Leaderboard

Hello! We're very glad to inform you that AirVPN has begun to actively contribute to OpenVPN 3 development. Our first goal has been adding support for ChaCha20 cipher with Poly1305 as authenticator on OpenVPN 3 Data Channel. ChaCha20 is a stream cipher developed by Daniel J. Bernstein which combines strength and remarkable performance. https://en.wikipedia.org/wiki/Salsa20#ChaCha20_adoption When compared with AES-GCM, ChaCha20 offers significant computational relief to all AES-NI non supporting processors, such as ARM processors. ARM processors, routinely used on very many tablets, smart phones, media centers, smart TVs and routers, will get great benefits from OpenVPN with ChaCha20. Our tests show that CPU load caused by ChaCha20 on recent ARM 64 bit processors is at least 50% less than AES-256-GCM, on equal terms, which translates into dramatic performance boost and longer battery life (if you have ever tested Wireguard on an ARM based device you know what we mean). OpenVPN 3 is a client library. However, OpenVPN 2.5, which is currently in beta testing and includes all the necessary servers features, supports ChaCha20 on the Data Channel. Therefore, making OpenVPN 3 with ChaCha20 available to our users and allowing a real life test will be a matter of days. We will progressively release beta clients for Android, Linux, OpenBSD and FreeBSD, in this order. We are considering a porting to OpenIndiana as well. Internal alpha testing has concluded successfully. We have already pulled a merge request to OpenVPN 3 main branch, to let the whole community take advantages from our code, and let OpenVPN developers merge the new code into the main branch if they wish so. https://github.com/OpenVPN/openvpn3/pull/78 Implementation has been designed, developed and programmed for AirVPN by ProMIND, who is also Eddie Android edition developer. Stay tuned, more will come! UPDATE: https://airvpn.org/forums/topic/44069-openvpn-3-development-by-airvpn/ The above linked topic is now the central thread to discuss anything related to OpenVPN 3 development and testing. Kind regards and datalove AirVPN Staff

Very interesting read, if true. https://vpnpro.com/blog/hidden-vpn-owners-unveiled-97-vpns-23-companies/

Hello! We are very glad to inform you that our OpenVPN 3 development is progressing swiftly. Today we implemented directive ncp-disable which was still unsupported in OpenVPN 3. https://github.com/AirVPN/openvpn3 The directive is instrumental to allow clients Data Channel cipher free selection between those available on server, when ncp-ciphers is declared on server side, and keep at the same time total backward compatibility. Since when we implemented ChaCha20-Poly1305 https://airvpn.org/forums/topic/43850-openvpn-3-development/ on OpenVPN 3 Data Channel, "ncp-disable" has become a priority to provide servers and clients with maximum flexibility. We can therefore leave total freedom to clients to pick between AES-GCM, AES-CBC and ChaCha20 while preserving full backward compatibility. Clients with AES-NI supporting processors will prefer AES, while clients running on CPUs without AES-NI, for example most ARM CPUs, will of course tend to prefer ChaCha20. We are working hard to bring you first and foremost a new Eddie Android edition beta version to let you test ChaCha20-Poly1305 on your Android devices as soon as possible. All internal tests both with ChaCha20 and ncp-disable have been fully successful so far. Fingers crossed, maybe you will see a beta release as early as next week. https://github.com/AirVPN/openvpn3 Changelog 3.3 AirVPN - Release date: 13 July 2019 by ProMIND - [ProMIND] [2019/06/02] Forked master openvpn3 repository 3.2 (qa:d87f5bbc04) - [ProMIND] [2019/06/06] Implemented CHACHA20-POLY1305 cipher for both control and data channels - [ProMIND] {2019/07/10] Implemented ncp-disable profile option Kind regards and datalove AirVPN Staff

