Jump to content
Not connected, Your IP: 34.200.236.68

Leaderboard


Popular Content

Showing content with the highest reputation since 09/21/19 in all areas

  1. 21 points
    Staff

    AirVPN 10th birthday celebrations

    Hello! Today we're starting AirVPN tenth birthday celebrations! From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 22 countries in three continents, providing now 240,000+ Mbit/s to tens of thousands of people around the world. In 2019 and 2020, software development enhancement has paid off: now AirVPN develops on its own an OpenVPN3 forked library which resolves various problems from the main branch and adds new features. The library is used in Hummingbird, a free and open source software for Linux and Mac, known for its speed and compactness, in Eddie Android edition and in a new software which will be announced in June. Hummingbird has been released even for ARM based Linux devices, and runs fine for example in Raspberry PI. Eddie Desktop edition has been extensively rewritten to improve performance, reliability and security. Now anything not related to the user interface is written in C++ and a lot of security hardening has been implemented. Total compatibility with macOS Catalina, Windows 10 and latest Linux distributions has been achieved, and specific packages for various, widespread Linux distributions are available for easier installation. Eddie can act as a GUI for Hummingbird in Linux and Mac, while in Windows, Eddie can also be easily configured to run OpenVPN 2.5 with the wintun driver to achieve remarkable OpenVPN performance boost and put Windows on par with other systems OpenVPN throughput ability. Furthermore, the wintun driver resolves various problems which affected TAP-Windows driver. Development for OpenBSD and FreeBSD has been unfortunately re-planned but we're glad to announce here that it will continue, starting from summer 2020. All AirVPN applications and libraries are free and open source software released under GPLv3. We think that it's somehow surprising that AirVPN not only survived, but even flourished for 10 years, in an increasingly competitive market and increasingly privacy hostile environment. No whistles and bells, no marketing fluff, no fake locations, no advertising on mainstream media, a transparent privacy policy, no trackers on the web site or in mobile applications, no bullshit of any kind in our infrastructure to sell your personal data to any personal data merchant, and above all a clear mission that is the very reason which AirVPN operates for https://airvpn.org/mission , are probably, all together, the factors which allowed such a small "miracle" and maybe make AirVPN unique. Thank you all, you users, customers, members of the community, moderators, developers: the small "miracle" happened because of you, because you saw something in AirVPN. Kind regards and datalove AirVPN Staff
  2. 20 points
    Hello! We would like to inform you that we have made every effort to ensure AirVPN full and efficient operation during the pandemic caused by SARS-CoV-2. In order to reduce hazard and safeguard health, AirVPN staff and personnel work exclusively from home and worked from home well before the current situation appeared clearly as a pandemic Each member has a landline and one or more mobile lines, when possible in different infrastructures, to maximize likelihood to stay connected to the Internet 24/7 AirVPN system is more efficiently automated and basic functioning requires no manual interventions, even for several months (if kernel upgrades hadn't been necessary, we would have had servers uptime of 4 years or more) AirVPN inner staff members have now overlapping competences. Therefore if a key member, including a founder, is forced to stop working, the other ones can carry out his/her functions Emergency funds already secured in the past in different facilities as well as banks remain unaltered and ensure AirVPN financial health for a very long time even in very harsh scenarios. However, we would like to assure you that they are not needed at all currently, quite the contrary. In the last 10 days we have experienced a substantial increase in the growth of our customer base We have been informed by our most important partners and providers of housing and hosting in Europe, America and Asia they they are, and expect to, remain fully operational Kind regards AirVPN Staff
  3. 9 points
    Hello! We inform you that all of our Lithuanian servers are being withdrawn and dismissed. The datacenter provider, Cherry Servers, has just asked for a block of all outbound ports except a few ones they called "standard ports" (sic) to prevent any possible future "copyright infringement" (to be noted: no infringement in the past has ever been proved). It is clearly an unacceptable request for us, and we guess for everyone, and it also reveals the true face of Cherry Servers datacenter as an enemy of the Internet. For us, it's also an option to finally get rid of the last servers still not supporting IPv6. Cherry Servers was one of our last providers still lacking IPv6 support, a fact that should have given us a "head up!" about Cherry Servers poor commitment to providing decent services. We will be actively looking for an alternative datacenter. We will be looking for datacenters where the concept of mere conduit is understood, and IPv6 infrastructure is available. In the meantime keep in mind that we offer several servers in the Baltic region as well as other, nearby countries. Kind regards
  4. 7 points
    Please stay healthy everyone!
  5. 7 points
    Staff

    Spooky Halloween Deals

    Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors: active OpenVPN 3 open source development ChaCha20 cipher on OpenVPN Data Channel for higher performance and longer battery life on tablets and smart phones IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high standards for privacy protection no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary crystal clear, easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! Grim regards & datathrills AirVPN Staff
  6. 6 points
    Staff

    VPNs - Caught in Lying!?!

    @arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards
  7. 6 points
    Hello! We are very sorry to inform you that we are withdrawing all of our servers in Hong Kong. Because of the new legal framework allowing unlimited line wiretapping by Chinese entities without judicial overview, the painful decision is due and undelayable. Our presence in Asia will continue in Singapore and Japan, where our infrastructure is oversized, while we are considering expansion in other countries when both legal framework and infrastructure status of a country allow it. Kind regards & datalove AirVPN Staff
  8. 6 points
    Staff

