Leaderboard

Hello! We're glad to inform you that upgrade of server Haedus in New York City is complete. The server is now connected to a 10 Gbit/s full duplex port and line. The upgrade includes a new board with a more powerful CPU. IPv4 addresses and IPv6 block remain the same. This improvement completes the infrastructure upgrade in New York City for the summer answering to the increased bandwidth demand in the area. Kind regards and datalove AirVPN Staff

Hello! Today we're starting AirVPN 13th birthday celebrations offering special, strong discounts on longer term plans. From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 23 countries in four continents, providing now 284,000 Mbit/s to tens of thousands of people around the world. AirVPN is now one of the only three major consumers' VPNs which are still independent, i.e. not owned by big corporations with multiple fields interests, interfering in editiorial publications or intersecting with products or services in conflict with privacy protection. Ever since we celebrated the past 12th birthday, AirVPN operated important, community driven changes: infrastructure power up. Through hardware renewal and new 2, 5 and 10 Gbit/s full duplex lines the infrastructure may deliver now up to 284,000 Mbit/s (full duplex) (+40,000 Mbit/s in one year) additional rewrite of the port forwarding, DDNS and key management service allowing multiple DDNS names and forwarded ports on a device basis various, new optional lists to block spam, ads, trackers and other malicious sources, featuring a unique and fine grained customization which is exclusive on the nowadays market revamped API new API Explorer to generate API call commands and examples from the web interface On the software side, all AirVPN applications and libraries are still free and open source software released under GPLv3. The development of traffic-splitting features on an application basis, already available in AirVPN Eddie Android and Android TV edition, has been planned for Desktop systems too. Check the promotional prices here: https://airvpn.org/buy Kind regards and datalove AirVPN Staff 

Hello! We're glad to inform you that, following the community requests and suggestions, we added five DNS block lists in our system, MIT licensed (*) by Jerry Joseph. GoodbyeAds A programmatically expanded list of hosts used for advertisements, Malware and tracking. Use this list to block ads trackers malwares. Items: 200489 (as of today) GoodbyeAds Samsung A well maintained list containing Samsung hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Samsung ads and tracking can use it. Items: 103 (as of today) GoodbyeAds Spotify A well maintained list containing Spotify hosts used for advertisements. This list helps to block/reduce Spotify ads. Items: 3774 (as of today) GoodbyeAds Xiaomi A well maintained list containing Xiaomi hosts used for advertisements and tracking. Those who are not using GoodbyeAds list and want to block only Xiaomi ads and tracking can use it. Items: 279 (as of today) GoodbyeAds YouTube A well maintained list containing YouTube hosts used for advertisements. This list helps to block/reduce YouTube ads. Items: 97645 (as of today) ===== By default, AirVPN DNS remains neutral in accordance with our mission. However, you have the option to enforce block lists which poison our DNS, in order, for example, to block known sources of ads, spam, malware and so on. You can manage your preferences in your account Client Area ⇨ DNS panel https://airvpn.org/dns/. We offer only lists released with licenses which grant re-distribution for business purposes too. The system is very flexible and offers some exclusive features never seen before in other VPN services: You can activate or de-activate, anytime, any combination of lists. You can add customized exceptions and/or additional blocks. Any specified domain which must be blocked includes all of its subdomains too. Lists which can return custom A,AAAA,CNAME,TXT records are supported. You can define any combination of block lists and/or exceptions and/or additions for your whole account or only for specific certificate/key pairs of your account (Client Area ⇨ Devices ⇨ Details ⇨ DNS) Different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. An API to fetch every and each list in different formats (see Client Area ⇨ API ⇨ dns_lists service) is active Any change in your selected list(s), any added exception and any added block is enforced very quickly, within few tens of seconds. You don't need to disconnect and re-connect your account. You can define your own lists and discuss lists and anything related in the community forum here Essential requisite to enjoy the service is, of course, querying AirVPN DNS while your system is connected to some VPN server, which is by the way a default setup if you run our software. Kind regards & datalove AirVPN Staff (*) MIT License Copyright (c) 2018 Jerry Joseph Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Hello! We're glad to inform you that all VPN servers are now connected to 1 Gbit/s or 10 Gbit/s full duplex lines and their hardware can use the full available bandwidth, even thanks to software optimization, load balancing and widespread WireGuard usage. To reflect project completion we have modified the real time servers monitor accordingly. https://airvpn.org/status The displayed throughput is again the sum of the total throughput (up+down bandwidth) as usual, but the total available bandwidth is the total up+down bandwidth which the server is, from now on, really capable to use. As usual, if you need a more detailed overview, including stats, history and distinction of up and down bandwidth, you can click the server name. Kind regards & datalove AirVPN Staff

@Undated8198 Hello, we have no plans to remove port forwarding, quite the contrary: we are currently deploying resources to delay port exhaustion and find alternative, but comfortable, procedures to keep offering this service in anticipation of port exhaustion. As you can see we already limited to new customers the amount of bookable ports, in order to preserve advertised features to those who are already our customers. We are committed to avoid retro-active modifications of the service for pre-existing customers, when such modifications would be detrimental for the service or anyway betraying an advertised feature. Kind regards

Hello! We're very glad to inform you that a new 10 Gbit/s server located in Alblasserdam (the Netherlands) is available: Dalim. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Dalim supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Dalim Do not hesitate to contact us for any information or issue. Kind regards and datalove

Hello! We can disclose only now that we had a server in Toronto seized in 2015, initially without our knowledge. Maybe a court order was served to the datacenter. For about 10 days we did not understand what happened to the server, which did not respond, while the datacenter did not provide information. After 10 days Italian police (and not any magistrate) contacted us. They informed us that Toronto police and FBI (*) asked for our help because they could not find any log in the server. Unfortunately their help request came after the server had been already seized. They did not even make a copy, they took it physically, therefore the server went offline, probably alerting the alleged criminals. It was obvious that forensic analysis could not find any log, simply because there were none. Our VPN servers did not even store the client certificates, go figure (now they also run in RAM disks, but in 2015 they did not). The whole matter was led by informing us without any document from any court or magistrate, but only through informal police communications, and only to ask for help after forensic analysis obviously failed completely. We were not asked to keep confidentiality on the matter, but just to stay on the safe side and support the investigation on what it appeared as a serious crime (a whole database with personal information of a commercial service was cracked, stolen and published in public when the web site owners did not pay a "ransom"; while our server was apparently not used for the crack, it was used to upload elsewhere the database) we decided not to disclose the whole matter for at least 7 years. It's one of those cases confirming that our servers do not store log, data or metadata of clients' traffic. (*) We may speculate that FBI was involved in a Canadian matter because the stolen database contained US citizens' personal data. Kind regards

Hello! We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Toronto (Canada) is available: Wurren. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Wurren supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Wurren Do not hesitate to contact us for any information or issue. Kind regards and datalove

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Sao Paulo (Brazil) is available: Fulu. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Fulu supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Fulu Please note that Fulu will replace Peony and Lalande, which unfortunately in the last 6 months performed very poorly. Peony and Lalande are currently down (again). Unfortunately the uptime of Peony and Lalande has become unacceptably low, so we are forced to decommission them. Fulu can replace both servers as our tests confirm that its superior hardware and connectivity outperform Peony and Lalande together. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team 