Hello! AirVPN is very proud to introduce for the first time ever OpenVPN 3 support for ChaCha20-Poly1305 cipher with Eddie Android edition 2.4 beta 1. The new implementation means remarkably higher performance and longer battery life for your Android device. CPUs that do not support AES New Instructions, typically ARM CPUs mounted on most Android devices, are much faster to encrypt and decrypt a stream of data with ChaCha20 than AES. At the same time, ChaCha20 offers the same security when compared to AES. https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant You can test right now the new cipher. We have prepared three test servers running OpenVPN 2.5 and supporting ChaCha20 in Canada and the Netherlands. When you pick ChaCha20 as cipher in Settings, Eddie will filter properly Air VPN servers to let you connect to them. You can participate to testing by joining the beta community in the Google Play Store here: https://play.google.com/apps/testing/org.airvpn.eddie You can also download Eddie Android 2.4 beta 1 apk directly from our repository: https://eddie.website/repository/eddie/android/2.4beta1/org.airvpn.eddie.apk The outstanding feature has been made possible by AirVPN implementation on "OpenVPN AirVPN" of new directives, never supported before by OpenVPN 3, as well as a brand new, rationally re-engineered class for AEAD ciphers, which currently includes both AES-GCM and ChaCha20. Development of OpenVPN 3 will go on during the next months. Here's the current status: Eddie Android edition available languages are: Chinese (simplified), Chinese (traditional), Danish, Dutch, English, French, German, Italian, Portuguese, Spanish, Russian, Turkish. Eddie for Android is free and open source software released under GPLv3. We invite you to check from independent 3rd parties lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie Please feel free to report any bug, glitch etc. in the thread. Also, it would be great if you can report a comparison between performance from your Android device with AES and ChaCha20, on equal terms when possible (same experimental server, same load on your Android device...), including your Android version and device specifications if possible. New in version 2.4: Updated native library to OpenVPN 3.3 AirVPN ChaCha20-Poly1305 support on both OpenVPN Control and Data channels Support by OpenVPN 3 AirVPN of ncp-disable directive integrated in the app according to the cipher suite picked by the user For new features complete list, please see the changelog at the bottom of this post Main features: Free and open source OpenVPN GUI based on "OpenVPN 3.3 AirVPN" The only Android application officially developed by AirVPN Robust, best effort prevention of traffic leaks outside the VPN tunnel Battery-conscious application Low RAM footprint Ergonomic and friendly interface Ability to start and connect the application at device boot Option to define which apps must have traffic inside or outside the VPN tunnel through white and black list Localization in simplified and traditional Chinese, Danish, English, French, German, Italian, Portuguese, Russian, Spanish, Turkish Full integration with AirVPN Enhanced security thanks to locally stored encrypted data through master password Quick one-tap connection and smart, fully automated server selection Smart server selection with custom settings Manual server selection Smart attempts to bypass OpenVPN blocks featuring protocol and server fail-over Full Android TV compatibility including D-Pad support. Mouse emulation is not required. Enhancements aimed to increase accessibility and comfort to visually impaired persons AirVPN servers sorting options Customizable "Favorite" and "Forbidden" servers and countries OpenVPN mimetype support to import profiles from external applications Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profiles Support for custom bootstrap servers Support for favorite and forbidden countries AirVPN broadcast messages support User's subscription expiration date is shown in login/connection information The app is aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resources Optional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devices Localization override. User can choose the default language and localization from one of the available ones Favorite and forbidden lists can be emptied with a single tap VPN Lock can now be disabled or enabled from settings VPN reconnection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled) User can generate an OpenVPN profile for any AirVPN server or country and save it in OpenVPN profile manager Server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connection Network name and extra information are shown along with network type Device network status management Kind regards & datalove AirVPN Staff Changelog 2.4 beta 1 (VC 24) - Release date: 19 July 2019 by ProMIND [ProMIND] Updated native library to "OpenVPN 3.3 AirVPN" supporting CHACHA20-POLY1305 cipher and ncp-disable profile option (forked from OpenVPN:master 3.2 qa:d87f5bbc04) [ProMIND] Updated default manifest to V256 airvpn_server_listview_item.xml [ProMIND] added a new layout for showing server's warning_open field AirVPNServerProvider.java [ProMIND] Added cipher filter according to user settings AirVPNServerSettingsActivity.java [ProMIND] Added encryption algorithm option for AirVPN servers AirVPNServer.java [ProMIND] Added class members to comply to Manifest V256 AirVPNServerGroup.java [ProMIND] New class for manifest V256 handling AirVPNUser.java [ProMIND] getOpenVPNProfile(): profile generator uses "cipher" and "ncp-disable" according to the user settings [ProMIND] getPasswordDialog(): soft keyboard is shown by default [ProMIND] loginDialog(): soft keyboard is shown by default CipherDatabase.java [ProMIND] New class for manifest V256 handling ConnectAirVPNServerFragment.java [ProMIND] Show a warning in yellow in case server has a warning_open status [ProMIND] Servers are now filtered according to selected encryption [ProMIND] searchDialog(): soft keyboard is shown by default ConnectionInfoFragment.java [ProMIND] Added cipher name and digest to info box OpenVPNTunnel.java [ProMIND] Added method getProtocolOptions() QuickConnectFragment.java [ProMIND] Show user selected encryption in status box SettingsActivity.java [ProMIND] Added encryption algorithm option for AirVPN servers SettingsManager.java [ProMIND] Added methods getAirVPNCipher() and setAirVPNCipher() SupportTools.java [ProMIND] Changed AIRVPN_SERVER_DOCUMENT_VERSION to 256 [ProMIND] editOptionDialog(): soft keyboard is shown by default VPN.java [ProMIND] Added class members cipherName and digest

Hi Mikeyy, thanks to your excellent manual I've setup VPN on my DS. The VPN started, but nothing is routed over it. As a test I downloaded something via a newsserver with Downloadstation. But according to the Network Interface the amount of sent and received bytes stays at zero. And in my AirVPN the traffic also stays at 12/13 Kb received/sent. Any idea? p.s. I am on DSM 6.1 beta with active airvpn membership. During install there was no option to compress data on the VPN. I still can connect to the webinterface of my DS without implementing 3.1.