    Eddie 2.18.9 Desktop released

    Hello! We're very glad to inform you that a new stable release of Eddie is now available for Linux, Mac and Windows. Eddie is a free and open source (GPLv3) OpenVPN GUI and CLI by AirVPN with many additional features such as: traffic leaks prevention via packet filtering rules DNS handling optional connections over Tor or a generic proxy customizable events traffic splitting on a destination IP address or host name basis complete and swift integration with AirVPN infrastructure Eddie 2.18.9 has been extensively rewritten to increase speed, stability, security and compatibility with the latest OS versions. It is the outcome of a massive work which took care to meet very many requests from our community and got rid of some issues affecting Eddie previous stable release when running in latest OS releases. Eddie GUI and CLI now run with normal user privileges, while only a "backend" binary, which communicates with the user interface with authentication, gains root/administrator privileges, with important security safeguards in place: stricter parsing is enforced before passing a profile to OpenVPN in order to block insecure OpenVPN directives external system binaries which need superuser privileges (examples: openvpn, iptables) will not be launched if they do not belong to a superuser Eddie events are no more run with superuser privileges: instead of trusting blindly user's responsibility and care when dealing with events, now the user is required to explicitly operate to run something with high privileges, if necessary Backend binary has been completely rewritten in C++ on all systems (Windows included), making the whole application faster. On top of that various optimizations have been implemented. Now Eddie provides you with higher responsiveness and an improved overall feel and comfort. CLI version has been improved as well, featuring numerous glitch and bug fixes. Compatibility for macOS Catalina and latest Linux distributions, including DNS handling, has been enhanced. Settings, certificates and keys of your account stored on your mass storage can optionally be encrypted on all systems either with a Master Password or a system key-chain if available. For Windows systems, wintun support has been added. You can now, if you wish so, replace the driver for OpenVPN virtual network interface with the new wintun for higher throughput (OpenVPN 2.5 tech preview required). In Linux and Mac systems, Eddie can also launch Hummingbird, which is very fast and is based on OpenVPN3-AirVPN library, replacing OpenVPN 2.x. In this way you can have at once a GUI for Hummingbird (which lacks it), the usual great amount of features and options Eddie is packed with, and faster connections/disconnections, as OpenVPN3-AirVPN is exceptionally faster than OpenVPN 2 during connection and disconnection phases. Eddie 2.18.9 can be downloaded here: https://airvpn.org/linux - Linux version https://airvpn.org/macos - Mac version https://airvpn.org/windows - Windows version Eddie 2.18.9 is free and open source software released under GPLv3. Source code is available on GitHub: https://github.com/AirVPN/Eddie Eddie 2.18 changelog shows you the massive work behind it and all those implemented changes that remained necessarily not mentioned in this announcement. Complete changelog can be found here. Kind regards & datalove AirVPN Staff Version 2.18.9 (Thu, 02 Apr 2020 12:14:10 +0000) [add] - Windows - Added DotNet 4.5 check & install in Installer edition [bugfix] - Linux - Resolved an elevation issue in some Linux distribution (Raspbian mainly) [bugfix] - Fixed a bug that intermittently ignores --connect Version 2.18.8 (Thu, 26 Mar 2020 12:59:48 +0000) [bugfix] Windows - Support of OpenVPN2.5 tech-preview (also with new wintun driver) [bugfix] MacOS - -mmacosx-version-min=10.9 on all binary [bugfix] Service reinstalls automatically when version-incompatibility detected [change] Code cleanup for stable release [change] Enforcement of operation allowed by Elevation [change] Enforcement of service checking [change] Windows - Elevated converted from C# to C++ [change] Little score adjustment in UI [change] Better feedback in CLI edition (mainly latency check steps) [new] Linux - enabled CLI-only packages in all editions [change] Minor changes Version 2.18.7 (Wed, 29 Jan 2020 13:54:35 +0000) [bugfix] - Update notification for beta versions [bugfix] - Windows - Message when driver installation is denied [bugfix] - macOS - Fix of error "hummingbird not allowed: Not owned by root". [bugfix] - Linux - Fix of error "Client not allowed: [...] parent process (spot mode)", CLI edition with sudo [bugfix] - Fix of error "Failed to connect to ... port 89: Connection refused" when using Hummingbird in SSL/SSH mode [bugfix] - Better exception management to avoid some crash (especially when related to Mono) [bugfix] - Linux - Arch deployment and AUR management [bugfix] - Tor Cookie/Password detection in every supported OS [bugfix] - Updated 'curl' binary in Windows and CA file [change] - macOS - Minor info.plist update in CLI edition [change] - Windows/Linux - OpenVPN Management skip [change] - In 'Latency mode', now load and users have minor impact on score. Version 2.18.6 (Fri, 17 Jan 2020 13:46:48 +0000) [change] Bug fixes and code cleanup [change] OpenVPN 2.4.8 [change] Windows - Tap driver (Win7-Win10) upgraded from 9.23.3-i601 to 9.24.2-i601 [new] New option 'Skip promotional messages'. [change] macOS - New menubar icons [bugfix] macOS - 'Rules not loaded' in some environment [change] Hummingbird integration (experimental) Version 2.18.5 (Wed, 30 Oct 2019 15:03:32 +0000) [new] Linux - systemd service [change] Code cleanup for stable release [bugfix] Windows - Service installation issue in Windows 7 [bugfix] Windows - SSL connections [bugfix] Suppression of some unwanted elevated log [bugfix] Windows bug 'Do you want to reset Eddie to default settings?' [bugfix] Fix for occasional error on exit, 'Object reference not set to an instance of an object'. Version 2.18.4 (Wed, 02 Oct 2019 18:20:00 +0000) [bugfix] OpenVPN > Error: Not supported OpenVPN config [bugfix] Linux - Crash "Unexpected crash of elevated helper:Elevated communication closed" during IPv6 block, if IPv6 not available [bugfix] macOS - Autorestart service if upgraded, avoid error "unknown command" [bugfix] Enforce Elevated compatibility check [change] macOS - KeepAlive in launchd [change] Minor changes [new] New deploy/build scripts Version 2.18.3 (Fri, 27 Sep 2019 11:07:42 +0000) [change] Switched 'ping' method in Linux and macOS [change] Code cleanup [change] macOS - Direct invocation with AuthorizationExecuteWithPrivileges for superuser privileges [change] Linux - "Minimize to tray" false by default [change] Linux - Mono, Portable and AppImage editions [change] Minor UI improvements [change] Better log of issues [change] Better log of dns flush actions [bugfix] Linux - Icon and Window glitch in KDE [bugfix] macOS - SSH connection [bugfix] macOS - Show/Hide Main Window issues [bugfix] OS Keyring conflicts with multiple profiles [bugfix] Linux - Raspberry, ARMHF build, fixed issue 'file_getasroot' [bugfix] Linux - Fixed a fatal crash with some UI tray icon issues [bugfix] Linux - Detect and use iptables-legacy (nft transition) [bugfix] Linux - Fixed a SSL connection issue (related to error 'Cannot create pid file') [bugfix] Parser of OpenVPN version [new] Linux - WM_CLASS registration [new] Linux - New IPv6 block [new] Latency test only about servers in whitelist [deprecated] Option "Remove Default Gateway" (routes.remove_default) removed [deprecated] Windows - Option "Switch DHCP to Static" (windows.dhcp_disable) removed Version 2.18.2 (Thu, 12 Sep 2019 15:59:45 +0000) [change] Linux - FIxed a Lintian error on some distributions [bugfix] Linux - Netlock issue if IPv6 is disabled via GRUB ('Address family not supported by protocol' error) [bugfix] Linux - Sometimes Eddie doesn't close [bugfix] Linux - Arch issue with elevation, also restored .xz packages [bugfix] Windows - Issues with username with spaces [bugfix] macOS - Dump PF output and file in logs in case of failure [change] macOS - Notifications, better layout with icons [change] Added Boost in Libraries [bugfix] Minor UI changes Version 2.18.1 (Wed, 11 Sep 2019 09:11:31 +0000) [change] Core Engine partially rewritten [new] UI doesn't run as root anymore in every OS [new] Profile data encryption in any OS, either through OS keychain if available or "master" password [bugfix] Linux - DNS resolv.conf issue [change] New formula to compute "best server" [bugfix] Windows - Windows10 SSH [new] No log for inconsistent cipher or keysize directives when used with custom Data Channel cipher [bugfix] Linux - Flush DNS with systemd-resolve [change] Linux - Better performance when netlock is activated at application start [change] Windows - Tun driver updated to 9.23.3 [change] OpenVPN 2.4.7 [change] Removed TOS window. [removed] Linux - resolvconf DNS switch method [removed] Insecure OpenVPN directives [new] binaries run with root privileges must belong to superuser Version 2.17.2 (Sun, 23 Sep 2018 11:55:26 +0000) [bugfix] macOS/Linux - Crash at boot if Network Lock is active Version 2.17.1 (Sat, 22 Sep 2018 13:19:08 +0000) [change] Better Lifebelt Test network report [bugfix] Windows - Recovery issue about routes (slowdown, no security issue) [bugfix] Misc UX fixes [bugfix] IPv6 route check failure with OpenVPN versions older than 2.4 [change] Force usage of .Net Framework >=4 in every Windows OS [bugfix] Improved check of custom directive names [new] New option "netlock.allow_dhcp" true by default [bugfix] Multiple "Bootstrap failed" windows [new] New Eddie version notification [change] Linux - Faster Network lock (build iptables-save format and apply directly) [bugfix] Linux - Flush DNS in some distro [bugfix] Linux - Glitch on black window when minimized in some distro (tested in Ubuntu 18.04) [change] macOS - Better detection of DNS servers in DHCP mode