Hello! We're very glad to inform you that two new 1 Gbit/s full duplex servers located in Miami, Florida, are available: Gudja and Kang, The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Gudja and Kang support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Gudja/ https://airvpn.org/servers/Kang/ Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex servers located in Chicago, Illinois, is available: Superba. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Superba supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Superba/ Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello ! Introduction Welcome To AirVPN! This is a guide meant to help new people. Whether you're new to VPNs in general or just new to AirVPN. I've tried to keep it fairly short, by using bullet points & spoiler tags. This hopefully also makes it more readable and less scary. I think AirVPN is a FANTASTIC VPN and while I don't own or have any stake in AirVPN myself, I'm a huge supporter of it. However, it can be quite scary and confusing to use when you first get started, so hopefully my little guide willl help you! This guide also includes links to resources provided by Air and other users, but I don't mean to take credit for these things. So please feel free to scroll to the bottom of this guide! Index: Introduction First Questions Getting Started With AirVPN After Downloading The Eddie Client [includes Troubleshooting tips] AirVPN Guides Section [Look here to find guides about: Security/Torrenting/Port-forwarding/Plex/etc.] Other Noteworthy resources Credits Why I made this guide: AirVPN was said to be very technical and thus hard to use. But since it's such a quality VPN, I don't want that to always be the main bad side to this great service. Therefore, this guide is also a response to this problem, so that newcomers can hopefully feel less overwhelmed about the idea of the air to breathe the real Internet. The Air staff clearly put in a lot of work every day and are extremely knowledgeable people, from all that I've seen. It's just that for newcomers, it can be hard and overwhelming finding all the relevant pieces of information and it can easily be too technical, so I hope my little guide will also be useful in that regard. This is also why, I collect other people's guides and put them in this guide, so that they're easier to find. However, Thank you to AirVPN, Staff and the many knowledgeable members of this community who help out people like myself quite a lot, through their contributions to the site everyday :] Feel free to leave feedback on this guide, both good and bad, if you want to, because I'll happily read it ! First Questions Do I have to be really technical to use this VPN stuff? AirVPN is one of the more technical VPNs out there and this is pretty much its only major drawback, when it gets reviewed. However, it offers unmatched attention to security and privacy. Not all reviews are entirely accurate either, sadly. Which the AirVPN Staff haven't hesitated to remark on though. So in short: No. But if you're new to VPNs in general and not a tech-savvy user, you do have to accept that you might be confused in the start. But this forum is here to help :]. Due to all the marketing and sometimes paid reviews, it can be hard to find out which VPN to trust at all. This is without even getting to the technical features. Air tends to somewhat pride itself on not overselling things however and so on the face of it, AirVPN can seem like it's no match for other, apparently bigger VPNs, but AirVPN has a lot to offer if you take a look. Will I become totally anonymous or completely secure? Please be aware that when using AirVPN or any VPN, while signed in to things such as your e-mail or other online accounts, you might get incorrect notices of being hacked. You have not been hacked most likely, it's just that when services see you log in from several different IP addresses, they get suspicious. Simply keep calm and investigate the issue. No, definitely not. But in terms of steps you can take to reach very high levels of privacy and security, this is one of the best steps you can take. Privacy and security are hard things. To achieve even higher levels involves sorting out things like your operating system, browser, various habits and using networks like Tor, in addition to a VPN like this. Security is hard. It's rarely, if ever, just a one-off solution. Often, security is as much a process, as it is about a single good product, like this VPN. However. just because a VPN doesn't do everything, it doesn't mean it's useless. A lot depends on what you're trying to do/achieve and who your "enemies" are. Yet it should be said, that AirVPN is quite extreme about security. For Air, it's "all or nothing" in many ways. AirVPN is so focused about security, that they even fix issues before they're published! However, VPNs and others technologies are becoming more and more important, as new spy laws like the UK Snoopers Charter & US Rule 41 Amendment crop up. Please check the question "What does AirVPN do to make it safe to use and does it log or track people?" further down, for more details. VPNs A & B have features X & Y, how does AirVPN compare? For this, check out the forum made specifically for that. It's often the case that features from other VPNs are either already included in AirVPN, aren't included because they're unsafe or just aren't as good as they sound. For instance, a rival VPN might say "We offer PPTP and many other secure protocols!", while Air doesn't, because Air knows PPTP is unsafe. Or they might say they offer a "multi-hop" VPN, which may or may not be useful, according to AirVPN Staff. Support for the protocol known as IKEv2 is another example of where Air doesn't support something, but has good reasons for not doing so. As a final example, you will sometimes see competitors speak of their super-secret "camouflage", "4Dstealth" or "hidden" protocols or servers. This is just marketing for gullible customers . But such aforementioned marketing can greatly confuse efforts to compare Airs product with the competitors. So if in doubt, ask the competitor who is offering "stealth"-something, what it is. If I use AirVPN, will I be able to use service XYZ with it? Please be aware that when using AirVPN or any VPN, while signed in to things such as your e-mail or other online accounts, you might get incorrect notices of being hacked. You have not been hacked most likely, it's just that when services see you log in from several different IP addresses, they get suspicious. Simply keep calm and investigate the issue. Please also be aware that it is NOT the main purpose of AirVPN to get access to geo-restricted content because it's a losing battle and Air cannot control how companies such as the BBC and Netflix act. Being able to get access to a site, generally depends on which service you want and which country it's in. AirVPN doesn't have servers in every country. In general, you can get access to everything. Although services like BBC iPlayer and Netflix actively try to block VPNs. Even services as normal as payment processors, such as PayPal don't always make things easy. This means it's not always possible for a VPN provider to do anything about it. But we do have forums to discuss and notify AirVPN on, so that AirVPN can try to solve it as best as it can. But before you post in that forum, make sure to Read This First, as it might help you & will make your posts more helpful to others. AirVPN has a very useful tool called the Route Checking tool. It allows you to test access to a website from ALL AirVPN servers. Just put in a full link in the search field and click the search button. Then press F5 or hit the refresh button in your browser. Green results usually mean there's access; red results mean the opposite. This is useful for seeing if it's only you who has a problem or only the server you're on. As well as which servers don't have a problem, so that you can switch to using those ones instead. It's most important that it's green in the "HTTP" column. There's many different HTTP Codes, so here's a list. VPNs generally slow down your connection a little. But AirVPN is so good that it's still possible to play Multiplayer games through it, without your connection slowing down too much, in my own experience. What does AirVPN do to make it safe to use and does it log or track people? AirVPN isn't just safe because it promises to be so in its marketing. Instead, it backs things up with hard technical specifications and high standards, that you can verify yourself. AirVPN is logless and can't be forced to log surreptitiously, fully supports P2P on all servers & as per #5 ignores all DMCA requests. Remotely-forwarded ports aren't logged either. Here's additional things Air does to increase its security and privacy: AirVPNs infrastructure conforms to a high degree of openness & transparency. This helps show that none of Airs locations are fake, but only bare-metal & lets users compare with one another. AirVPNs encryption standards are military grade and so for all intents and purposes unbreakable. It also only uses the most secure VPN protocol too: OpenVPN. No PPTP/SSTP/L2TP/IKEv2. AirVPN doesn't use any third party tracking on its website, such as Google Analytics or Social buttons, because they leak. Instead, it uses open-source analytics Matomo, which is closed loop. AirVPNs website meets the highest SSLabs security standards: A+. AirVPN takes its mission to fight censorship and manipulation of the Internet extremely seriously. This also means being highly willing to help out journalists and human-rights defenders. AirVPN only uses FOSS (Free and Open Source Software) in its Eddie client. Therefore the software running on your system is not a security "blackbox", but can be independently verified. AirVPNs Eddie client supports a wide selection of protocols. Including SSL and SSH. As well as anonymising services such as Tor; so that you can "partition trust" and need not trust AirVPN. AirVPN fully accepts crypto-currencies. Including to the point where it accepts Bitcoin directly. No middlemen. So if done right, you can use AirVPN with Air knowing nothing about you. AirVPN explains how it doesn't need to inspect or monitor traffic in order to check for breaches of ToS. AirVPN is against security through obscurity, including in its client software Eddie and so shows all the information it can; which leads some users to erroneously think there's logging going on. AirVPN has since then expanded on this point. AirVPN uses in-house support technicians and not outsourced third-party technicians and external packages such as Zendesk. So as with #3, it's closed-loop. No leakage. AirVPN has a strict location policy, so that it doesn't just set up servers in a new, potentially unsafe or questionable, location. One which can't supply the performance required, either. AirVPN has its own DNS servers and "killswitch" feature. With Network Lock on, any accidental loss of connection from Airs servers won't leak anything about you; including WebRTC. AirVPN is run by extremely knowledgeable technical people and not just businessmen. So they're easily able to both explain, defend and attack subjects on a purely technical level. AirVPN supports the auditing of some of the crucial security software that underlies different systems and also supports other projects/groups/services such as Tor, Edri and OpenNIC. AirVPN runs this forum, which can seem like a small thing, but it's actually really important, as it allows for the open sharing of knowledge, providing of technical support and mythbusting. AirVPN already acts as a "multi-hop" VPN and takes many other measures to increase security, such as separate entry & exit IPs, Perfect Forward Secrecy and HMAC SHA1. AirVPN has a strong focus on avoiding marketing fluff and overselling. Which means you know exactly what you're getting and don't need to deal with deceptive use of technical details. AirVPN is highly consistent with staying constantly on top of any security issue. AirVPN is based in Italy and is therefore within the EU. This has a range of other benefits too. That's 20+ ways in which Air has extremely high security "by default". All made nice and easy for you to use. If you want more, there's a simple 3 step guide for that. But seriously, there's always more you can do yourself. When will AirVPN add country or server XYZ? AirVPN Staff do not usually tell the community when a new country or server will be added. They simply add them. So it's easy to miss. The Eddie client will automatically show them. AirVPN frequently adds new countries/locations. This can be seen in the announcement forum, so please try to check this and the Eddie client (if you use it) before asking. Thank you. Requests for a specific location or addition to an existing one, are fine. But demands to know when something will happen, are futile, since AirVPN follows a strict location policy. The technical specifications regarding security/encryption for the Air servers that are used, can be found here. Further, those technologies and standards allows Air to pursue its Mission. Please remember that even if a country you want hasn't been added, you may still be able to get access to the web-content of that country, thanks to Airs micro-routing feature. Here's some old posts regarding different locations, so that you may not need to ask. Please note that some, such as Japan as of 2018 & Austria, were already added: Italian Servers? Japan/Korea Servers? [staff Comment] Russian Servers? Danish Servers? Middle-East/North African Servers? Indian Servers? Panama Servers? Australian/New Zealand Servers? Latvian Servers? French & Belgian Servers?