Hello! Today we're starting AirVPN ninth birthday celebrations! From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 22 countries in three continents, providing now 230,000+ Mbit/s to tens of thousands of people around the world. Software related development has also been powered up. Eddie Android edition is now a fully mature application which features an exclusive best effort method to prevent traffic leaks and a complete integration with AirVPN. In 2019 AirVPN has also started operating in South America, on top of Asia, Europe and North America, and the infrastructure has grown significantly, counting now on more than 260 bare metal servers, whose traffic is mainly powered by tier1 and tier2 transit providers. AirVPN has also become recently an EFF "Super Major Donor" member. Furthermore, and we're very glad to announce it here publicly for the first time, development for OpenBSD and FreeBSD has started. We are also integrating OpenVPN 3 on new software which will couple Eddie on UNIX-like systems, including Linux, during the second half of 2019. GDPR compliance was already a de facto standard for AirVPN way before the Regulation entered into force, mainly because we don't collect personal data, period. By the way the compliance is now fully formalized (check details in our Privacy Notice and Terms https://airvpn.org/privacy ). AirVPN provides probably the strongest protection to your data, not only personal data but all data, you can find on any service. If you are an AirVPN customer or user, you are probably aware that our service is radically different than any other VPN service you might have met anywhere. No whistles and bells, no marketing fluff, no fake locations, no advertising on mainstream media, a transparent privacy policy, no trackers on the web site or in mobile applications, no bullshit of any kind in our infrastructure to sell your personal data to any personal data merchant, and above all a clear mission which is the very reason which AirVPN operates for. https://airvpn.org/mission Many of you know that when you buy AirVPN service, you not only support yourself and improve your ability to exercise your fundamental rights, but you also support AirVPN mission. However, while AirVPN in itself has flourished, AirVPN mission aims and values related to fundamental rights have experienced, in 2018 and 2019, a grim time. Australia "encryption-busting" monstrous law is fully in force; the European Union has definitively approved the bad Copyright Directive, mandating automated filters, which will unavoidably limit freedom of expression on big boards, and making the first step to undermine the liability exemptions of mere conduits and web publishers alike; new threats to citizens' privacy are becoming real through plans of wide face recognition deployment, indiscriminate DNA databases proposals, more pervasive and efficient profiling (possibly even through AI), and strict cooperation between Internet tech giants and intelligence agencies; the persecution of journalists, publishers and whistleblowers all around the world has reached unprecedented levels, revealing a widespread plan to suppress freedom of the press and freedom of expression even in so called "Western democracies". One of the greatest journalists and publishers of all times, Julian Assange, nominated seven times for the Nobel Peace prize and winner of many journalistic prizes and awards, has been and is prosecuted and persecuted for having merely published the truth about war crimes, corruption, torture and more, with a 100% accuracy, and for having protected his sources as any good investigative journalist does. He has been detained arbitrarily and illegally, as widely ascertained and recognized by the UN. He has been victim of an abominable smear campaign based on ignominious lies and defamation, a campaign aimed to turn the public opinion against him and distract from WikiLeaks publications content exposing war criminals in governments key positions, warmongers, torture maniacs, systematic illegal surveillance, endemic privacy violations and plots to limit and reduce fundamental rights. He is currently detained in solitary confinement 23 hours a day, with no access to books, maximum two visits per month, forbidden in practice to coordinate a defense with his lawyers, in a tiny cell of a maximum security UK prison which has been designed for dangerous murderers and terrorists, while UK will decide whether to extradite him to the USA to face a potential 175 years imprisonment. Whistleblowers like Chelsea Manning, who should be regarded as a hero, as Noam Chomsky, John Pilger, Daniel Ellsberg and other titans of our times pointed out, have been tortured and are still persecuted by the very same criminals whose crimes were exposed. Privacy activists and software developers, like Ola Bini in Ecuador, are imprisoned without charges, simply for having showed friendship to Assange or WikiLeaks, or for having developed software aimed to protect privacy through encryption. And the list can go on and on and on. But make no mistake: the dark times we are living in, the environment of fear and intimidation that various governments are building against the exercise of those fundamental rights which our mission forces us to protect to the best of our abilities, the mounting attacks against "encryption for everyone" and the awareness that enemies of human rights nestle inside government agencies, have not undermined our determination. Quite the opposite: they have convinced us that our service is even more necessary now and we are resolute to do even more. Our mission has been and will be empowered by the ongoing support to projects and NGOs which aim to the protection of privacy, personal data and freedom of expression, now more than ever. We have confirmed our support to Tor and we will progressively add support to champions of freedom of expression and privacy in any way our capacities and abilities will allow us. If you're curious to know something about a series of fortunate events which gave birth to AirVPN, have a look here: https://airvpn.org/aboutus To worthily celebrate AirVPN ninth birthday, we're glad to inform you that starting from now we will offer a 20% discount on all long term plans. Hurry up, this special offer will end on June the 11th, 23:59:59 UTC! Check the new prices here. Kind regards and datalove AirVPN Staff