  9. 6 points
    Hello! UPDATE 29-Nov-19: macOS, Linux x86-64 bit and Raspbian beta versions now available. UPDATE 06-Dec-19: beta 2 version has been released UPDATE 10-Dec-19: Release Candidate 1 has been released UPDATE 19-Dec-19: Release Candidate 2 has been released UPDATE 27-Dec-19: version 1.0 has been released UPDATE 24-Jan-20: version 1.0.1 has been released We are very glad to introduce Hummingbird, a new client software for: Linux x86-64 bit Linux Raspbian 32 bit (frequently installed in Raspberry PI) Linux ARM 64 bit (tested under Raspberry 4 Ubuntu 19.10) Mac (minimum required version macOS Mojave) based on our own AirVPN OpenVPN 3 library. The software meets various demands by many users. Furthermore, it will evolve in to an integrated client and daemon targeting Linux, Mac, OpenBSD and FreeBSD platforms. Main features: lightweight and stand alone binary no heavy framework required, no GUI tiny RAM footprint (less than 3 MB currently) lightning fast based on OpenVPN 3 library fork by AirVPN with tons of critical bug fixes from the main branch, new ciphers support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on Raspberry PI and any Linux-based platform not supporting AES-NI. Note: ChaCha20 support for Android had been already implemented in our free and open source Eddie Android edition https://airvpn.org/forums/topic/44201-eddie-android-edition-24-released-chacha20-support/ robust leaks prevention through Network Lock based either on iptables, nftables or pf through automatic detection proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features Versions for FreeBSD and OpenBSD will follow in the future. Source code is available here: https://gitlab.com/AirVPN/hummingbird In the above repository you can also find binaries, general instructions, usage instructions and build instructions. Linux x86-64 64 bit version: https://eddie.website/repository/hummingbird/1.0.1/hummingbird-linux-x86_64-1.0.1.tar.gz Raspberry 64 bit / Linux ARM 64 bit version: https://eddie.website/repository/hummingbird/1.0.1/hummingbird-linux-aarch64-1.0.1.tar.gz Raspbian 32 bit version: https://eddie.website/repository/hummingbird/1.0.1/hummingbird-linux-armv7l-1.0.1.tar.gz macOS version: https://eddie.website/repository/hummingbird/1.0.1/hummingbird-macos-1.0.1.tar.gz How to install AirVPN client for Linux x86_64, Raspberry and macOS Requirements ------------ Linux x86-64, ARM 32 or ARM 64 bit CPU A reasonably recent Linux distribution tar sha512sum (optional) Raspberry Linux Raspbian distribution or Linux ARM 64 bit distribution tar sha512sum (optional) Mac macOS Mojave or higher version tar shasum (optional) otool (optional) Linux x86-64 Installation ------------------ Download hummingbird-linux-x86_64-1.0.1.tar.gz [optional] Download hummingbird-linux-x86_64-1.0.1.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check hummingbird-linux-1.0.1-x86_64.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird-linux-x86_64-1.0.1.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tar archive by issuing this command on your terminal window: tar xvf hummingbird-linux-1.0.1.tar.gz A new directory will be created: hummingbird-linux-1.0.1 Move into the new directory with command "cd hummingbird-linux-1.0.1" (without quotes) [optional] Check the integrity of the binary file hummingbird-linux-1.0.1. Issue this command from your terminal window: sha512sum --check hummingbird.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird-linux-1.0.1: OK" [optional] Check dynamic library availability. Issue the command "ldd hummingbird" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Linux client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" (depending on specific Linux distribution) Raspberry/Raspbian/Linux ARM 32 bit Installation ------------------------------- Download hummingbird-armv7l-1.0.1.tar.gz [optional] Download hummingbird-linux-armv7l-1.0.1.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check tar xvf hummingbird-armv7l-1.0.1.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird-armv7l-1.0.1.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tar archive by issuing this command on your terminal window: tar xvf hummingbird-armv7l-1.0.1.tar.gz A new directory will be created: hummingbird-armv7l-1.0.1 Enter the new directory with command "cd hummingbird-armv7l-1.0.1" (without quotes) [optional] Check the integrity of the binary file hummingbird. Issue this command from your terminal window: "sha512sum --check hummingbird.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird: OK" [optional] Check dynamic library availability. Issue the command "ldd hummingbird" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" Raspberry/Linux ARM 64 bit Installation ------------------------------- Download hummingbird-linux-aarch64-1.0.1.tar.gz [optional] Download hummingbird-linux-aarch64-1.0.1.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check hummingbird-linux-aarch64-1.0.1.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with " hummingbird-linux-aarch64-1.0.1.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tar archive by issuing this command on your terminal window: "tar xvf a hummingbird-linux-aarch64-1.0.1.tar.gz" (without quotes) A new directory will be created: hummingbird-linux-aarch64-1.0.1 Enter the new directory with command "cd hummingbird-linux-aarch64-1.0.1" (without quotes) [optional] Check the integrity of the binary file hummingbird. Issue this command from your terminal window: "sha512sum --check hummingbird.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird: OK" [optional] Check dynamic library availability. Issue the command "ldd hummingbird" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" macOS installation -------------------- Download hummingbird-macos-1.0.1.tar.gz [optional] Download hummingbird-macos-1.0.1.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "shasum -a 512 -c hummingbird-macos-1.0.1.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird-macos-1.0.1.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tar archive by issuing this command on your terminal window: "tar xvf hummingbird-macos-1.0.1.tar.gz" (without quotes) A new directory will be created: hummingbird-macos-1.0.1 Move into the above directory by entering command "cd hummingbird-macos-1.0.1" (without quotes) [optional] Check the integrity of the binary file hummingbird-macos-1.0.1. Issue this command from your terminal window: "shasum -a 512 -c hummingbird.sha512" (without quotes) [optional] Make sure the command responds with "hummingbird: OK" [optional] Check dynamic library availability. Issue the command "otool -L hummingbird" and make sure all the required dynamic libraries are available. No line of the output must contain "not found". "otool" is distributed with Xcode the Mac client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Note on Checksum Files We do strongly suggest you to check the integrity both of the distribution tar.gz file and the hummingbird binary in order to make sure you are installing a binary created and fully supported by AirVPN. Hummingbird is an open source project and, as such, its source code can be downloaded, forked and modified by anyone who wants to create a derivative project or build it on his or her computer. This also means the source code can be tampered or modified in a malicious way, therefore creating a binary version of hummingbird which may act harmfully, destroy or steal your data, redirecting your network traffic and data while pretending to be the "real" hummingbird client genuinely developed and supported by AirVPN. For this reason, we cannot guarantee forked, modified and custom compiled versions of Hummingbird to be compliant to our specifications, development and coding guidelines and style, including our security standards. These projects, of course, may also be better and more efficient than our release, however we cannot guarantee or provide help for the job of others. You are therefore strongly advised to check and verify the checksum codes found in the .sha512 files to exactly correspond to the ones below, that is, the checksum we have computed from the sources and distribution files directly compiled and built by AirVPN. This will make you sure about the origin and authenticity of the hummingbird client. Please note the files contained in the distribution tarballs are created from the very source code available in the master branch of the official hummingbird's repository. Checksum codes for Version 1.0 The checksum codes contained in files