[uPDATE: French Servers Momentarily Withdrawn] Austrian Servers? Central/South American Servers? AirVPN now allows 5 connections per account instead of 3, but is it possible to buy more connections? AirVPN has increased the limit from 3 to 5 connections. Thus it's unlikely to be possible to buy more connections at any point. But you can use a modified router if you still need more than 5. If you change your router firmware(software) to something like DD-WRT or Tomato for instance, you can make all devices on your Wi-Fi/Router go through AirVPN. However running a VPN on a router is quite hardwork for most routers. So you either need high-grade commercial ones or computers like the ZBOX Nano, converted into routers. That ZBOX Nano PC would be excellent for a VPN to run on, as the hardware is very good; even more than the commercial routers. Only savvy users should consider this. Who runs AirVPN & moderates the forums? The Staff account is the Official voice of AirVPN. Private messages cannot be sent to them. Clodo & pj are the most visible AirVPN employees. Clodo is the developer of AirVPNs "Eddie" client software, while pj is a co-founder of AirVPN. Community moderators: zhang888, giganerd and LZ1. Note that we are NOT AirVPN employees, have no access to Air infrastructure and do NOT speak for Air in an official way. Instead, zhang888, giganerd and LZ1 are a part of what the Air Staff call the Air "forum Staff". Note that member profiles can't be accessed by others by default, unless you add them as friends or they made their profile public. Air itself is based in Italy and so that's where their staff will be sourced from. What are some of the "Status" page functions for & how do I use AirVPNs "Micro-routing" feature? The first page you see when you go to the Status page, is an overview of Airs servers & service. Useful for seeing if any server is down or very busy, downloads and how many users there are. The Ping Matrix shows the latency between Air servers and if there's any (severe) packet loss somewhere. No packets = no connection. The Top Users page can help you verify if others are still getting good or bad performance, compared to yourself. The Checking Route page is for seeing if Air servers can or can't connect to a website you select. Unlike the Ping Matrix. There's also the special AirVPN "Micro-routing" service. To use it, simply make sure you connect to Airs servers & DNS. (Automatic when you use Airs Eddie client). Without the micro-routing, if you want to watch French TV for example, you would have to connect to a French server. But with micro-routing, you can connect to ANY Air server and still watch French TV, as long as the TV's website is on the "Website support" list. It's possible to make requests to get sites added to these lists. Anyway, this micro-routing is very very useful ! Because it means that EVEN IF Air takes all French servers offline for some reason, you will still be able to access French content! Is it free and if not, why should I pay for it? AirVPN is not free, but you can get a short trial if you ask nicely. The Trial has unlimited data and full speed. But you can only get a refund if you have used less than 5GB. Free services don't offer many of the very nice features which let you get around website/service blocks. But it can be hard to market these features to non-technical people, because they're not always easy to explain. Yet once you try them, you will appreciate them. AirVPN has quality servers & connections, as well as guarantees a certain speed, with no limits. So it's possible to play multiplayer games through it. Free services often have to exploit their users in order to survive. This is normally done by tracking you, possibly undermining your security and selling your data to 3rd parties. If a free service is leaking your data due to poor practices and technology by accident or selling it on purpose, what's the point in using it then? VPN means Virtual Private Network. Even if a free service doesn't exploit you, you still don't have the same level of security or assurances, because how would a free service pay for that? Real security is hard and costly. Would you rather go through 5 bad free services, risking your security and privacy or would you rather take your privacy and security seriously the first time, for a small fee? If you only need a VPN 1 time, then it's probably not worth it to use a paid service. But if you know you'll need it often, it's worth the investment. Air has a very cheap 3 day plan too though. Free services often have many limits. But AirVPN is logless, allows 5 devices per account, allows P2P and other protocols, has no data/bandwidth limits & very high security. So basically, you need to be able to Trust your provider, yet why would a free service be trustworthy? They don't owe you anything. But a paid one at least does - not that all paid services are great either though. Not all services on the web offer the same level of protection either, whether free or not. Many services, paid & unpaid, lie to you about where they have servers. Fake GeoIP addresses. Since AirVPN isn't free, is it possible to buy a Lifetime subscription, as with other VPNs? Does AirVPN hold sales at all? This question has received its own dedicated topic, so please click the link below All sales related questions are answered in this dedicated thread. Getting Started With AirVPN If you run into a problem with Airs software for some reason, then please make sure to check if there's an experimental version of the Eddie client you can download. Experimental versions aren't always available. How do I start using AirVPN? There's 3 simple steps: Create Account Choose a Plan Choose your setup Creating an account: You don't need a valid e-mail address. The site software, called IPB, just needs the field to be filled with something. Remember that password recovery will NOT work without a valid address. If you can, don't use something which uniquely identifies you. So even if you name your account ninja10834, that's still better than something about your real name, location or even interests. With this account, you can also post on the forums. However in the beginning, you won't be able to post on these forums immediately. This is because a moderator has to make sure that whatever you post, is both genuine and from a person. So when you click the "post" button, your own post will NOT show up immediately; so just be patient, when asking a question. After around 5-10 posts being accepted, your account will increase in level and you will be able to post things immediately, without any supervision. There's 2 names associated with your account. The first is your login name, which cannot be changed and can't be seen by others. You would need to make a new account, to change it. The second name is your forum display name. In my case, it's LZ1. This can be changed by you at any time, but only matters in the forum. NOTE: it's your login name you use for logging into the Eddie software, together with your login password. Choose a plan: At this stage, you pick both how you wish to pay and how much. It's possible to pay in currencies known as "cryptocurrencies". These cryptocurrencies, most famously Bitcoin, have a range of benefits when it comes to things like security and privacy, if used correctly. If you want to pay using a cryptocurrency, there's some guidance on what to do, further down, in the guides section. However if you're just starting out, it's fine if you just use your credit card or whatever method which suits you. It's also possible to ask for a short trial. You can also scroll back up to the "First Questions" section and look for the information on Air's sales, if you want to wait for a discount. After paying, you will be a "Premium User" and will be able to see how many days you have left of your subscription, at the top of the screen, when you're logged into your account. Choose your setup: AirVPN provides a mobile version of its Eddie app for Android. An iOS version is NOT available due to Apple's restrictive policies. This stage is pretty straightforward. Just make sure you select the right versions and hit Download. Your OS: Find out which Windows Operating System you're running or which GNU/Linux you're running. Mac users must use either Mavericks or something newer. Your Architecture: Most will be locked into 64-bit here, as 32-bit is outdated. Your Format: Windows users should select "Installer" & MacOS users select "PKG Package Installer". Ubuntu/Linux users pick according to distro; adding a PPA will enable auto-updates of Eddie. Your User Interface: Most people should pick Graphical UI. Unless you want to run some kind of headless install, as some technical users do. Then click the big blue Download button and follow regular installation procedures. Now you will be downloading the AirVPN software. DONE. No further reading is required from here. Just open Eddie and click "Connect to Recommended Server". Unless you need a guide for something or want to know some of the finer details. This software is called a "client". This "client" is called "Eddie", because that's what AirVPN calls it. So when you hear talk of "Eddie", it's referring to the software you downloaded. If you don't want to use Eddie for some reason, there's ways of getting around it. But for new and casual users, it's recommended that you use it. If normal Installer Formats create problems, you can sometimes fix them by using the portable formats. A portable download is also useful if you want to store Eddie on a USB stick. If the latest Stable or Experimental release doesn't work for you, then you can download an earlier version, by clicking the "Other versions" link under the blue download button. How and where do I manage my AirVPN settings? You do that in the Client Area Some of the most important things in this area include: Configuration Generator Ports Referrals Number 1 is where you automatically generate the files that your VPN needs to work (if you don't use the Eddie Client, such as if you use Android), after you tick some boxes. Number 2 allows you to tell the VPN which "ports" or "virtual doors" to open, which can speed up things such as your Bittorent client (qBittorent, uTorrent, Vuze, Transmission, etc.) Even though it looks confusing, the only thing you actually need to change, is putting the right number in the "Local Port" field. So if your torrent program uses port 7634 for instance, then you put 7634 into the "Local Port" field and simply click the green add button. Then a number will automatically be generated and put into the big white box at the top. All done. Number 3 shows you the link you can share with other people. If they buy an AirVPN plan, you get 20% of what they pay. Then you can use this money to pay for your own plan. What if I need help during the process? If you need help from Air, you can easily contact them. If you're wondering why AirVPN doesn't have "Livechat" or might take a little longer to reply than other providers, then this is why. However you can also just come to these forums. If you can't post yet, then you can read the various guides which exist. In the AirVPN program called Eddie, there's a tab called "logs", which lists various information about what's happening. You can copy this and post it on the forums so we can help. But when you post your logs, MAKE SURE you post them inside "spoiler tags". If you don't use spoiler tags, you will annoy and make things more difficult for everyone, including yourself. I've used untold numbers of spoilers in this guide, as an example. What are logs, where are they and how do I use spoiler tags? When the AirVPN Eddie software is running, it creates a list of what it is doing. What's connecting, when, where, if something went wrong and so on. A log of events. So when you ask for help on these forums, we will often ask about your logs, because without logs, we do NOT know what is happening, in your specific situation . If you open the AirVPN "Eddie" client software, you will see a "Logs" tab. On the top right-hand side of the window, the 2nd button from the top, lets you copy your logs quickly. After copying the logs from Eddie, paste them into your posts when you need help. Do so by typing the short codes necessary; which we call using "Spoiler tags". This makes it much more convenient for everyone; just like this question and answer, is inside a spoiler . Please try to do it, thank you! Is there anything in my AirVPN account I should