I'm the author of Passepartout and "adware junk" made me sincerely smile. The app recently went from free to paid because it's how I cover a (very) minor fraction of the costs. Not to mention the time I invest(ed) on it, which is far beyond the little money I get from the app. Also, Passepartout has been free as long as I haven't deemed it stable enough to ask people to pay for it. For one, the reviews are 100% legit. It's a strange world where one's guilt is being paid for his hard work. Anyway, I believe that AirVPN users would love an integration with Passepartout.

NOTICE to the Moderator: PLEASE MOVE TO THE RIGHT FORUM Hello, I want to make a thread about split tunneling through a spezific user. I figured out how it works and want to share it. I use Debian 8/9 but it should work with other distros too. Openvpn Split tunnel though user Debian 8 & 9 based Install openvpn from apt or install it via source apt-get update -y && apt-get upgrade -y && apt-get install openvpn htop nload dstat sudo apt-utils iptables curl resolvconf -y nano /etc/systemd/system/openvpn@openvpn.service Config: [Unit] Description=OpenVPN connection to %i Documentation=man:openvpn(8) Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO After=network.target [Service] RuntimeDirectory=openvpn PrivateTmp=true KillMode=mixed Type=forking ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid PIDFile=/run/openvpn/%i.pid ExecReload=/bin/kill -HUP $MAINPID WorkingDirectory=/etc/openvpn Restart=on-failure RestartSec=3 ProtectSystem=yes LimitNPROC=10 DeviceAllow=/dev/null rw DeviceAllow=/dev/net/tun rw [Install] WantedBy=multi-user.target Enable Service systemctl enable openvpn@openvpn.service Download Airvpn/Openvpn config and paste it in there: nano /etc/openvpn/openvpn.conf Add this to the config: nobind script-security 2 route-noexec up /etc/openvpn/iptables.sh down /etc/openvpn/update-resolv-conf Change DNS nano /etc/openvpn/update-resolv-conf foreign_option_1='dhcp-option DNS AIRVPN DNS1' foreign_option_2='dhcp-option DNS AIRVPN DNS2' foreign_option_3='dhcp-option DNS 1.1.1.1' Add user and group adduser --disabled-login vpn usermod -aG vpn XXX usermod -aG XXX vpn Iptables Flush & Rules iptables -F iptables -A OUTPUT ! -o lo -m owner --uid-owner vpn -j DROP apt-get install iptables-persistent -y nano /etc/openvpn/iptables.sh Change INTERFACE, VPNUSER, LOCALIP and NETIF Script: #! /bin/bash export INTERFACE="tun0" export VPNUSER="vpn" export LOCALIP="192.168.1.130" export NETIF="eth0" # flushes all the iptables rules, if you have other rules to use then add them into the script iptables -F -t nat iptables -F -t mangle iptables -F -t filter # mark packets from $VPNUSER iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark iptables -t mangle -A OUTPUT ! --dest $LOCALIP -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 iptables -t mangle -A OUTPUT --dest $LOCALIP -p udp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 iptables -t mangle -A OUTPUT --dest $LOCALIP -p tcp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 iptables -t mangle -A OUTPUT ! --src $LOCALIP -j MARK --set-mark 0x1 iptables -t mangle -A OUTPUT -j CONNMARK --save-mark # allow responses iptables -A INPUT -i $INTERFACE -m conntrack --ctstate ESTABLISHED -j ACCEPT # block everything incoming on $INTERFACE to prevent accidental exposing of ports iptables -A INPUT -i $INTERFACE -j REJECT # let $VPNUSER access lo and $INTERFACE iptables -A OUTPUT -o lo -m owner --uid-owner $VPNUSER -j ACCEPT iptables -A OUTPUT -o $INTERFACE -m owner --uid-owner $VPNUSER -j ACCEPT # all packets on $INTERFACE needs to be masqueraded iptables -t nat -A POSTROUTING -o $INTERFACE -j MASQUERADE # reject connections from predator IP going over $NETIF iptables -A OUTPUT ! --src $LOCALIP -o $NETIF -j REJECT # Start routing script /etc/openvpn/routing.sh exit 0 chmod +x /etc/openvpn/iptables.sh nano /etc/openvpn/routing.sh Change ifconfig to ip if your OS dont support ifconfig anymore or install it. apt install net-tools Change VPNIG and VPNUSER if needed Script: #! /bin/bash VPNIF="tun0" VPNUSER="vpn" GATEWAYIP=`ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1` if [[ `ip rule list | grep -c 0x1` == 0 ]]; then ip rule add from all fwmark 0x1 lookup $VPNUSER fi ip route replace default via $GATEWAYIP table $VPNUSER ip route append default via 127.0.0.1 dev lo table $VPNUSER ip route flush cache # run update-resolv-conf script to set VPN DNS /etc/openvpn/update-resolv-conf exit 0 chmod +x /etc/openvpn/routing.sh nano /etc/iproute2/rt_tables Add 200 vpn Edit vpn filter nano /etc/sysctl.d/9999-vpn.conf Add: Replace XXXXXX with your eth/wireless interface net.ipv4.conf.all.rp_filter = 2 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.XXXXXX.rp_filter = 2 net.ipv6.conf.all.rp_filter = 2 net.ipv6.conf.default.rp_filter = 2 net.ipv6.conf.XXXXXX.rp_filter = 2 Apply Rules and show status sysctl --system service openvpn status Test it IP: sudo -u vpn -i -- curl ipinfo.io DNS: sudo -u vpn -i -- cat /etc/resolv.conf Enjoy