hummingbird-<os>-<arch>-1.0.1.tar.gz.sha512 and hummingbird.sha512 must correspond to the codes below in order to prove they are genuinely created and distributed by AirVPN. Linux x86_64 hummingbird-linux-x86_64-1.0.1.tar.gz: f2cbc2acded6335c996271d9e86818a0375f4f46712b9edb7147494038bff48a1e72f666b319790a8250298e437a87dd8173313156da0497529c0eace3924fea hummingbird: bbfb5951a54c1bfd271d7a56ac52a8674a31f295a699698332996c7e49a194974b61526accff0936a7512986c26c92489cd2c0c731999fcb224eaf118bc91a89 Linux ARM32 hummingbird-linux-armv7l-1.0.1.tar.gz: ad5ef28d6904089f474c065ca01dae222e35b2eb999a24de13481f2e4f41228c9fe5c7cb1e623c24b5498339f1c033f7b47717bd3f42e6467f42477129102b88 hummingbird: 3ed0d105a1fece008793575945836d7e2dc38b79698856dfaeb1ffadf871004bf6f8dfd101561322c661df8192a5a8861d39266e89dad2d5db0947cb4d7f675f Linux ARM64 hummingbird-linux-aarch64-1.0.1.tar.gz: 1c1042ae91fac572a3835ee03b97633a597d4f9abfba8c1ef8a65f3dcdae854c9cec254fead542d629e501449d6db44d7450da810328dfc2328ed4784eb8b1f1 hummingbird: af218c2f53d62feead87fc6731e2b8fad4a6f884fe65103045cb3eafc7eb4f63b76737e2d2176c1fbf6647c1fd3ecad95311c4a000117531055c3cf65926516c macOS hummingbird-macos-1.0.1.tar.gz: ecf4c9123fb974561dc4a49676cd4a76c887b74553e380c23f5b879995d4f95c9028c4882a6cce5870c5223dbd2aee1aab39ee06d754774ec708d9050c6ffc23 hummingbird: b389e95c7362290d0349035a018d57d496433ed4d7eab5f6f62e5bb92764615db04c5375362bf8f5c6582ecb775f04d3c4fd261633ab8a1a93b79dccdebe464c Running the Hummingbird Client Run hummingbird and display its help in order to become familiar with its options. From your terminal window issue the following command: sudo ./hummingbird --help After having entered your root account password, hummingbird responds with: Hummingbird - AirVPN OpenVPN 3 Client 1.0 - 27 December 2019 usage: ./hummingbird [options] <config-file> [extra-config-directives...] --help, -h : show this help page --version, -v : show version info --eval, -e : evaluate profile only (standalone) --merge, -m : merge profile into unified format (standalone) --username, -u : username --password, -p : password --response, -r : static response --dc, -D : dynamic challenge/response cookie --cipher, -C : encrypt packets with specific cipher algorithm (alg) --proto, -P : protocol override (udp|tcp) --server, -s : server override --port, -R : port override --ncp-disable, -n : disable negotiable crypto parameters --network-lock, -N : enable/disable network filter and lock (on|off, default on) --gui-version, -E : set custom gui version (text) --ignore-dns-push, -i : ignore DNS push request and use system DNS settings --ipv6, -6 : combined IPv4/IPv6 tunnel (yes|no|default) --timeout, -t : timeout --compress, -c : compression mode (yes|no|asym) --pk-password, -z : private key password --tvm-override, -M : tls-version-min override (disabled, default, tls_1_x) --tcprof-override, -X : tls-cert-profile override (legacy, preferred, etc.) --proxy-host, -y : HTTP proxy hostname/IP --proxy-port, -q : HTTP proxy port --proxy-username, -U : HTTP proxy username --proxy-password, -W : HTTP proxy password --proxy-basic, -B : allow HTTP basic auth --alt-proxy, -A : enable alternative proxy module --dco, -d : enable data channel offload --cache-password, -H : cache password --no-cert, -x : disable client certificate --def-keydir, -k : default key direction ('bi', '0', or '1') --force-aes-cbc, -f : force AES-CBC ciphersuites --ssl-debug : SSL debug level --google-dns, -g : enable Google DNS fallback --auto-sess, -a : request autologin session --auth-retry, -Y : retry connection on auth failure --persist-tun, -j : keep TUN interface open across reconnects --peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,... --gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob) --epki-ca : simulate external PKI cert supporting intermediate/root certs --epki-cert : simulate external PKI cert --epki-key : simulate external PKI private key --recover-network : recover network settings after a crash or unexpected exit Open Source Project by AirVPN (https://airvpn.org) Linux and macOS design, development and coding: ProMIND Special thanks to the AirVPN community for the valuable help, support, suggestions and testing. Hummingbird needs a valid OpenVPN profile in order to connect to a server. You can create an OpenVPN profile by using the config generator available at AirVPN website in your account's Client Area Start a connection: sudo ./hummingbird your_openvpn_file.ovpn Stop a connection: Type CTRL+C in the terminal window where hummingbird is running. The client will initiate the disconnection process and will restore your original network settings according to your options. Start a connection with a specific cipher: sudo ./hummingbird --ncp-disable --cipher CHACHA20-POLY1305 your_openvpn_file.ovpn Please note: in order to properly work, the server you are connecting to must support the cipher specified with the --cipher option. If you wish to use CHACHA20-POLY1305 cipher, you can find AirVPN servers supporting it in our real time servers monitor: they are marked in yellow as "Experimental ChaCha20". Disable the network filter and lock: sudo ./hummingbird --network-lock off your_openvpn_file.ovpn Ignore the DNS servers pushed by the VPN server: sudo ./hummingbird --ignore-dns-push your_openvpn_file.ovpn Please note: the above options can be combined together according to their use and function. Network Filter and Lock Hummingbird's network filter and lock natively uses iptables, nftables and pf in order to provide a "best effort leak prevention". Hummingbird will automatically detect and use the infrastructure available on your system. Please note: Linux services firewalld and ufw may interfere with the hummingbird's network filter and lock and you are strongly advised to not issue any firewall related command while the VPN connection is active. DNS Management in Linux Hummingbird currently supports both resolv.conf and systemd-resolved service. It is also aware of Network Manager, in case it is running. While the client is running, you are strongly advised to not issue any resolved related command (such as resolvectl) or change the resolv.conf file in order to make sure the system properly uses DNS pushed by the VPN server. Please note: DNS system settings are not changed in case the client has been started with --ignore-dns-push. In this specific case, the connection will use your system's DNS. Furthermore, please note that if your network interfaces are managed by Network Manager, DNS settings might be changed under peculiar circumstances during a VPN connection, even when DNS push had been previously accepted. DNS Management in macOS DNS setting and management is done through OpenVPN3 native support Recover Your Network Settings In case hummingbird crashes or it is killed by the user (i.e. kill -9 `pidof hummingbird` ) as well as in case of system reboot while the connection is active, the system will keep and use all the network settings determined by the client; therefore, your network connection will not work as expected, every connection is refused and the system will seem to be "network locked". To restore and recover your system network, you can use the client with the --recover-network option. sudo ./hummingbird --recover-network Please note: in case of crash or unexpected exit, when you subsequently run hummingbird it will warn you about the unexpected exit and will require you to run it again with the --recover-network option. It will also refuse to start any connection until the network has been properly restored and recovered. Changelog -------- Changelog.txt URL: https://gitlab.com/AirVPN/hummingbird/blob/master/Changelog.txt Changelog 1.0.1 - 24 January 2020 - [ProMIND] Updated to OpenVPN3-AirVPN 3.6.2 *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 - 27 December 2019 - [ProMIND] Production release *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 RC2 - 19 December 2019 - [ProMIND] Better management of Linux NetworkManager and systemd-resolved in case they are both running - [ProMIND] Log a warning in case Linux NetworkManager and/or systemd-resolved are running *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 RC1 - 10 December 2019 - [ProMIND] Updated asio dependency *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 beta 2 - 6 December 2019 - [ProMIND] Updated to OpenVPN 3.6.1 AirVPN - [ProMIND] macOS now uses OpenVPN's Tunnel Builder - [ProMIND] Added --ignore-dns-push option for macOS - [ProMIND] Added --recover-network option for macOS *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 beta 1 - 28 November 2019 - [ProMIND] Added a better description for ipv6 option in help page - [ProMIND] --recover-network option now warns the user in case the program has properly exited in its last run - [ProMIND] NetFilter class is now aware of both iptables and iptables-legacy and gives priority to the latter *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 alpha 2 - 7 November 2019 - [ProMIND] DNS resolver has now a better management of IPv6 domains - [ProMIND] DNS resolver has now a better management of multi IP domains - [ProMIND] Minor bug fixes *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 alpha 1 - 1 November 2019 - [ProMIND] Initial public release Kind regards and datalove AirVPN Staff
  10. 6 points
    Staff