change? Go to the top-right corner of the screen and click your account username. Then click "My Settngs" in the drop-down box. Under "Profile Privacy", you might wish to un-check the checkbox, if you want others to be able to view your profile when clicking your name. Under the "Notification Options" tab and then under the header "Topics & Posts", check the box which lets you auto-follow things you reply to. This is very useful. Because then you'll get a little notification in the top-right corner, every time someone replies to a thread you made. This makes getting help more convenient. It's also good for following what's happening in threads that you post in. Remember to check the boxes on the right-hand side, so that you can choose if you want to be notified via the forum or via E-mail . You can also enable notifications for when people "like" your posts, since that can be quite encouraging! Under "Profile Settings", you might be curious about who visited your profile. So you can make it show the last 5 visitors. Everything else such as signatures, allowing others to add you as a friend and so on, are up to you. Enjoy! Is there an Experimental or Beta version of the AirVPN Eddie Client I can try? If so, where is it and why would I want to try it? Note that whenever you download the Beta/Experimental Client, you'll always receive the latest one. You can check your version number after you open Eddie and go to its "About" page. There aren't always any Experimental clients to download and new clients are continuously released. So keep an eye on the announcement section, for Beta/Experimental clients. Just because a release is called the "Stable" version, it doesn't mean the Beta/Experimental client is "Unstable". However don't be surprised if you run into issues . You can find the Beta versions [if one is available] on the download page of your OS, under "Other versions": If for some reason an Eddie client doesn't work, try downloading a "portable" version on the OS download page, under "Format". Being Beta/Experimental, you might run into some bugs. However I use the latest all the time, with no problems really. For more information on what features are added and bugs taken away, go straight to the changelog The Beta/Experimental client often includes fixes for bugs which the "Stable" version of Eddie has, as well as various extra features and changes. This helps all platforms. For example, for Windows, a prior Beta release used WFP (Windows Filtering Platform), instead of Windows Firewall, which meant it became easier to use 3rd party security software. 3rd party security software, are things such as Comodo firewall or Avast anti-virus. Things which you install yourself. In addition, it also comes with the latest software updates "out-of-the-box", such as the latest TAP drivers and OpenVPN patches, so you don't have to update them yourself. It may enable some things by default, which a current Stable version requires you to change yourself (as explained in the next section of this guide). By using the Beta, you can also help AirVPN by providing feedback, which means Air can then make things even better . Each Beta release has its own feedback thread. Just remember to describe the problem, tell us which system you use (Linux/Windows/MacOS/etc.), the client version (Go to Eddie client "About" page) and some logs in spoilers! : D. Thanks! After Downloading The Eddie Client Please remember to share your Eddie logs and use spoiler tags, when you need help from the community. How to do so, is answered in the previous section, thank you! What's "Network Lock" & should I use it? Please be aware that using Network Lock with Tor can be contradictory to try. It's not currently planned for. Please also note that it's expected that Eddie turns off Network Lock, when Eddie is shut down. Network Lock in AirVPN, is what many other VPN providers normally call a "killswitch". So this is Airs own "killswitch". Network Lock (NL) is a way for the AirVPN software to force all of your computers network communications through the AirVPN service, so that nothing "leaks out" about your identity. For new users, I don't recommend using it too soon. I recommend waiting a few days and just getting comfortable with the day-to-day running of the software and then using it later. With NL on, your internet connection will stop entirely, if you lose connection to the Air servers. This is great for preventing information from leaking & is a feature, not a bug. Why is this important? Well, I don't want to name & shame other providers, but one poster showed that his last provider leaked his real IP address during server changes. This shouldn't happen. But with NL on, this won't happen to you, because changing servers in Eddie will mean disconnecting from server A to go to server B. Thus the connection is stopped first & then resumed. No leaks. But if you want maximum security right away and aren't afraid of small technical issues, you can start using it right away. It can always be changed back.. How can I test that AirVPN is hiding my IP and DNS addresses correctly? Turning on Network Lock in the Eddie client will protect you from WebRTC leaks. You can use AirVPNs own service called ipleak.net. Make sure it's .net and NOT .com. Since ipleak.net is run by Air, it has now received its own sub-forum, where you can ask questions, give suggestions and receive information on any changes made to ipleak. Un-configured, browsers like Mozilla Firefox and Google Chrome will "leak" (show) your real IP address through a technology called "WebRTC". To stop WebRTC, scroll to the bottom of the ipleak page and read the very short and simple instructions on how to fix it. It's not overly technical, don't worry. If you torrent files, there's also a torrent on the same website, which you can download in order to test which IP other torrenters would see if you torrented a real file. It's recommended you use Free & Open Source Software(FOSS). With this client, you can make it bind itself to whichever network adapter is using the VPN, which is convenient, so that it only torrents when using a VPN. I can recommend setting ipleak.net as your browser start page, so that every time you start your browser, you'll quickly be able to see if everything is working as intended. Eddie can't connect or is very slow, what can I do? If none of the below solutions work, then it's time to ask the forums or Air support. In BOTH cases, please supply your logs, as detailed before. Otherwise no one can help you. First, please make sure your client is updated to the latest Stable or Beta release. You can see your version number in Eddie>Top Left Corner Menu>About. Head to download page if not. Please try different protocols, at Eddie>Menu>Preferences>Protocols>Uncheck "Automatic">Select a protocol, such as SSL or TCP 443> Save>re-connect to an Air server. Please try connecting to not just different servers, but different countries too. Proximity to your location does not automatically mean better connections; due to routing technicalities. If you're an online gamer, you may benefit from changing the buffer sizes, as mentioned by Staff. If you're a Linux, MacOS or Windows user and webpages aren't loading fully or there's less than optimum speed, you can try the so-called "mssfix". If it's simply a problem with connecting to airvpn.org, then please try the alternate entry: airvpn.info - note that sometimes Air comes under attack from within and so you get an error page. If Eddie, such as in its Logs, says there's problems with route checking, please refer here for a solution. Note: disabling Preferences>DNS>Check Air DNS can be tried at the same time too. If you enabled Network Lock and can't connect to the web without Eddie turned on, then please disable Network Lock or reset your firewall and/or DNS, as shown in the two posts here. If torrenting speeds are slow, then please remember to port-forward and configure your torrent client correctly. For detailed guides on this, please go to the Guides Section below. For some ISPs, such as Virgin Media, please check the Guides Section below, for specific tutorials on how to optimize speeds. In some cases, especially if you run Air directly on your router, it's possible that your computer hardware isn't new enough to handle the encryption quickly enough. For Windows users, updating or downgrading the TAP adapter may work. But this shouldn't be tried as the first thing, as it's often not necessary now. For Windows users, you can try downloading a program called TCPOptimizer. Which other steps can I take to increase my privacy and security? Using AirVPN with Tor is a strong answer, among many other good ones. Here's a further explanation of how AirVPN & Tor work, when together. There's also many other ways to handle privacy and security on multiple fronts. If you're looking for a technical challenge, you can install pfSense on a very powerful computer, to make it act like a router, so that all devices connected to your Wi-Fi will be covered by the VPN. Why not just use an expensive commercial router? Because even expensive ones struggle to handle the protocol known as "OpenVPN" efficiently enough to give excellent performance. You can change the software & hardware you use & support the organisations which try to make things better; such as the FSF/EFF. If you're a geek or networking enthusiast, you can also check out things such as the Turris Omnia router, which offers very powerful hardware & software. AirVPN Guides Section Make sure to check the date of the posts you read below. Hope you like it ! Guides, How To's & Troubleshooting Amazon devices like the Fire Stick, Fire TV Cube and others can be used with Android Eddie without sideloading, according to Staff. Mini-guide by Staff on how to test if your connection is being shaped/throttled [How-To] Use AirVPN with Network Manager on Ubuntu/Mint [How-To] AirVPN via SSL/stunnel on Android 6/7/8 [How-To] fix Virgin Media Connection Drops/Bandwidth Issues Plex Server Guidance (Until someone makes an actual Plex guide) Paying with Bitcoin/Cryptocurrency Guidance. (Until someone makes an actual Cryptocurrency guide) Mini-guides On How To Improve Torrent Speeds Mini-guide On Torrenting With Tixati Client How To Autostart AirVPN As Root With No Password (Linux) Note: security risk & What Staff Says(OSX/MacOS) How To Setup The Eddie Client On Raspberry Pi 3 How To Port-Forward & Use A Torrent Client Guide To pfSense 2.3 For AirVPN Guide to pfSense 2.1 For AirVPN Firefox Extensions Guide Guide To Setting Up VPN For Torrenting On Windows Guide - What To Do When A Site Is Blocked AirVPN Forum Styleguide How To Improve Smartphone Security How To Block Non-VPN Traffic With Windows Firewall How To Connect To AirVPN With Your Fritz!box Router Using AirVPN Through Stunnel On Android Using AirVPN Over Tor Using AirVPN on iOS Check Your TAP Driver Version Explaining The Use Of AirVPN With Tor How To Configure A Synology Device For AirVPN AirVPN & iOS Other Noteworthy Resources Links Please be aware that AirVPN, unlike most, does NOT buy or otherwise use paid-for reviews. An alternative VPN client to Eddie, for Linux. Best VPNs 2016 & AirVPNs results Advanced Networking & Computing How To Break The Internet (Cory Doctorow) (Recommended Watch) Why the OpenVPN protocol that Air uses is good Guide to all things privacy Five Eyes Countries Schneier on Encryption CGP Grey explaining Encryption 10 Myths About VPNs (Ignore the self-advertising) (Recommended Read) The Eternal Value Of Privacy (Recommended Read) Credits Thank you to: AirVPN & Staff for their excellent service and explanations. inradius for his guide on how to use Air with Network Manager on Ubuntu/Mint Omninegro for his pertinent guide on extensions. The always crazily knowledgeable and helpful zhang888, whom I owe a lot to for all his work here. Thanks man. Omniferums excellent guide on securing Windows. pfSense_fans guide on how to use the excellent pfSense firewall software. The always very friendly and helpful giganerd! NaDre for his excellent torrenting guide. neolefort for his Synology guide. sheivoko's guide on using AirVPN through stunnel on Android bigbrosbitch for starting a guide on mobile security Zensen for his guide on how to autostart Eddie on Linux with Root sagarbehere for his nice guide on how to set up Eddie on a Raspberry Pi 3 rainmakerraw for his mini-guides on improving torrent speeds and how to torrent. lewisisonfire for his guide to fixing out Virgina Media-related issues and with nice pictures too. Khariz, giganerd and ~Daniel~ for their helpful posts. I hope the guide was of use! If you find any inaccuracies, feel free to tell me. I worked hours on this tiny guide, so I want it to be perfect haha. I hope your experience with AirVPN will be a good one! Mine certainly has been. If you have any questions, feel free to ask. Thank you for reading :] P.S. I consider myself pretty savvy, but I remember being confused when I got here. So I can only imagine how it is for less savvy individuals. P.P.S. I know it lacks images, but images do evil things to my spoilers, lol.