Website: https://new.hulu.com Status: OK Native: no servers Routing to EN (USA): All servers Last update: Aug the 1st, 2018

Hello! We're glad to inform you that, from now on, every account can establish up to five simultaneous connections to AirVPN servers. As usual, no restrictions will be applied on IP addresses. No price increase has been planned for this new feature. We're confident that allowing 5 connections per account at the very same price will meet and even exceed the expectations of our customers. Please do not hesitate to contact us for any further information. Kind regards & datalove AirVPN Staff

A little update: - server location selector added (usually it’s a city) - `remote` lines are terminated with a semicolon - each `remote` has a comment with server country, location and name https://ellie-app.com/65hw6mcDCS5a1

Hello, since 2017 we've been contributing to run about 5-7% of all the worldwide Tor traffic through exit-nodes maintained by Quintex Alliance, please check our mission page. Kind regards

I would ignore his comment. He likely made that judgement without ever even seeing or using your app. Keep up the great work! Also, I know several iOS users would be very happy to have AirVPN integration into your app. It would be great to be able to simply login into AirVPN on Passepartout and then simply select a server from the list and connect to it. Because right now we iOS users have to go to the profile generator, select the server and config they want, download the profile and then finally add the new profile each time we want to connect to a new server we haven't setup before on iOS.

How the hell are you guys even finding the posts about your own software on off-topic forums like this one? First ViewDNS, and now you... It's quite a difficult thing to code for iOS, given that you need to pay to be able to be found on the store.. seems cruel. And then the users mostly need to pay for the apps, because if not, they often pay with their data. Maybe that's all what was needed for Mr. zhang888 to judge your app. A price tag does of course not mean you won't additionally pay with your data. But as I said, it looks promising. It's your decision in which direction you want your app to go. I'm sure some users would find it advantageous.

Thank you! Of course. The idea has been floating around since several years ago https://community.openvpn.net/openvpn/wiki/RoadMap The OpenVPN 3 Core Library is based on a different approach, implementing the OpenVPN protocol as a C++ library. This gives lots of the same possibilities and modularity as this draft tried to resolve. Further, OpenVPN 3 is multi-thread capable and integrates with ASIO for all asynchronous processing and socket handling.

Happy birthday! Been going about 5 years now on the service and have recommended it to many. Will continue to support for the foreseeable future

I'm an Apple system admin for a living. This is NOT a problem, it's actually a security feature keeping you safe. That username/password prompt is asking you for temporary admin rights so that the Eddie client can do the OS changes it needs to do. Routing table stuff, new network interface creation etc. Any of the workarounds to prevent this is a major security issue as essentially you're force running the client as the root admin user.

thanks Airvpn, but i am good for 2705 day's. See you at the next happy b day.

Updated to reflect changes on 03-Aug-18 (previously, access was blocked from most servers).

Hello! Drastic changes have been implemented on Aug the 1st, 2018, so if you notice any malfunction on some server please report back (ticket or "Blocked website warning" forum). Kind regards

Updated again on July the 28th 2018 to reflect major changes. Kind regards

Hi Mikeyy, sorry for the delay. Before your answer I did figure out a restart myself. And that got things going. But my forum message was still not approved, so I couldn't alter it. So in the end I managed to download stuff via DS Get via VPN. But all of my webservices were not reachable anymore. I read about that before hand, but thought a bit too optimisticly. After reading up on it, I got scared whether I would be able to have a VPN and run my webservices at the same time. I would need passthrough of: -torrents -IMAP -SMTP -POP3 -webinterface of synology To be honest I am afraid that I am not capable enough to make all those things work.

I don't have a synology but this is a great guide.