    OpenVPN AirVPN 3.3.2 released

    Hello! We're very glad to inform you that on October the 10th 2019, we released a new version of OpenVPN AirVPN library fixing critical bugs affecting main OpenVPN 3 branch for Linux since years ago. Please see the changelog here: https://github.com/AirVPN/openvpn3-airvpn/blob/master/CHANGELOG.txt Critical bug fixes are essential to offer an OpenVPN AirVPN library based client on Linux. As those bugs remained unresolved for years in the main branch and made OpenVPN 3 de facto unusable in a safe way in Linux, we could not wait anymore. Therefore, we will be able to release a first beta version for Linux and macOS of a command line based, light-weight client software based on OpenVPN AirVPN 3.3.2 around October the 20th. FreeBSD and OpenBSD versions remain planned for the very near future. Kind regards and datalove AirVPN Staff
  11. 5 points
    Hello, last year I had written a wrapper for Eddie's CLI version (in bash) to be able to use it more easily and extensively in the linux command line like the GUI, but with less resources. I have used it since then every day without problems, but now I have finally gotten to overhaul it and adjust it to Hummingbird because it is just so much faster! I also tried to make it more easy to configure (by having a separate configuration file) and added some new functionality like support (and automatic recognition) of iptables and nftables to lock down the system even without being connected to AirVPN and automatic connection at boot with a systemd unit. Again, feel free to use this as you wish, I hope someone can benefit from this. I'm happy about any improvements and corrections and will update this if I find the time. Features graphical interface in the command line to connect to AirVPN with Hummingbird (no Eddie involved) runs in background, the interface can be closed/opened anytime without affecting the running connection possibility to connect to any server with just one ovpn configuration file easily connect to a random server, to a recommended server, to the recommended server of a specific country or to a specific server sortable list of all servers including info like used bandwidth, load and number of users possibility to connect to other VPNs with openconnect lock down system by default (permanently if you want), so even without AirVPN/Hummingbird running there won't be any unwanted network traffic automatically establish connection at boot (which can later be controlled via the interface) logging of Hummingbird's output (number of days to keep logs for can be adjusted) system notifications to let you know what happens in the background Some general notes The default network lock determines, like Hummingbird itself, if iptables, iptables-legacy or nftables is available on your system and will use the first one found in that list. You can overwrite that by specifying which one to use in the configuration file. Once activated, the lock will stay in place until manually deactivated, so no internet connection will be possible unless connected to AirVPN or other whitelisted VPNs. You can make the lock permanent (or rather activate at boot) by enabling that option in the configuration file. AirVPN's network lock overwrites the default network lock, so there will be no interference. IMPORTANT: If you have any frontend firewall for iptables/nftables running, you might to disable that or read up on how it might interfere with rule changes you make directly via iptables/nft. The same thing applies if you use just Hummingbird itself. If you enable the default permanent network lock, it will write the lock rules at boot, most likely overwriting rules by firewalld or the like, but other enabled firewalls might interfere later. Also important: If you have SELinux and you want to use nftables for Hummingbird starting at boot, you have to create a SELinux exception for nft bcause otherwise it will be denied and Hummingbird starts without setting up its own lock, thus leaving you unprotected (AirVPN staff is aware of this issue). You can do that with audit2allow. Follow for example this guide to troubleshoot the problem and fix it with the solution given by sealert. Check your /etc/resolv.conf file while not running Hummingbird (because Hummingbird's network lock replaces that file temporarily) to make sure your router is not set as a nameserver (so no 192.168... address). Some routers will push themselves on that list by DHCP whenever you connect to their network. Since communication with the router is allowed in the lock rules, DNS requests will be handled by the router and sent to whatever DNS server is configured there even when network traffic should be blocked. There are ways to prevent that file from being changed by DHCP, best configure network manager for that if you use it. To connect to other VPNs, their IPs must be whitelisted and DNS requests for their domains must be allowed in the default network lock rules (netfilter_ipbatles.rulesipv4/ipv6 and/or netfilter_nftables.rules). Only edit those files with the default network lock deactivated. The rules for airvpn.org can be copied and adjusted. You can set custom options for Hummingbird in the interface or the configuration file. All the possible options can be found in the Hummingbird manual or with sudo hummingbird --help Apart from dialog I tried to only use basic system tools. The scripts will check if everything needed is present, if not they will exit. At least bash 4 is needed. The scripts rely mostly on dialog, awk and curl (and iptables/nft as described and openconnect if needed), so it should work on most systems. I wrote and tested this on Fedora 32 with Hummingbird 1.0.3. It should be possible to use any ovpn config file generated by the AirVPN's config generator. Even with the file for one specific server it should be possible to connect to any other server because the server override function is used here. I haven't tested that extensively though and just use the config file for earth. AirVPN's API seems to be a little unreliable sometimes as in not correctly reporting the connection status. Sometimes the API reports me not being connected although I am connected to an AirVPN server. This is no big deal, it just means that the connection status sometimes may be shown falsely as disconnected. If you have the default network lock activated, no traffic would be possible if you were actually disconnected. And, lastly, VERY IMPORTANT: I am still no programmer and do this only on this on the side, so even though I tried my best to make these scripts secure and error free, there might very well be some bad practice, never-ever-do-this mistakes or other hiccups in there. It works very well for me (and has for quite a while by now), but better check it yourself. UPDATE As of 2020/08/29 this project including updates, changelog and further instructions is publicly available on GitLab. There it can be more easily examined, downloaded and updated. Thus I have removed the scripts, installation instructions and the archive with all the files from this post. Check out the GitLab project for the newest version. VPNControl.tar
  12. 5 points
    Already did before, for anything but Netflix airvpn is absolutely awesome. I'm a long time customer and already got a 3 year subscription 😎 Plus I've already got a buddy to also sign up to your service. So far I'm very happy. Cheers 🤘
  13. 5 points
    Hello! We're very glad to inform you that a new 1 Gbit/s server located in Tallinn (EE) is available: Alruba. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Alruba supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/alruba Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  14. 5 points
    Staff

    Christmas 2019 Sale

    Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68.6% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. code shown in the above picture is an example, not a real code If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans' special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff
  15. 5 points
    Staff

    Wireguard response from Mullvad

    @rndbit In Wireguard you need to map a static IP address in the VPN to a client key permanently as dynamic IP assignment is not available. The private IP address is easily found out by anyone. Once we receive a request by a proper authority about the VPN IP address we can link the address to a unique account. That's a serious privacy concern that does not exist in OpenVPN. Now that we have ChaCha20 cipher even in OpenVPN Data Channel (including our OpenVPN 3 library), there's no pressure to push our customers toward dangerous solutions just for marketing reasons. We can quietly wait for a Wireguard's stable release featuring all the implementations we need (dynamic IP addresses and TCP support). Kind regards
  16. 4 points
    Staff

    New 1 Gbit/s server available (AT)

    Hello! We're very glad to inform you that a new 1 Gbit/s server located in Vienna (AT) is available: Beemim. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Beemim supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Beemim/ Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  17. 4 points
    Staff

    New 1 Gbit/s server available (LT)

    Hello! We're very glad to inform you that a new 1 Gbit/s server located in Siauliai (LT) is available: Tarf. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Tarf supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Tarf Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  18. 4 points
    giganerd

    AEAD Decrypt error

    It only happens with UDP. TCP works around this problem. Usually it means that something on your line is doing Quality of Service "optimizations" like reordering or rerouting packets on the fly. DOCSIS (TV cable)-based internet access is known for that, but I'd look in your own network first and look at firewalls you might be using on your PC or the router. Some of the latter have things like "UDP flood protection" or "QoS" on.
  19. 4 points
    Staff

    New 1 Gbit/s server available (LV)

    Hello! We're very glad to inform you that a new 1 Gbit/s server located in Riga, Latvia, is available: Felis. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Felis supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/felis Felis brings for the first time 1 Gbit/s connections availability in Latvia meant to replace in the very near future all the current 100 Mbit/s ports and lines. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  20. 4 points
    Staff

    Netflix sees I'm on a VPN

    Hello! Netflix USA and only USA is accessible from AirVPN servers as usual if and only if your system queries AirVPN DNS (which happens by default with our software). EXCEPTION: the following servers can not reach Netflix USA at the moment;: Kruger Sneden Fang Nahn Sham Also note that Netflix application has been reported as maliciously bypassing system DNS or exploiting other techniques to disclose your real location. You will be blocked if you are not in the USA in Netflix' app belief, but it's not a fault of our system. Deleting application's cache and then running it only and uniquely when the device is connected to the VPN has been reported as solving the problem in various cases. @giganerd Connecting through a VPN to stream Netflix USA when you are in the USA makes sense in any case (check the wars of major USA ISPs/transit providers against Netflix to get paid by Netflix in order to not block its traffic). Unfortunately Netflix at the end of the day sided with those who have contributed to dismantle the Internet and Net Neutrality in some countries of the world and in this sense it's just another enemy of that very same infrastructure and technology that made its fortunes. Kind regards
  21. 4 points
    Staff