too many USA servers but the servers are busy? sounds like there aren't enough USA servers then. ;)

OK, I was in contact with AirVPN support who were asking for the version of OpenVPN (it's 2.5.8 in DSM 7.2) and also for the OpenVPN log. I couldn't find it and, while googling the subject, came across a post by someone having similar problems with a different VPN provider. This worked for me: - Go to the config generator - Select Router - Don't click on Advanced, just select UDP 443 (I believe that's selected by default) - Select your server/country/whatever you like - Generate the ovpn file In DSM: - Create a VPN profile - Give it a name - Enter your AirVPN credentials - Select the ovpn file you just generated - Click the checkboxes in the next screen - Click Connect and it should connect... worked here anyway. This had been driving me nuts for a few hours. I even tried another VPN (free trial) which didn't work, so I was really wondering if the server's VPN module was broken!

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Vancouver (Canada) is available: Ginan. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Ginan supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Ginan Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team 

Hello! We're very glad to inform you that the Black Friday week has started in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership and it was never sold out to data harvesting or malware specialized companies as it regrettably happened to several competitors. Ever since 2010 AirVPN has been faithful to its mission. AirVPN does not inspect and/or log client traffic and offers: five simultaneous connections per account remote port forwarding WireGuard support on all servers flexible and customizable opt-in block lists protecting you from adware, trackers, spam and other malicious sources. You can customize answers or exceptions globally, at account level or even at single device level. powerful API IPv6 full support comfortable access to your client certificates and keys management AES-GCM and ChaCha20 OpenVPN ciphers on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard internal DNS. Each server runs its own DNS server. DNS over HTTPS and DNS over TLS are also supported. free software support to traffic splitting on an application basis on Android and Linux (alpha testing) and on a destination basis on Windows and macOS AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 190 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: https://github.com/AirVPN/openvpn3-airvpn AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Promotion due to end on 2023-12-03 (UTC). Kind regards & datalove AirVPN Staff

Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors. Just check this frighteningly long list of terrific features if you dare: a clear mission without compromises https://airvpn.org/mission WireGuard support exclusive and very flexible, opt-in block lists against malware and other hostile entities. Pick predefined lists, add exceptions or additional blocks, define your own lists, or just use our totally neutral DNS by default improved API functions to let you control and configure VPN features and account settings active OpenVPN 3 AirVPN library open source development IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high privacy protection standards no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary no obligation to use our free and open source software to enter AirVPN infrastructure. Interoperability is an AirVPN priority. perfectly clear and easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! We witch you a spooktacular Halloween! Grim regards & datathrills AirVPN Staff

Hello! We're glad to inform you that we have just released: "Road To OpenVPN 2.6" migration plan - https://airvpn.org/road_to_openvpn26/ A new version of Config Generator with options related to OpenVPN 2.6 A new Eddie Desktop beta release (2.23.0) related to the road above, feature-locked to reach stable release https://airvpn.org/forums/topic/56428-eddie-desktop-223-beta-released/ A new server (Marsic), the first running OpenVPN 2.6 powered by DCO (server-side) and ready for client-side DCO. Kind regards & datalove AirVPN Staff

I propose to add an additional option to generate a config file per City (https://airvpn.org/generator/) that will connect to the most optimal server for that city based on server load. This would work similar to how when you connect via Country or Continent. What I mean is when generating config files (https://airvpn.org/generator/) you can only select the specific servers for each city, rather than selecting just the city itself. The problem with connecting via Country or Continent is it will often connect you to a less than optimal server relative to your location. For example, Chicago based connections might be connected to Florida etc. which ultimately leads to connections with bad latency and lower speeds.

This is where AirVPN's superiority becomes overwhelming. From single port randomly assigned per-session to inability to selectively link ports to devices and keys and other missing options (such as remapping), the other services are now lagging fatally behind airvpn.