First of all: Thanks a lot for your great work, Mikeyy! I followed your instructions to set up a vpn client by using the ovpn file. There's one strange thing: When the DSM is rebooted the client starts automatically, but it does not fully establish the routing table. I have to stop it and start it again to get it work. --> pics left to right. Any ideas what the reason could be? Greets

Website: http://www.zdf.de/ German TV channel ZDF (Zweites Deutsches Fernsehen). Status: OK Native: DE Routing: All servers.

Website: Swisscom TV Switzerland streaming television from Swisscom, Live and On Demand. Status: OK Native: CH servers. Routing: All other servers.

http://www.wilmaa.com For the best streaming television that Switzerland has to offer, there’s but one name, and that name is wilmaa. Status: OK Native: CH servers. Routing: All other servers.

Website: http://www.mtv.it Italian website and streaming TV Status: OK Routing: All servers to IT route.

Website: http://www.realtimetv.it Italian streaming TV Status: OK Routing: All servers to IT route.

Website: http://www.dmax.it Italian streaming TV Status: OK Routing: All servers to IT route.

Website: http://www.cbc.ca Official CBC television site for Canada Status: OK Native: CA servers. Routing: All other servers.

Or neither of those. Did you check other clients? Did you check their connection configuration? The config of your interface? And where the hell are your OpenVPN logs? People keep bringing this possibility up all the time. Pointing fingers seldomly helps unless you point it at yourself.

I use AirVPN for many years and super happy about it. On iOS I used the official openvpn app but recently discovered an alternative: passepartout (Edit: since it's a commercial app, not sure it's ok to paste here but here is the link https://apps.apple.com/jp/app/passepartout-openvpn-client/id1433648537?l=en) So far it has great features but I'm not sure if it's really secure or impacting Air's features in any way. Does anyone use it or have some info about it? Thanks!!

Hello! We're very glad to inform you that twelve new 1 Gbit/s servers located in Alblasserdam (Netherlands) are available: Aljanah, Alpheratz, Aspidiske, Capella, Eltanin, Larawag, Melnick, Muhlifain, Piscium, Scuti, Suhail, Tiaki. The AirVPN client will show automatically the new servers. If you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, they support OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Actually, I just went through everything and setting up an F-Droid repository is as easy as copying your built apk to some webspace and issue one command.. so one doesn't have to build it at all. Unless you want a nightly repo, then things get much more involved. Which I will probably do for the lulz. Nevertheless, I successfully built Eddie for Android and that is also as easy as importing the git with Android Studio and Build > Build APKs... > Release.apk. Fine work there.

For this a rerouting server is enough. It was not considered in the past. I guess, demand is not high enough to make it reality yet. A full server will not come, see Net Neutrality Is Trump's Next Target.

