having high packet loss?

Loving these new speedy servers! Would love to see some upgrades to the 2 overworked connections in Montreal.

Hi. Any plans for Eddie PC edition + AmneziaWG ?

Hello! We're very glad to announce that Eddie Android edition 4.0.0 beta 2 is now available. New: how to use Eddie in network where the "bootstrap" servers can not be reached Eddie downloads user and infrastructure data, essential to use the service, from special "bootstrap servers" through an encrypted flow inside HTTP. If the bootstrap servers are blocked or the underlying protocol to port 80 is filtered out, Eddie is unable to proceed. Starting from Eddie 4 beta 2 version, the ability to retrieve such data locally has been added. Whenever bootstrap servers are unreachable, Eddie can read the latest available local data to connect to a VPN server. Once connected the bootstrap servers are again reachable and the local data are immediately updated for future usage. The local data remain valid as long as you don't need to change user. On top of all of the above, Eddie can now retrieve such data through the login procedure that now can be started even when a connection to a VPN server was previously established via a profile. Therefore, when you are in a restrictive network that blocks access to bootstrap servers, you can connect through a profile generated by AirVPN web site Configuration Generator. After this first connection, log your account in to the service by selecting the specific option on the left pane, enter your AirVPN account credentials as usual and make sure that Remember me checkbox is ticked: Eddie will download all the necessary files and store them locally. This procedure is "once and for all", at least as long as you don't need to change account. After this initial connection, Eddie will be able to log your account in to the infrastructure, retrieve servers data and establish connections without profiles and without bootstrap servers, offering again full AirVPN integration even when bootstrap servers are unreachable. Only If you change account you must repeat the procedure. New: "Open with..." option added to "Export" option Different Android versions allow management of files with different restrictions. Different apps may support different intents on specific Android versions. To enlarge total compatibility, now Eddie offers two different options to export and manage files, including generated profiles. You will find the usual "Share" option (note: now renamed into "Export") coupled with a new "Open with..." option. Some apps support only one intent, other apps only specific intents on specific Android versions, and so on. By adding this option Eddie enlarges considerably the amount of apps you will be able to open and/or share files with. New: AmneziaWG parameters range validity AmneziaWG parameter range validity has been documented in three different ways (official web site, GitHub documentation files, and developers comment) and the web site documentation that it's still official is in reality not aligned with the source code. The new parameters range validation adopted by Eddie 4.0.0 beta 2 is based now on GitHub latest documentation integrated by source code analysis. The original message of this thread has been updated accordingly. You will find on it the new download link and checksum, as well as detailed Amnezia description. If you decide to test, please report at your convenience any bug and problem in this thread. If possible generate a report from the app in a matter of seconds: by tapping the paper plane icon on the Log view bar rightmost side you will generate a full system report which will include both log and logcat and have it sent to our servers. Then you just need to send us the link the app shows you (open a ticket if you prefer to do it in private). Kind regards & datalove AirVPN Staff

giga omega based kornephoros was struggling to cope with extra demand after wurren was decommissioned. this is gonna be awesome.

Yes, I know. I wrote the whole guide back in 2012 and it's only been updated by scant few other users since then. I had the least amount of problems with Tomato than with any other router firmware I've ever used. Just brilliant. I wish it were still maintained.

Congratulations on the launch. This is great news for CA which has had most of its 2 Gbit/s servers pretty saturated during peak hours. Hopefully the ghost of Wurren does not come back to haunt us.

Yes. This is because the ISP has blocked the boot server. Please open the ticket to obtain the private boot server from the staff, or wait for the subsequent Android version update. It is said that in the subsequent version, the login information will be saved locally. Then, there will be no need to log in every time. Just log in once and you can use it as before, just like the computer version.

So i still can't reach airvpn servers in .Ru for logging in from my phone. Here is what i have: I can use airvpn from my PC, found a solution, but there is no such configuration for a phone. I try amnezia in the same networtk via wifi and can't even log in. But works fine if i start other vpn and open airvpn app, i get my subscriprion plan and other information. Should i ask support for private workaround solution?

Original message by @Pit61 . It updates the setup for FreshTomato based routers. Here is my working Open VPN config on a Netgear R7000 with Fresh Tomato:

Hello! We're glad to inform you that AmneziaWG support has been implemented in Eddie Android edition 4.0.0 beta 1 and it will be progressively implemented in all the other AirVPN software. https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/ Eddie Android edition public beta testing is going very well and the development team is optimistic about a near future release. This is only partially true. When you use CPS on your side and you connect to a WireGuard based server, demultiplexers will identify the traffic according to the CPS settings (QUIC, DNS...) only initially. They will soon be able to detect the traffic as WireGuard traffic. With DNS mimicking this happens just after the handshake, while with QUIC the inspection tools need much more time. We can confirm the above after several experimental tests we repeatedly performed with deep packet inspection. Anyway QUIC mimicking is effective and actually it can nowadays bypass in about 100% of the cases the blocks in both Russia and China. But we have planned to support Amnezia on the server side too, because the current method is anyway not so strong on the long run. When we have Amnezia on the server side too, no tool is able to ever identify the traffic as WireGuard traffic: it remains indefinitely identified as QUIC. Currently we are still at a testing phase, but the outcome so far is very promising. Stay tuned! Kind regards

To give some numbers, with these settings along with MTU tuning (1440 in my case since no IPv6): I have been able to roughly 2.5x my speeds from 400 Mb/s average to 1000 Mb/s average which is essentially my line speed. Also, I have seen people ask about how to use Gluetun + qBittorrent in other posts, and this is where I learned how to do it: https://wiki.serversatho.me/. I hope these resources will help!