Hello! Please follow the thread here: https://airvpn.org/forums/topic/56119-new-10-gbits-server-available-bg/ The message by Antonio Quartulli on the end of March implies that our tests had to re-start almost from scratch with the new DCO and the new OpenVPN 2.6.2. Remember that DCO, as reported in the GitHub repository https://github.com/OpenVPN/ovpn-dco ovpn-dco is currently under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time. Remember also that every time the code changes radically our tests must re-start almost from scratch. About the stability, with 2.6.2 and latest current experimental DCO 0.2 module we have not had anymore kernel panics. Given the above you can easily understand that DCO is not ready for production on the server side of course, so we're planning to put a highly experimental server to let the community test with no stability or backward compatibility commitments. For latest issues and updates about them, please follow GitHub as well: https://github.com/OpenVPN/ovpn-dco/issues Kind regards

Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. You can do it in your account Client Area -> Your membership: Purchase and credit -> Print X-Mas after you have bought a coupon. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff

I've been with AirVPN since 2013, and it gives me a laugh every time there is a sale they're still using the same gif. 😄

Hello! We're very glad to inform you that AirVPN Suite version 1.3.0 is now available. This release prepares the road to AirVPN Suite 2, where brand new features are being implemented. 1.3.0 addresses and fixes many regressions inherited from the OpenVPN3 library main branch causing critical errors with various directives and breaking the parser. The Network Lock has been extensively rewritten to solve some minor problems related to nft. Other bugs have been fixed. Please see the changelog for a complete list of changes. The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.3.0 Packages are available both for OpenSSL 3 and OpenSSL 1.1.x (legacy). Pick one according to the version you have in your system. If in doubt, run openssl version command from a terminal to see whether you have 1.x or 3.x version to solve problems specifically related to name resolutions, domain names included in OpenVPN profile "remote" directives are resolved before submitting them to OpenVPN3-AirVPN AirVPN server provided by the client is now properly checked against country's white and black lists Bluetit's run control directive allowuservpnprofiles has been added to let root user control whether external profiles must be allowed or rejected different implementations preparing for WireGuard support planned in version 2 NetFilter class has been re-designed to offer a faster and more robust persistent Network Lock when needed added connection statistics to the system log when raising "event_disconnected" Please check the changelog or detailed information. AirVPN Suite is free and open source software released under GPLv3. Source code is available here: https://gitlab.com/AirVPN/AirVPN-Suite Download page: https://airvpn.org/linux/suite/ User's manual: https://airvpn.org/suite/readme/ Bluetit Developer's reference manual: https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf Some notes: for Raspberry Pi OS 64 bit pick the ARM 64 bit legacy package, because Raspberry Pi OS 64 bit is based on Debian 11 and uses OpenSSL 1.1.x by default. for Raspbian operating system and other 32 bit ARM systems, including Raspberry Pi OS 32 bit, pick the ARM 32 bit legacy package for Ubuntu 22 for Raspberry, pick ARM 64 bit mainline package (not legacy) if you run some i686 Linux let us know. You can still run AirVPN Suite 1.10 but if we have requests we can prepare a package for abandoned systems. Link to AirVPN Suite 1.1.0 for i686: https://eddie.website/repository/AirVPN-Suite/1.1/AirVPN-Suite-i686-1.1.0.tar.gz sha256 checksum: 6454cafc860ccc89da5da933c5bed279b1e1534a750f4423e6937e4fb84779e1 Kind regards & Datalove AirVPN Staff

Version 2.23.2 [bugfix] [macOS] Fixed an issue with disk .DMG build [change] [Windows] curl 8.2.1 [change] [macOS] Preferences > WireGuard > MTU [bugfix] [all] Fix for exit failures [change] [all] OpenVPN 2.6.6 [change] [all] Minor fixes and code cleanup, preparation to net7 upgrade This version will be considered stable as soon as possible. Other issues reported in tickets or in this topic are under investigation.

Hello! In addition to what mentioned earlier, right now we have opened a brand new 10 Gbit/s full duplex server in Toronto, with high end hardware capable to push the throughput near the limit. Shifting to North America in general, we have powered up Miami with the addition of two 1 Gbit/s full duplex lines and two brand new servers with more modern hardware (each one with a dedicated line and port of course). We have improved connectivity in Los Angeles (bandwidth remains the same but now it should be more enjoyable from US residential ISPs). We are also working on New York City for a significant increase in bandwidth, stay tuned. Kind regards

No, if all peers were not reachable BitTorrent would not work at all. The reason is trivial, just study how the protocol works. Actually there are many "dead torrents" not because there are no peers with the complete file, but because those peers in the swarm are active but not reachable. You have the impression that torrenting works even if some peers in a swarm are unreachable only because there are peers which are reachable in that swarm, so unreachable nodes (leechers) can keep leeching. This is the essence of the claims "you can keep torrenting even without remote port forwarding": yes, provided that parasites in a swarm can leech thanks to the effort of others. Maybe you should study how the protocol works before insulting. We're momentarily locking this thread, too many off topics are making it confusing. Kind regards

Split tunneling function in eddie because not everyone can "tinker", because some people see the VPN as a tool and not as a hobby, and because days don't have more of 24 hours... So: yes, no, perhaps, go away?

With news of Mullvad and now IVPN removing port forwarding, can we have assurance from staff that AirVPN is not planning to remove port forwarding?

Bravo! That's how you do it. By preserving what was advertised to all previous customers you have proved your honesty and fairness again. 👏

In case this helps anyone in future - When creating a port forward for a Wireguard interface in OPNSense, the automatic firewall that is created doesn't work. To fix this, go to the wireguard interface firewall rules. Create a new rule that's the same as the automatic firewall rule, except click "Advanced features: Show/Hide" and set "reply-to" to the wireguard interface. Then go back to the port forward rule and set "Filter rule association" to "None" to remove the original (broken) firewall rule.

I use AirVPN for both work and personal. I use it directly on my routers (those that support Wireguard configs) and even use the Eddie client on both Mac and PC when I'm not on my protected router. From basic browsing, to even taking video conference meetings, AirVPN always delivers. If a connection isn't fast, there are so many others that I can connect to. Couldn't be happier.

Hello! We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Sofia (Bulgaria) is available: Wazn. With Wazn, AirVPN infrastructure can now offer 10 Gbit/s full duplex lines and servers in strategic locations all over Europe: Switzerland, the Netherlands, Sweden and Bulgaria, all of them with direct peering with a wide variety of providers and at least two tier2 transit providers. As WireGuard diffusion increases, such servers will be able to use more and more bandwidth, while the imminent OpenVPN DCO deployment on selected AirVPN servers will also provide for more scalability and performance. According to our tests (*) from Italy, the Netherlands, the United States and Germany (from both residential and business lines) and our statistics, in the countries with a presence AirVPN remains the fastest VPN for consumers in the world, both for available bandwidth and round trip times. We are confident that the progressive increase of CPU power and available bandwidth, together with our usual commitment against overselling, will further widen the gap. (*) Tests performed from tier1 providers such as Telecom Italia Sparkle or "near-tier1" ones such as Cogent and Hurricane. Tests performed against a wide variety of well known VPN services, including the most advertised ones. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Wazn supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Wazn Do not hesitate to contact us for any information or issue. Kind regards and datalove

Hello! By adding WireGuard's pre-shared key we are ready to deploy an additional encryption layer supposed to be "quantum resistant". It's important NOT to deploy it right now because ciphers thought to be "post-quantum world ready" are not well reviewed and it may happen that they can be cracked with a classic computer. It happened for example to Rainbow last year. Rainbow was a cipher meant to resist even to quantum computers. It was the state-of-the-art cryptography algorithm in the world, rivaled only by other two algorithms. Except that it was cracked with a modest CPU laptop a year ago or so. https://www.newscientist.com/article/2310369-encryption-meant-to-protect-against-quantum-hackers-is-easily-cracked/ We have 20 Gbit/s server lines as well (10 Gbit/s full duplex). However those lines can not be saturated at the moment due to CPU limits: with a few dozen of connected clients, all vCPU limit is reached well before the line is saturated. This is due mainly to the computational power required by the encryption algorithms and marginally by other reasons. Unfortunately WireGuard is not difficult to block, so it's possible that your ISP blocks it. For additional investigation feel free to open a ticket at your convenience. You over-estimate us. Yes, we have implemented a lot of things to load balance the servers, but it still happens that some servers go at capacity, it's unavoidable, especially nowadays when 1 Gbit/s residential lines are common. Thanks! Starting the 14th year of AirVPN's life. Kind regards