It's been a while since my last "review" - 2.5 years to be somewhat exact. My first one even dates back to 2014. Both are interesting reads if you want to know more about my story and how I used AirVPN over the years - along with my experiences with AirVPN, of course. I quite can't believe it myself that I'm still here after five years. It's not like I expected Air to fail miserably, but I sure expected that after 3-4 years maybe the time will come to try something new because AirVPN wouldn't be able to satisfy me for some reason.. But no, I'm still here. And it's not because other VPN providers looked less promising (there was a brief moment when I really wanted to try out IVPN for a change), it's because AirVPN beautifully adapts to problems and trends in the market while staying true to their mission and not breaking anything in the process! The company's strategy is well thought out, both in handling technical challenges and managing users, and I actually enjoy being here. I can wholeheartedly say that I trust AirVPN's decision-making and it's a no-brainer for me to entrust them with "handling" my traffic, because I cannot fully trust my ISP. [h2]What happened since the last review? A year or so ago I was more or less forced to subscribe to Vodafone Cable because I moved to another city and the DSL lines are not as fast here as I expected them to be. It was sad to terminate my subscription to Deutsche Telekom (referred to as DTAG from here) because of this - OpenVPN works extremely well over their network and I was able to reach both my maximum upload and download throughput. And their network is rock-solid, you pay for some numbers and you actually get it in full, no strings attached. I am more than ready to pay slightly higher prices for bullshit-free network access like this. Only downside is that the Snowden leaks revealed NSA's direct access to DTAG customers' traffic... which is just another good reason to always be protected connected. Now, Vodafone is a more cheeky fella. I compare them to Verizon a bit (or was it Virgin?), that one provider who injects (or did inject) advertisements into customers' traffic. I really believe they will start doing this as well one rainy day, so surfing via AirVPN is a must for me, so as to not give them any data to train some AI. Unfortunately, this comes with a price: bad packet ID warnings are a common sight, but they seem to appear irregularly and roughly correspond to the times when I think I don't get the throughput I subscribed to. I think there's some packet reordering happening in the background - rerouting traffic over other nodes or lines, who knows. [h2]Throughput / Server quality and features With AirVPN via Vodafone I was rarely able to reach some 40 MiB/s in download, but 20-30 MiB/s is more common and stable (till the next bad packet ). I see the same symptoms with upload throughput: 50 Mbit/s ordered, I rarely get it uploading on torrents, and I didn't determine numbers by other means. Recently I noticed that specific server/port combinations can reach stable 5 MiB/s. But there are moments when a few simple bad packet ID warnings manage to disrupt even this. Upload throughput fluctuates apart from that between as low as 500 KiB/s and 3 MiB/s. There is a new development here, see below. I use vanilla OpenVPN on Linux with the most recent three servers in Germany, namely Intercrus, Serpens and Tucana, all ports except 53, rotating by route-random. In my ovpn file I made a few comments on some servers: On Intercrus, qBittorrent has a steady 5 MiB/s upload and downloads from my favorite Debian repo with 30 MiB/s more often than any other server.Tucana works extremely well on UDP/41185.Adhara and Cervantes are prone to low throughput. Errai and Ogma are "good", whatever I wanted to tell myself with this. In short: Most german servers can handle 40 MiB/s in download and definitely can hit 5 MiB/s in upload. I won't go into the server's security too much because whatever AirVPN offers should be "industry standard" by now. AirVPN offers little choice on the encryption parameters used - it's always AES-256 with RSA-4096 keys. It's solely there to ensure the max of achievable security across all users and their devices. Use the maximum - it's in the interest of AirVPN and you. [h2] A few remarks on the different client softwares Eddie is so feature-rich, it's almost the go-to OpenVPN client on PC. It runs on all major platforms and can handle itself and some nasty OS situations. Needs more support for external ovpn configs and it needs to drop Mono. Like, now. Please? There's an Android app now, and it uses OpenVPN 3. Mr. Schwabe's client does, too, via setting, and I can tell v3 connects blazing fast and gives more thorough log output. The decision to go with v3 was not a bad one. Unfortunately, this thing is written with Xamarin, using C#, therefore it depends on MonoDroid. Please? We were promised Eddie 3 on GTK+ and Eddie-Android without Mono. The community is awesome (more on that later ). So awesome, it gave birth to Qomui by fellow forum member corrado - an alternative Qt-based AirVPN client for Linux. I don't use any of these - vanilla on Linux and Mr. Schwabe's client on Android do the job for me. I help test Eddie on Android when I have some free time, though. [h2] The community is awesome. Seriously. These forums are a gold mine if you look for knowledge, wisdom, might and magic about pretty much any topic related to (Air)VPN and general computer tech. As I said a few times in the past, the decision to create these forums for AirVPN users might just be one of the more important factors why AirVPN is held in high regard, even if regularly being called out as being "more technical that others". Honestly, you can ask some dumb question and you will not be called dumb - people who love talking to newbies like you will be there. Or, you can ask a very thorough question with lots of tech words in it and concepts one must work with to understand and you will be treated more professionally - people who love minds like yours will be there to advise you. Of course there's a nag here and there, but they are such a rarity that I almost believe writing this is not necessary. But still. Staff is a book chapter for itself. Regularly active on the forums, managing the flood of support tickets, raising an undead army of community forum moderators. You can generally count on their posts to be helpful in their own special way. And yes, you read right: Some of the moderators here were regular users like me and you! And through their engagement with the community and good, helpful practice they got "promoted" to forum moderators. I've known most of them for some time now and they all deserved it very much. If something like that can happen, you know that Staff is not afraid of their users - they encourage contact among them. [h2] Anything more to say? I must realize I'm not the most thorough writer of "reviews". Generally, I let my mind speak for me. So there are definitely some things I, willingly or unwillingly, didn't mention. If you want to find out everything about AirVPN as a VPN provider, you might just register and, I don't know, see for yourself?! You will not regret this. I thank you for your time. Update: I replaced my DOCSIS modem and the throttling is gone! Now I reach stable 4 to 5 MB/s upload throughput! It doesn't seem to have much to do with my ISP in the end. Some uncontrollable feature of the modem, I guess, and no, I am not willing to look deeper.

First, I apologize if this has already been addressed, but I searched the forums and how-to guides and couldn't find an answer. I'm using pfsense with dnsmasq (DNS Forwarder). In my General Setup, I set the DNS server to 10.4.0.1 and select AirVPN as the gateway. Unfortunately, this doesn't seem to work as the AirVPN "gateway" is the same as my AirVPN IP address. If I look at the route table, it adds an entry for 10.4.0.1, but sets the netif to lo0 instead of the appropriate ovpnc#, resulting in DNS queries not working. If I set the gateway to none and manually add the route to the gateway (my AirVPN IP address with the last by replaced with .1), everything works. Obviously, this is a routing issue, but I can't figure out how to get pfsense to correctly enter the route into the routing table. I know I can use unbound (DNS Resolver) and that does work. I also know that I can push AirVPN's DNS server to clients and that also works. However, I've been using dnsmasq for the last 18+ months with a different VPN provider without any problems. However, I am evaluating switching to AirVPN as I like many of its other features/functions (and cost!) much better than my current VPN provider. As of now, everything else I've setup works great with AirVPN except for this 1 annoying issue. So...is anyone else using dnsmasq? If so, how did you solve/workaround this routing issue?