    Black Friday Week Sale 2019

    Hello! We're very glad to inform you that the Black Friday week has just begun in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. And that's not all: AirVPN offers five simultaneous connections per account, IPv6 full support, AES-GCM and ChaCha20 encryption ciphers and even more, exclusive features: https://airvpn.org/topic/28153-ipv6-support-and-new-smart-features/ AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with key features: https://airvpn.org/forums/topic/44069-openvpn-3-development-by-airvpn/ Any doubt or question? Please check the following, awesome guide first: https://airvpn.org/forums/topic/45694-airvpn-sales-things-to-know/
  22. 3 points
    Staff

    How to use wintun driver in Windows

    Hello! Although wintun driver is not yet in stable form, it already resolves many issues caused by the TAP-Windows driver, including the infamous bandwidth bottleneck which has always plagued Windows tun/tap virtual network interface. Dramatic performance boost has been observed multiple times on various Windows systems. If you have problems with TAP driver installation or you experience poor performance, or you have stability issues, or sometimes your tun/tap interface mysteriously does not come up and requires a reset, consider to drop the TAP-Windows driver and migrate to wintun driver. Starting from OpenVPN 2.5 tech preview, OpenVPN can use the wintun driver. Here you can find all the instructions as well as integrating OpenVPN 2.5 with wintun and Eddie Windows edition, AirVPN free and open source software for Windows. wintun driver is only for Windows. Other systems do not need it at all. Please make sure that no antivirus or packet filtering tool interfere. 1) Install OpenVPN 2.5 tech preview with wintun driver. https://build.openvpn.net/downloads/snapshots/openvpn-install-2.5_git-I607-Win10.exe (Windows 10) Please make sure that the installer installs the wintun driver too. 2) Configure Eddie to run the new OpenVPN you have installed: from Eddie's main window select "Preferences" > "Advanced" in "OpenVPN custom path" select the proper OpenVPN binary file you have installed in point 1, through the file requester (by default and assuming that your HDD is C, it will be C:/Program Files/openvpn/bin/openvpn.exe) click "Save" 3) Configure Eddie to send a directive to OpenVPN to use the wintun driver: select "Preferences" > "OVPN Directives" from Eddie's main window in the directives field enter the following line: windows-driver wintun press ENTER at the end of the line click "Save" Kind regards
  23. 3 points
    Staff

    Hummingbird 1.0.3 released

    Hello! We're glad to inform you that Hummingbird 1.0.3 has just been released. Hummingbird is a free and open source software by AirVPN for: Linux x86-64 Linux ARM 32 (example: Raspbian for Raspberry Pi) Linux ARM 64 macOS (Mojave or higher version required) - please do not miss important notes on macOS below based on OpenVPN3-AirVPN 3.6.4 library supporting CHACHA20-POLY1305 cipher on OpenVPN Data Channel and Control Channel. Hummingbird is very fast and has a tiny RAM footprint. AES-CBC and AES-GCM are supported as well. Version 1.0.3 uses OpenVPN3-AirVPN 3.6.4 library which had major modifications: IPv6 compatibility has been improved override logic has been improved a critical bug related to a main branch regression for TCP connections has been fixed Important: if you build Hummingbird please make sure to align to AirVPN library 3.6.4. You can't build Hummigbird 1.0.3 with library versions older than 3.6.4. Hummingbird is not aimed to Android but you can have CHACHA20-POLY1305 on Android too: please run our software Eddie Android edition, which uses our OpenVPN3-AirVPN library. Important notes for macOS users From now on we provide both a notarized version and a non-notarized version of Hummingbird for macOS. The notarized version is available essentially for those users who required it, but it is not recommended. The notarized version will run without blocks by Apple's Gatekeeper, but will let Apple correlate your real IP address, Apple ID and other data potentially disclosing your identity to the fact that you run, and when you did it for the first time, an application by AirVPN. If that's not acceptable for you, just download the tarball package .tar.gz (it is NOT notarized and NOT signed with our Apple developer ID on purpose) and include it in the exceptions to run non-notarized programs. In the future that could be no more allowed, but at the moment it is. For a more thorough explanations on important privacy issues caused by Apple and notarization please see for example here https://lapcatsoftware.com/articles/notarization-privacy.html and here https://lapcatsoftware.com/articles/catalina-executables.html Notes for Linux users x86-64 version requires a reasonably recent distribution (at least on par with Debian 9 kernel and libraries) based on systemd. A version compatible with SysVInit is anyway planned armv7l version (32 bit) has been tested in Raspberry Pi 3 and 4 with Raspbian 10. It will not run in Raspbian 9 (libraries are too old) aarch64 version (for 64 bit ARM) has been tested in Raspberry Pi4 with Ubuntu 19 and Ubuntu 20 for ARM 64 bit TCP queue limit If you connect over TCP, Hummingbird will set by default a minimum TCP outgoing queue size of 512 packets to avoid TCP_OVERFLOW errors. If you need a larger queue in TCP, the following option is now available from command line, in addition to profile directive tcp-queue-limit: --tcp-queue-limit n where n is the amount of packets. Legal range is 1-65535. We strongly recommend you to allow at least 512 packets as queue limit (default value). Larger queues are necessary when you connect in TCP and need a lot of open connections with sustained (continuous) but not necessarily high throughput, for example if you run a BitTorrent software. In such cases you can enlarge the queue as much as you need, until you stop getting TCP_OVERFLOW. It's not uncommon from our community as well as our internal tests to set 4000 packets queue limit to prevent any TCP overflow. If you connect over UDP, you can ignore all of the above. Network Lock Network Lock prevents traffic leaks outside the VPN tunnel through firewall rules. Hummingbird 1.0.3 widens --network-lock option arguments. The following arguments are now accepted: on | off | iptables | nftables | pf (default: on). If you specify on argument, or you omit --network-lock option, Hummingbird will automatically detect and use the infrastructure available on your system. Hummingbird picks the first available infrastructure between iptables-legacy, iptables, nftables and pf. Note: command line options, when specified, override profile directives, when options and profile directives have the same purpose. Binaries download URL https://gitlab.com/AirVPN/hummingbird/-/tree/master/binary Complete instructions https://airvpn.org/hummingbird/readme/ Hummingbird source code https://gitlab.com/AirVPN/hummingbird OpenVPN3-AirVPN library source code https://github.com/AirVPN/openvpn3-airvpn OpenVPN3-AirVPN library Changelog Changelog 3.6.4 AirVPN - Release date: 23 May 2020 by ProMIND - [ProMIND] [2020/05/23] completely changed the logics controlling overrides (server, port and protocol) client/ovpncli.cpp: parse_config() Properly assigned serverOverride, portOverride and protoOverride to eval.remoteList client/ovpncli.cpp: parse_config() In case serverOverride is set, remoteList is cleared and recreated with just one item containing serverOverride client/ovpncli.cpp: parse_config() In case portOverride or protoOverride is set, all the items in remoteList are changed accordingly openvpn/client/remotelist.hpp: Added public method set_transport_protocol_override() to assign the override protocol to all items in remoteList openvpn/client/cliopt.hpp: ClientOptions() now calls remote_list->set_transport_protocol_override() instead of remote_list->handle_proto_override() Hummingbird Changelog Changelog 1.0.3 - 3 June 2020 - [ProMIND] Removed --google-dns (enable Google DNS fallback) option - [ProMIND] Improved flushing logics for pf - [ProMIND] Updated to OpenVPN3-airvpn 3.6.4 *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0.2 - 4 February 2020 - [ProMIND] Updated to OpenVPN3-AirVPN 3.6.3 - [ProMIND] Added --tcp-queue-limit option - [ProMIND] --network-lock option now accepts firewall type and forces hummingbird to use a specific firewall infrastructure *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0.1 - 24 January 2020 - [ProMIND] Updated to OpenVPN3-AirVPN 3.6.2 *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 - 27 December 2019 - [ProMIND] Production release *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 RC2 - 19 December 2019 - [ProMIND] Better management of Linux NetworkManager and systemd-resolved in case they are both running - [ProMIND] Log a warning in case Linux NetworkManager and/or systemd-resolved are running *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 RC1 - 10 December 2019 - [ProMIND] Updated asio dependency *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 beta 2 - 6 December 2019 - [ProMIND] Updated to OpenVPN 3.6.1 AirVPN - [ProMIND] macOS now uses OpenVPN's Tunnel Builder - [ProMIND] Added --ignore-dns-push option for macOS - [ProMIND] Added --recover-network option for macOS *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 beta 1 - 28 November 2019 - [ProMIND] Added a better description for ipv6 option in help page - [ProMIND] --recover-network option now warns the user in case the program has properly exited in its last run - [ProMIND] NetFilter class is now aware of both iptables and iptables-legacy and gives priority to the latter *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 alpha 2 - 7 November 2019 - [ProMIND] DNS resolver has now a better management of IPv6 domains - [ProMIND] DNS resolver has now a better management of multi IP domains - [ProMIND] Minor bug fixes *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* Changelog 1.0 alpha 1 - 1 November 2019 - [ProMIND] Initial public release Kind regards & datalove AirVPN Staff
  24. 3 points
    Hello! We updated right now the footer and specs page with the new address. There are some points where our CMS still redirects to SSL version, we are working to fix all of them, please be patient. Kind regards
  25. 3 points
    @HannaForest @philips @giganerd Hello! We made a Onion v3 address. The hidden service is provided by a dedicated server through http (no certificate warning), and we added HTTP-header "onion-location" that recommends the .onion version. Kind regards
  26. 3 points
    eburom