Hello! The upgrade of all the servers marked as "1 Gbit/s" has been completed to at least 1 Gbit/s full duplex lines. Therefore we might now switch to "2 Gbit/s" in the servers monitor. In the past we did not do so because the hardware limits made it unrealistic beating a total of 1.2-1.3 Gbit/s throughput on a single server. Nowadays with WireGuard, and ever since we revamped the load balancing system on different OpenVPN instances, that limit is no more. That's why you can often see servers with "1000 Mbit/s" maximum availability providing much more than 1000 Mbit/s. In Dallas and in the Netherlands servers are connected to 10 Gbit/s (full duplex) lines, 10 servers per each line. We have also expanded our 10 Gbit/s lines in the Switzerland, Sweden, Bulgaria and the Netherlands (10 Gbit/s full duplex line, port and NIC for single servers). In various countries (Canada, the Netherlands, Sweden, USA except New York City and other ones) we don't operate any server in M247 datacenters. Furthermore, all the expansions to 5 and 10 Gbit/s lines (full duplex) has been performed outside the M247 infrastructure. We will continue to do so. In general, in the nearest future M247 presence in our infrastructure should not exceed 30% of the total amount of servers, and should not exceed 15% of the amount of total "available" bandwidth. We have no plans at this very moment for alternative providers in New York City, though. Please consider that the USA housing/hosting market is frequently hostile against VPNs and often against p2p as a protocol in itself, even when it is used to deliver content legally. Since we remained faithful to our mission preserving Net Neutrality (no discrimination against any protocol and application) it's difficult to find a USA provider we can rely on, and M247 is hands down one the most reliable in the world (not only in the USA, of course), so far. Kind regards

@AVPN0815 Hello! That's not entirely correct because we use RAM disks. It is true that an HDD or SSD is used to boot, and it contains a working boot record, grub software or similar, used in turn to load a kernel which must provide TCP/IP, network and basic services support, but anything else is downloaded via network (after the network is up, obviously). At each (re)boot the server can not start, because it is barred from downloading any relevant file until we authorize the reboot, so it will miss even the essential configuration files, scripts, keys... This allows us to check the kernel (once the network is up) and any relevant storage file against a pristine copy, especially if the reboot is unexpected. Once the TCP/IP stack, the network and their essential services have come up, and a manual authorization has been dispatched by AirVPN management, the server starts downloading any other file needed for normal operations, and all of that remains in RAM disks. Kind regards

Hi there, I am the main developer of the OpenVPN DCO kernel module and I am really happy to hear that you guys have been testing it out! The larger the user base, the faster we can find and squash bugs! Regarding compiling DCO, we normally strive to have it always compile on the latest kernel. However, in the past few weeks we were focused on implementing some big and important changes, therefore we had to shift our effort a bit and could not work on compatibility with 6.1/6.2. However, I think master compiles on 6.2 since a month at least. I just tested in this very moment whether it compiles on the latest netdev tree and it does. So it should all be good for 6.3 as well! Regarding issues: if you have experienced anything that could be reported, please do so on GH in the issue page. It's *vital* that users experiencing problems do report them upstream and provide reproducible steps (if possible). At the moment we still have a few "quite hard to reproduce" issues open and it'd be nice to receive any kind of input regarding them if you are experiencing the same.

None of my business, really, but as a member of the community who has used AirVPN daily for years and who has family and friends who have as well, and who is an engineer with decades of experience solving technical problems, I'm just going to interject that I am also offended by the OP's attitude that if something is wrong, surely it must be because someone is trying to cheat him. Super poor vpn performance across many of a providers' servers is actually not indicative of a "bad vpn" (go stand in the corner!), but the technical settings in the software that will work for your situation can depend on many things, even the particulars of your ISP's service. Set the MTU too high for a particular ISP's network, for example, and you can bring any VPN system to its knees, not because the VPN server is slow — it isn't — but because the network between you and that server is not getting packets to the server efficiently. In that situation it's like it can't run or even walk because it's tripping over its own feet with every step. Is that the fault of the destination? Networks are complicated. It's the reality and a lot of crazy things can bog them down. Air has a really fast VPN system, and they have the best technical support I have ever seen. Work with them on sorting out what's going wrong in your particular situation and killing most of your speed, and do it without the insults. This is almost certainly something that can be cured with an easy adjustment at your end, once the problem is identified.

@nocturnaltabernacle Hello! It might be an MTU size issue. By default, on Linux and FreeBSD, WireGuard might set a 1420 bytes MTU size, which is too big for some networks. Shrink it to 1320 or even 1280 bytes (the minimum accepted value) and test again. In order to change wg interface MTU size on your BSD system, please edit the wg configuration file with any text editor and add the line: MTU = 1320 in the [Interface] section. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Berlin (Germany) is available: Taiyi. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard. Taiyi supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Taiyi Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team 

Hello! We are glad to inform you that we support PeerTube by Framasoft as mécène. PeerTube is a tool for sharing online videos developed by Framasoft, a french non-profit, which allows you to create your own video platform, in complete independence. PeerTube also enables platforms to be connected to each other, creating a big network of autonomous and interconnected platforms. Moreover, PeerTube does not depend on any advertising and does not track users. https://joinpeertube.org/ Check out our mission page: https://airvpn.org/mission Kind regards and datalove AirVPN Staff

Hello! The blocks you mention have nothing to do at all with torrenting or copyright notices. If they were, then yes, it would be trivial indeed to offer special servers with the aims you describe as exceptions to our mission. The main three factors causing black listing are spam e-mails, attacks to web servers via HTTP POST etc., and false positives (we include here the widespread blocks against entire IP ranges when only one IP address in that range is flagged). The first problem can be strongly mitigated, if not solved, by blocking outbound ports 465 and 587, the second problem can be resolved by blocking outbound ports 80 and 443, therefore making the server unusable to reach web sites and send out e-mail. It's easy to guess that this type of service wouldn't be used by anybody as without e-mail and the World Wide Web nobody would feel on the Internet for real, but we could add servers with this limitation for free to our customers, as a free and optional bonus outside the service (in order not to cause a contractual breach) just to test how many would use them and for which purposes (maybe something interesting will come out). Another form of mitigation would be deep packet inspection to discard any packet with malformed queries and potentially malicious purposes according to pre-defined algorithms, data set etc. (needless to say it would be a contractual breach even on a bonus server, so it's not realistic to think of it). Please note that, according to latest reports, about 1 out of 12 Windows machine in the world is infected, so in various (many?) cases the activity causing IP address black-listing is performed without the knowledge of the computer owner. Another approach, which is actually more realistic and followed by most providers, is monitoring the customer's traffic, identify the customer at least via IP address at each connection, block immediately the account when something suspicious goes on and report the customer's IP address to competent authorities (this last step becomes legally mandatory on most countries when a provider monitors the traffic and comes to know that a potential infringement has been committed).. Then it's all up to the competent authorities, end of the story for the provider. This type of service is surely possible (and in reality it has been followed in secret by several VPNs in the recent years, together with personal data harvesting) but (leaving aside our contractual breach this would cause) why then would you need a VPN? Since the traffic would be monitored anyway, most customers might just decide to let their ISP monitor their traffic, rather than shifting this "duty" to some VPN operating company or entity. Then there's another type of block (block enforced against anything that does not come from IP addresses assigned to residential ISPs - for example BBC follows a similar policy), but that's outside the scope of your complaint, we guess, since to bypass those blocks renting IP addresses assigned to residential ISPs become necessary. This is not impossible, but only in some specific countries, and we will be working on it. Kind regards

Yes, a very nice one. Apparently it is perfectly formulated, because it's 100% true and accurate, and it's not formulated here, but there. It's mentioned because Crossrider/Kape was founded by a member of Unit 8200, a cyber spy agency, and its (Crossrider's) primary business was facilitating malware and computer infections. Recently it acquired major VPNs (such as Private Internet Access, Express VPN and CyberGhost) as well as review web sites. In reality in the FT article you mention you can read the interview to Lempert (chairman of the Unit 8200 alumni association and CEO of MER mobile comms group) who claims that 8200 is focusing (the article is 7 years old) on huge data mining, which is exactly extensive surveillance of the Internet, and we could also mention the documents leaked by Snowden, which revealed how Unit 8200, referred to as ISNU, receives raw, unfiltered data of U.S. citizens, as part of a secret agreement with the NSA. https://en.wikipedia.org/wiki/File:Israel_Memorandum_of_Understanding_SIGINT.pdf Are US citizens "bad neighbors" too? Anyway. It's irrelevant whether the purposes of Kape match those of Unit 8200. Kape could be or not a puppet of 8200, you don't know and we don't know, and perhaps it's not, and still that's not the point. The relevance of a member of 8200 founding a company spreading malware and now controlling VPN is the relationships and competence acquired by that member during his/her previous job, used against citizens unconditionally, since Kape operated essentially in browser hijacking, ad injectors and other remunerative computer infections worldwide. Remember for example Gericke ("strangely", he is also ExpressVPN CIO), Adams and Baier: they used their great competence acquired while they worked for US intelligence agencies to assist UAE regime to crack journalists, activists, monarchy political opponents phones and computers, to help UAE suppress or control any possible dissident or uncomfortable journalist. Officially it was not CIA or USIC interest to do that (and actually all three of them have been charged by DoJ for that "job") but anyway they greatly succeeded in their UAE job because they were trained by and had the knowledge of and access to certain technology from their former employers. https://www.justice.gov/opa/pr/three-former-us-intelligence-community-and-military-personnel-agree-pay-more-168-million Kind regards