Hi all, I've always been trying to maximize my seeding speeds when using qBittorrent, and a lot of information I found online was not very helpful. My setup is qBittorrent 4.3.9 from hotio with Gluetun on TrueNAS Fangtooth. My best speeds have been obtained on the servers Taiyangshou and Vindemiatrix with WireGuard. I am in North America, but I don't think latency matters as much as I originally thought for P2P use cases. These two servers in the Netherlands have been very nice and I definitely recommend trying out different servers. In my use case, I have hundreds of larger torrents, maybe half are 50 GB+. I have found that since I am using hard drives, the random reads will quickly overwhelm them even with ARC and L2ARC, thus setting the "Global maximum number of upload slots" is very useful (this is the only one I have turned on in the "Connection" tab). This limits the total number of peers you can upload to globally, and the idea is that you limit the total amount of random reads this way. The magic number that works the best for me is 50, and I recommend trying around this range by increments of 5 might work nice. Additionally, I could keep increasing the "Global maximum number of upload slots" without much rise in iowait, but total throughput would decrease. Therefore, when optimizing this setting it is a balance between enough slots to saturate your bandwidth, but not too much where it spreads the bandwidth too thin and negatively impacts total throughput. I have also attached the advanced settings that I changed which seemed to make the greatest impact. Send buffer watermark: 6144 KiB Send buffer low watermark: 3072 KiB Send buffer watermark factor: 200 % Socket backlog size: 4096 I hope this is helpful! Best, Hypertext1071 Edit: For further tuning this might be helpful: https://github.com/felikcat/seedbox-tutorial. Edit 2: Using the settings from here: https://github.com/felikcat/seedbox-tutorial, including the sysctl configuration completely saturate my line speed. I was trying to search for qBittorrent in particular, and thus wasn't able to find results that were generally helpful, such as network tuning.

Thank you! Please use the Configuration Generator. Turn on the "Advanced" switch. Generate a file with the Configuration Generator for WireGuard for the server or country you want to test. Download the file and edit it with any text editor. To begin with, add these parameters in the [Interface] section: Jc = 20 Jmin = 50 Jmax = 1000 S1 = 0 S2 = 0 H1 = 3 H2 = 1 H3 = 4 H4 = 2 Import the file into your PC AmneziaWG client, or use it with the AirVPN Suite component Hummingbird, and even in Eddie 4.0.0 (you can do it in the "VPN profiles" view once the file is in your Android device) and use it to test a connection in Amnezia mode. If it fails please try a connection directly from Eddie, without profile, in Amnezia WG. If it fails too enable QUIC mimicking in "Settings" > "Advanced" > "Custom AmneziaWG directives" and test again a connection. Keep us posted! Kind regards

These are the AmneziaWG parameters I use in China. This set of parameters can reliably bypass the GFW. Staff can take a look. Jc = 20; Jmin = 50; Jmax = 1000; S1 = 0; S2 = 0; H1 = 3; H2 = 1; H3 = 4; H4 = 2;

Great! Eddie finally supports AmneziaWG, and UDP finally has a masquerade protocol. Another protocol has been added to the list of protocols for bypassing China's Great Firewall.

Do you intend to add it to PC's client at some point as well?

I never had any issues with Mullvad. The only reason I left was because they got rid of port forwarding. AirVPN has been great so far as a replacement.

Hi Everyone! Over the years there's been advice to avoid μTP in torrent clients like qBittorrent and use TCP exclusively (when using a VPN). And I have followed this advice. But now I wanted to check in again to see if that is still the case - Is it still recommended to avoid μTP? I'm asking for two reasons - 1) when this advice first came out I think we only really had OpenVPN. Now the default is Wireguard. Does that change anything? And also 2) I recently had a couple of torrents I was trying to download and they were stalled and dead. But when I enabled μTP with TCP, they sprang to life and downloaded lickety-split. So, just wanted to see if anything had changed - or whether my experience was just an anecdotal one-off. Cheers!

Anyway I understand your position, no problem. Like Russians say "Сытый голодного не разумеет" ("the well-fed does never understand the hungry").

There are surely some similarities between the two systems, fair enough. And still you need to differentiate between them so that you don't spread FUD, the most dangerous kind of information in times of Trumpism everywhere. A dictatorship is characterized as a one-man political system. The best successor is believed to be the choice of that dictator. In a monarchy on the other hand, all power is in the hands of a family. The best successor is believed to be the descendant of a monarch. Here's a non-Wikipedia source for you. And another one. And another one. Then you need to tell the "classical" hereditary monarchy, the ones depicted in history books and probably Game of Thrones or something, apart from a constitutional one. This one is a literal game changer, let me tell you, because in a constitutional monarchy a king/queen does only hold ceremonial power at best, which disqualifies the stated EU monarches as dictatorial, seeing as their political system is effectively a collection of mechanics from democracies, like a party system and the separation of powers (example Netherlands: parties like PvdA (social democrats) and 50PLUS (conservatives/senior focus) debating in the Tweede Kamer (= House of Representatives) about laws and regulations = the legislative, even though King Willem-Alexander is in fact king). The closest thing to what you describe would be the absolute monarchy which is where I would agree with you that it can be strikingly similar. But we don't have those in the EU (save for Vatican City, maybe), and this is an objective fact. How you feel about this is unimportant. Now, let's stop the off-topic. Should anyone want to discuss this further with me and others, post to the Off-Topic forum or write me a message. ---