    Hummingbird boot script

    Hi, if you use systemd you can set up a unit to do the job: I will assume you have a ovpn file with which you already run hummingbird: /path_to_your_file/hummingbird_boot.ovpn And hummingbird executable at a known place. If installed it can be checked running: $ which hummingbird /usr/bin/hummingbird I will assume this location. The systemd unit is nothing but a text file with some directives. You can create it as root with your preferred editor, place it in /etc/systemd/system and name it as you wish. in this case: /etc/systemd/system/airvpn.service (based on a suggestion in https://aur.archlinux.org/packages/hummingbird-bin/ ) [Unit] Description = AirVPN Client (hummingbird) Wants = network-online.target After = network-online.target [Service] ExecStart = /usr/bin/hummingbird /path_to_your_file/hummingbird_boot.ovpn Restart = always [Install] WantedBy = multi-user.target Note: make sure it is owned by root, in case you edited as your user and then sudo copied it. At this point you are all set, now you can use it as any other service: Make it run in that moment: $ sudo systemctl start airvpn Set it to start at every boot: $ sudo systemctl enable airvpn Restart while running: $ sudo systemctl restart airvpn Stop it: $ sudo systemctl stop airvpn Unset it to boot every time: $ sudo systemctl disable airvpn Check it's status: $ sudo systemctl status airvpn Access its logs: $ journalctl -u airvpn I think those are the more used ones. Haven't tried it in a raspberry but it works in some other systems.
  27. 3 points
    giganerd

    AirVPN 10th birthday celebrations

    This provides me with an opportunity to say Thank you to AirVPN as well. I've been on this ride for nearly seven years now and I've seriously grown to fully trust AirVPN with whatever I do on the internet, in terms of both tech and ideology and the stability of both. Doesn't matter if I'm downloading with BitTorrent, playing a game or two or simply browsing the internet, it feels like nothing changed in terms of throughput or latency, while knowing that those activites are safer to use from a privacy point of view and that AirVPN will not sell me out. Now, I know that experiences vary and someone somewhere in the world don't enjoy the same quality of the service as I do – I live in Central Europe, after all. Problems are there to be solved, and that is what the AirVPN community does, which I personally see among the strong points of AirVPN: Despite the efforts of everyone to stay private and anonymous, even to the point of complete paranoia and exaggeration, there's still something I'd describe as the "AirVPN community spirit". When I started using AirVPN in 2013, and a short while after also spontaneously deciding to contribute to the forums, I didn't think how far this dedication would go. Well, here we are. Even though I was trying to help others, it would be a lie to say that I didn't learn anything myself. Through the forums I was able to pick up bits and pieces, read further manuals and how-tos, try things out myself, then pick up some more bits, read further, test deeper. The AirVPN community gave me some interesting hints and insights I wouldn't have gotten any other way and also influenced me on some of the more incisive decisions of mine. A humble example would be the decision to ditch Windows altogether, something that largely came from the community, and from the day I did that I not only learned more about the finer things of I.T., I was even able to directly translate what I learned into my job. Knowledge earned me respect, respect earned me.. well, nothing bad, you can be sure of that. Did I say that I never expected the decision to get involved here to turn out this way? As of today, AirVPN is the reference I compare the rest of the VPN providers to. Thank you again for the great service and may the next ten years be as good as the last and better!
  28. 3 points
    AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES. The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction. Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union. The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure. Given all of the above, we repute that these acts: - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights; - are an attack against the Internet infrastructure and the cyberspace; - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired; and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses. In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time. Kind regards AirVPN admins
  29. 3 points
    Hi to all, the latest Eddie 2.18.8 experimental released today, works with wintun, please test if interested. Go to https://openvpn.net/community-downloads/, at bottom "OpenVPN 2.5_git wintun technology preview", click the "here" link and install. If you already have the right "openvpn.exe", use it directly: Eddie will install the wintun driver when needed, and also create the adapter. Eddie -> Settings -> Advanced -> OpenVPN Custom Path -> choose your "openvpn.exe" from 2.5, if already installed probably it is "C:\Program Files\OpenVPN\bin\openvpn.exe". At this point, Eddie will use OpenVPN 2.5 (but still with standard TUN driver). Eddie -> Settings -> OVPN directives -> Custom directives, add "windows-driver wintun". At this point, Eddie will use the OpenVPN 2.5 with the newest Wintun driver.
  30. 3 points
    benfitita

    Custom random server config generator

    Parse bw_max server info field as an integer New version available here: https://ellie-app.com/8jfYjngsLk3a1
  31. 3 points
    Just replying to a semi random AirVPN Team post here to remind you that you all are on the right side of History. This is important work you are doing, and it seems that you are working hard at it. Respect.
  32. 3 points
    Staff

    Please Fix this Website

    Hello! Our web site is very frequently and heavily flooded and we have reached, we think, a good balance between flood protection and web site usability. We will keep trying to improve it in order to make things better and keep the web site accessible even in those cases it is still not, without adding annoying barriers and permanent blocks. It must be said that usually you don't even see when a flood is ongoing, except for some sluggishness in loading pages, but at the same time of course anything can be made better in general. It is also true that flood events have become more frequent in the last month. Furthermore, we will also verify whether some of the interruptions you mention are really caused by floods or by something else. Kind regards
  33. 3 points
    @nick75 Hello! Yes, actually this is planned, please stay tuned. :) Kind regards
  34. 3 points
    Personally I think that we should trust the Staff and AirVPN. We trust this service to protect our privacy, and AirVPN's mission statement (https://airvpn.org/mission/) is crystal clear. I don't think they are a bunch of lazy masochists who like scourging themselves with hundred of thousands lines of code instead of few thousands, they are people interested in standing by what they have written and when they say that they prefer using technologies validated, audited and tested they are just doing what we pay them for: protect OUR privacy and freedom; moreover, the service is not just used by Netflix users, torrenting people, and so on, but also by activists, NGOs, journalists and dissidents who can seriously risk their life if their privacy is left "unprotected" because the software they are using has not been properly and thoroughly tested. At the moment, to my knowledge, AirVPN is using the state of art (technically a bit more because they have improved OpenVPN forking it) of the VPN technologies to protect users' privacy both on desktop and mobile. When, and if, the time will come, and Wireguard will be the de facto industry standard (because audited, tested, validated in different case scenarios over the months/years) and will replace OpenVPN because it has 1) better performances 2) stronger user's privacy protection and it will be 3) easier to maintain I'm more than sure that it will be adopted also by AirVPN.
  35. 3 points
    Staff