Hello! The main reason of complaints and black list presence of IP addresses are attacks via HTTP(S) and spam mails. A server with blocked outbound ports 80 and 443 blocked would be avoided by anyone, we think, while we might consider to block outbound ports 465 and 587 (outbound port 25 is already blocked on all servers) and renounce to our fight to defend net neutrality. This will require however a mission as well as Terms of Service modification, as noted by @OpenSourcerer , so it's not a viable solution for the current management administration and the contracts with our current users. Out there you can already find tons of VPNs which violate net neutrality by inspecting your traffic and blocking (or shaping) applications, protocols and ports. Or you can just use your own ISP. The peculiarity of AirVPN is that it doesn't enforce that rubbish.. If one asks for traffic inspection, ports blocking and so on and so forth to get a "cleaner" IP address, then he/she probably "deserves" a pervasive surveillance and must take into account that his/her personal information and his/her behavior will be sooner or later used against him/her, as it already happened to millions and millions of people around the world in the last years. Kind regards

Hello! We'll be working on it! 👍 Kind regards

I was looking at some of the stats in the client area and noticed my subscription expiration date. I think im good

@Gabi Hello, I am an AirVPN founder and could never find a reliable confirmation to the article linked by Zhang888. Today it can't be retrieved, not even from the WayBack Machine, which holds only one useless copy. Checking zhang888 messages I must note that on other two occasions he/she seemed inclined to bring unsubstantiated accusations against various persons related to Wikileaks. https://airvpn.org/forums/topic/42920-airvpn’s-twitter…/?do=findComment&comment=97424 Today, in 2023, we know that all the persons who worked for WikiLeaks in key positions (Assange, Appelbaum, Fitzgibbons...) or were developers in the Tor Project or Bitcoin Core (Todd) who were investigated but never indicted after dubious (to say the least!) reports of sex related crimes were all innocent, or even victims of a smear campaign orchestrated by intelligence and private entities (Palantir, HBGary...) in a huge, worldwide and long effort to achieve "character assassination", distract citizens from the horrendous crimes disclosed by the official documents published by WikiLeaks and send a message to journalists all over the world ("this may happen to you too if you don't stay silent, no matter where in the world you live"). In 2016, the year zhang888 created this topic, the smear campaigns had been organized since years earlier (check for example Maurizi's book "The secret power" or https://www.commondreams.org/views/2011/02/15/more-facts-emerge-about-leaked-smear-campaigns-aimed-wikileaks-supporters-and) and had been working in full force. Anything related to WikiLeaks support as well as WikiLeaks supporters had to be attacked, online and offline. The Pirate Bay and indirectly IPREDator, also known as "The original Pirate Bay VPN", as it was founded by Sunde and was important for monetary funding, could be targets at least (but probably for other reasons too) because of the key role played by at least one TPB founder to spread the "Collateral Murder" video footage against any censorship attempt. https://torrentfreak.com/pirate-bay-founder-helped-wikileaks-on-several-fronts-130205/ Also note how The Pirate Bay was under special surveillance, as revealed by documents leaked by Snowden https://www.theverge.com/2014/2/18/5421958/leaked-nsa-documents-show-debate-over-tracking-wikileaks-pirate-bay when NSA/CSS started forming the idea to treat journalists and publishers as "malicious foreign actors" I do not think that this specific event is part of one of the smear campaigns, but I find it not implausible that it's just one of the secondary consequences of those tactics. Since any other documentation is missing and was missing at the time, I do not see how the alleged accusations against the old IPRedator can be taken seriously. Let's see whether anybody can produce a substantial documentation supporting the allegations.  Kind regards

Hello! Unfortunately they have an uptime which is too low. You can see now that they have accumulated, only in 2023, something like 15 days of downtime, a colossal amount. They do not operate according to the minimum standards we agreed on with the provider. What's more, the intermittent but frequent line problems they have been suffering in the last 4-5 weeks have caused our customers inconveniences and led to legitimate contentions, complaints and disputes. By offering a new datacenter from a company which proved to be more reliable in the last 7 years we aim at improving the connectivity quality in Brazil and surrounding South America countries dramatically. Kind regards

Hello! We confirm that the linked table includes several errors. We take this opportunity to clarify that: all VPN servers use RAM disks. After a minimal bootstrap which must bring up the TCP/IP stack, the network and essential services to operate on the network, vital files (including secrets, configuration files and scripts) are downloaded on RAM from the network, from selected storage and strong authentication ensuring integrity. What's more, if a server reboots unexpectedly, the AirVPN management must confirm the authorization for the server to be re-admitted in the infrastructure, making it possible to understand the cause of the reboot and to verify (thanks to pristine copies) whether the server has been tampered before it comes back operational WireGuard is available since 2022 (in beta testing since the last quarter of 2021) and it also includes pre-shared keys, just in case they are needed for a quick additional cipher deployment in an unlikely post-quantum world. The API has been improved to offer the option to re-generate keys on the fly, resolving the privacy problems posed by WireGuard ads, trackers etc. blocking lists are available since 2021. In our opinion our system is unrivaled on any VPN service, as you can configure it, add additional blocks or specific exceptions to lift blocks, and link different lists, additions and exceptions to different devices. Last but not least you can operate via API to get the available list information. Note that the ad blocking system is opt-in for a precise choice: by default the network must remain agnostic and neutral. Blocks are enforced only when explicitly wanted by the users. additional connection modes include OpenVPN connecting through HTTP(S) and SOCKS proxies, OpenVPN over Tor (not available on Android), OpenVPN over previously established TLS and SSH tunnels (OpenVPN over stunnel and OpenVPN over SSH), OpenVPN tls-auth for backward compatibility, OpenVPN tls-crypt for enhanced block bypassing Kind regards

@kbps Hello! Not really, because the feature is included in our WireGuard setup since the very beginning, when we offered WireGuard as a beta feature some years ago. If you want more information, please see here: https://www.wireguard.com/protocol/ In this way we can implement a recognized as quantum-resistant cipher if needed, according to our customers request . You may ask why don't you pick one PQ cipher right now? You already configured the most part! We have excellent reasons not to do so right now: It's premature. In spite of the hype, currently a quantum computer doesn't work for any practical purpose to break even the weakest encryption algorithm and in the last 40 years or so the expected date to have a working quantum computer capable to perform something more than basic arithmetic have been shifted decade after decade. Research has progressed more slowly than ultra-optimists expected. To break RSA 2048 in a reasonable time a rigorous simulation shows that you need at least 1 million (probably up to 10 millions) of physical qubit (you need probably at least 10'000 logical qubits, and due to the astronomically high error rate of qc, to rely on them you need ~ x100 physical qubits). Nowadays the biggest companies are struggling to beat 433 logical qubits qc (IBM promised 1000 logical qubits machine within the beginning of 2024). It hits performance. Some promising PQ ciphers use 64 KB or larger public and private keys and you will notice a performance hit if you have a Gbit/s line and you're used to the high performance our infrastructure is normally capable to provide. The load both on server and client will increase. It exposes our customers to unnecessary risks. Post-quantum algorithms are far less well-studied. Any PQ algorithm, that today is considered safe, can be compromised tomorrow by "classical" computes.. It happened already to SIKE, which before the spectacular fall was considered one of the strongest and best algorithm for Diffie-Hellman key exchange in a post-quantum world. It was cracked in a matter of hours a few months ago with a program running in a single thread of a single core of a desktop CPU. SIKEp434 was broken within approximately an hour, SIKEp503 cracking required 2 hours, SIKEp610 8 hours and SIKEp751 21 hours. See also https://www.securityweek.com/nist-post-quantum-algorithm-finalist-cracked-using-classical-pc/ So, we have the infrastructure ready to add a PQ cipher, when and above all if it will be necessary, without exposing you to risks of cracking by classical computers and/or "performance hit for nothing". Kind regards