The issue has been already explained: the keys and the internal IP addresses are all on the server, and they are on every and each server. They can be used to correlate specific targets and disclose their identities, while on our current setup that's not possible. It makes a world of difference when you consider threat models in which VPN users are specifically targeted. Maybe you don't understand the importance of this menace because you wrote: which is correct in our setup, but incorrect in Wireguard setup. The attacker CAN get the internal IP address via WebRTC for example and: 1) in our setup he/she does not correlate the internal IP address with the client key 2) in Wireguard setup he/she does Once that's done the attacker may obtain legally (via a court order) the payment data of the user because it can ask us which user is linked to a single IP address (and also the user key for subsequent forensic evidence). Since the VPN IP address is static and unique, we would be of course forced to comply. We wish to underline for the last time that the problem has been acknowledged by developers and we had been told that it would be resolved. Kind regards

Please for the love of it always refer to the official XDA thread about Magisk! There are millions of copycats who design fancy-looking websites and claim they are the official Magisk website. Magisk does not have a website! Their downloads are malicious! Root is mighty and can turn your phone from average to super-freedom but also to super-spyware. Magisk is much more. It's actually the modern replacement for old-school rooting apps and the famous XPosed Framework. App developers with the help of Google nowadays have more options to detect root and disallow usage of their apps if they so desire. It's very easy: You can for example simply check for /system/sbin/su. A phone with original firmware from the manufacturer does not have that binary, so anyone with it obviously had write permissions to /system at some point. SuperSU for example, but also such old apps as Framaroot, are doing this. On the contrary, Magisk does not do that. It still must write to /system to make at least some libraries accessible to the system, but anything else happens in RAM.

Thanks for the reference to Magisk. I looked it up and it is worth further investigation. (I'm used to SuperSU but evidently Magisk is more up-to-date and has other advantages.)

What the hell is this? Why? -.- Doesn't matter. Hope everything works now.

Standard negative stance on anything that costs, I reckon. I don't see many negatives there. It certainly is not negative if it does things better than the official app, which gave a few users around here quite some pain in the past. I don't see an option to stop all traffic when the VPN connection drops, though. Something to consider if you want this.

Having used AirVPN for a couple of years, I'm generally satisfied with the overall service, but I find it kinda annoying that I cannot access certain content on sites like DR (https://www.dr.dk/tv), DPlay, Viafree, etc. while connected to one of AirVPN's servers, or just out of the country. Which is why I would like to request a Danish routing server. Have a nice weekend! Some old, but similar requests:

Hello, it's an important security feature that you could bypass. We strongly recommend that you don't. Yes, there are other applications that gain root privileges without asking you for a password, and they are exploited to gain control of your machine. Remember the Viscosity disaster. Eddie can be started automatically at startup through a command line, if you want no interaction with it: you may run it on one of your init scripts via a shell. We are also moving toward a totally different software approach in UNIX-like machines (including FreeBSD/Darwin based machines like Mac), so you will see anyway important news in the next months. Kind regards AirVPN Support Team

Hello! We inform you that we have started contributions to Chelsea Manning's legal fund. We are proud to contribute to it but not "glad", meaning that in a really democratic and free country Chelsea Manning would not be detained indefinitely for her refusal to testify before a grand-jury (*) in matters that she exhaustively treated before a court martial, and would not need a legal fund at all by now. (*) A grand jury means that the public is not allowed entry: the hearings are held in secret She disclosed nearly 750,000 military and diplomatic documents to WikiLeaks revealing, amongst many other things, war crimes. I will not participate in a secret process that I morally object to, particularly one that has been used to entrap and persecute activists for protected political speech. Chelsea Manning Manning should be regarded as a hero. [...] doing what an honest, decent citizen should be doing: letting your population know what the government, the people who rule you are doing. They want to keep it secret of course. Noam Chomsky Action Network page for Manning's legal fund donations: https://actionnetwork.org/fundraising/chelsea-manning-needs-legal-funds-to-resist-a-grand-jury-subpoena Check our mission page: https://airvpn.org/mission Kind regards and datalove AirVPN Staff

Hello! Can you please test now with Hulu and report back? Kind regards

FINALLY. what a clear guide. thanks a lot!! It works

Website: http://www.rtve.es/ Sample: http://www.rtve.es/noticias/directo-la-1/

MiL0 wrote. Hello! According to our terms of use, you have the right to a full refund, no questions asked. If you wish, and only if you wish, drop us a couple of lines telling us in private which country you connect from and your ISP (in case, use "Contact us" option in the drop-down menu). We would be curious to know just because those ping times are incredibly high, much higher than those recorded from Philippines, China and some countries in Africa. Kind regards AirVPN admins