    TLS keydir direction usage

    @Air4141841 Hello! key-direction 1 when you use TLS Auth key (i.e. you connect to entry-IP addresses 1 and 2). Omit it when you use TLS Crypt (i.e. you connect to entry-IP addresses 3 and 4), because it's not pertaining to TLS Crypt. For an explanation, look for secret file [direction] and –key-direction in the manual https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/ If you run OpenVPN 2.4 or higher version, TLS Crypt is recommended because it encrypts the whole Control Channel, with the important side effect to make OpenVPN "fingerprint" not detectable by Deep Packet Inspection (some ISPs, when they detect OpenVPN "fingerprint", enforce traffic shaping). Kind regards
  36. 3 points
    Thank you @Staff for your transparency and hard work.
  37. 3 points
    @inc Hello! A GUI is planned, when the Hummingbird "backend" will run as a daemon. We are already working on it, right now. At the moment you can see the information you need on the standard output, and rightly so! Hummingbird 1 "branch" must remain a light and stand alone binary with no graphic requirement of any kind. If you need a GUI at the moment please run Eddie. The problem you mention looks like a failure to DHE. Do you notice a similar problem with OpenVPN 2.x or not? Kind regards
  38. 3 points
    I am going to stop conversing with you as this is a circular conversation and it seems that you would like to be confrontational for no good reason, you keep repeating all these unfounded accusations such as I "snitched" on another user or that I published someone's "personal information". when I did not make any mention of any other user or users at all and the only "information" mentioned was the servers which were being used as tor nodes. Please do show me exactly how I have "snitched" on others and exactly whose information I have allegedly publicized. I also find it a bit strange that you keep insisting that I want AirVPN to block any protocol, as I am all for net neutrality and If I wanted block protocols I would use my home internet without VPN, but obviously this is not the case. Lastly I would like to clarify that I never attempted to chase after or identify anyone running these servers , nor do I wish to, ,just listed the VPN servers affected so other users can be aware. I have no ill will towards anyone at all because of what protocols they are using, and no desire for protocols to be censored/blocked, if that is what you got from my post then you have misunderstood it. The most anyone can ask is for the operators of the exits in question to be informed about the effects of running them . Anyway, unless you would like to say something constructive, I'm going to leave you to it. Good day, sir
  39. 3 points
    You may well know that it's a DDoS protection mechanism. You may also be as far as knowing that aek_v is version (currently 14, as seen in your screenshot; your blur is ineffective, I'm afraid) and aek_url is where to redirect the browser after a successful check. Now, the /entry webpage has some JavaScript code there which I didn't read too closely. But it suggests that the browser is to run some calculations, the result of which will be checked against what the server calculated. The aek_id might identify the calculation on the server against which the result of the browser is checked. If they match, you may pass. I assume this checks whether JavaScript runs and whether it runs correctly (as in, it's not a dummy/stub) on the client. DDoS against web servers is usually not done by normal browsers but by automated programs mimicking them. As such, they don't usually run JavaScript. So those bots keep attacking the shell of a clam (that checking server) and the pearl inside is safe (AirVPN forums). Edit: I found a related Stack Exchange question about CloudFront's protection mechanism (the infamous Checking your browser, you will be redirected in five seconds page).
  40. 3 points
    Hello! NEWS We have a name for the software! Stable version of Hummingbird has just been released! Please check the first post in this thread for updated links, instructions and changelog. Kind regards
  41. 3 points
    Under "custom OpenVPN directives." section in Eddie. That is where you add your desired choices: ------------------------------- windows-driver wintun rcvbuf 562144 sndbuf 562144 ------------------------------
  42. 3 points
    Hello! We're very glad to inform you that two new 1 Gbit/s servers located in Vancouver (Canada) are available: Nahn and Sham. The AirVPN client will show automatically the new servers; if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). Servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Nahn and Sham support OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check servers status in our real time servers monitor: https://airvpn.org/servers/Nahn https://airvpn.org/servers/Sham Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  43. 3 points
    Hello! @giganerd Bug detected and fixed, a new testing version is almost ready to be deployed. Thanks! @QueenSasha Thank you, actually speed, efficiency and low RAM footprint have been a priority in OpenVPN 3.3 AirVPN design. Glad to hear that you get remarkable performance boost in Raspberry. Our OpenVPN 3 development goes on and is aimed as usual to bug fixing and new features implementation. Developer will answer soon to your technical questions, in the meantime feel free to keep us posted if you find any glitch or bug. @usr32 Great comparison thank you! We are surprised that you could beat AES with ChaCha20 in an AES-NI supporting machine. Can you please specify the whole architecture? We would like to make some verifications with OpenVPN 3+mbedTLS for AES-NI support in specific archs. @GJElde So you made an OpenVPN text configuration file +x and you tried to run it? @maxandjim Thank you, we will investigate asap. Kind regards
  44. 3 points
    renehoss

    Spooky Halloween Deals

    I for one am not happy about this gigantic popup on my computer screen every time I start a VPN session. This pop up is reason for me to _not_ prolong my subscription at this time and will decide at the moment it ends. Surely disappointed. I am a paying customer and do _not_ whish to be spammed by irrirating popups. Please fix this by making this kind of advertisments an option in the settings.
  45. 3 points
    SpiderDisco

    Spooky Halloween Deals

    A notice about saving money is fine in an email. Having a popup on my computer telling me to "save money now!" is not the appropriate way to convey this information. Maybe it would have been in 1998, but its 2019 and popup ads are frowned upon by most people. There is a reason every modern web browser blocks pop up ads by default. Its an annoying and disrespectful way to get someones attention. We are paying customers and you already have our email addresses, just send us an email. That's how every other business communicates with their customers. I'm very happy with my AirVPN service, but I feel this type of notification should be handled differently.
  46. 3 points
    BlueBanana

    ANSWERED Eddie and torrenting

    Disable µTP in the settings, as it is known to slow down your speeds. Forward a port in the AirVPN client area, enter it in qBittorrent and disable UPnP. Don't forget turn on AirVPNs Network Lock; better safe than sorry! Regards, BB
  47. 3 points
    Greeting everyone. I tried few different solutions like disabling IPv6 which cause Eddie to freak out and restart the connect since it will try to reattempt to connect IPv6. After looking around and found a right solution for this issue. It is something to do with the gateway that OpenVPN don't have the support for. Office 365 and Microsoft product relies on gateway for detecting network activity. The way Eddie/OpenVPN are designed to keep the gateway blank is the cause of the issue. The I found the solution from this forum, Here is the link to the actual solution of the problem. I can confirm it finally working with Eddie running. https://www.macwheeler.com/windows-10-office-365-cannot-connect-over-openvpn-fixed/ It like what JimDandy posted. The guide recommend putting 192.168.0.1 in TAP's gateway in IPv4 Advanced option. The link have the guide step by step how to do it. I can confirm it works for me. And I haven't got any complaints from OneDrive and Office 365 with this guide. Edit: One last thing I forgot to add in this comment. Generally the default gateway is 192.168.0.1, there is a few routers which will use a different address. I have T-Mobile Personal Cellspot TM-AC1900 (rebranded Asus AC1900) which use different gateway address in my case, it is 192.168.29.1. If it didn't work with the common default gateway address (192.168.0.1), then it is likely it have a different gateway address. If you need to locate it, do not activate the VPN because it will show blank. For Windows, go to PowerShell (or CMD), then type "ipconfig" without the quote. Then look for "Default Gateway", you will see the IPv4 address at the end of it. That is the address of the default gateway.
  48. 3 points
    Staff

    Why You Can’t Trust NordVPN

    Hello! The situation is not what you describe, since, according to the article we linked: 1) the CEO of Tesonet, the CEO of ProtonVPN and the CEO of CloudVPN are all the same one person. 2) CloudVPN is not a payment processor. It uses PayPal to collect subscriptions from NordVPN. It's not that you pay to NordVPN via a payment processor called "CloudVPN", you pay to CloudVPN via some payment processor (PayPal for example). In such transactions CloudVPN is not the payment processor, it is the final beneficiary of your payments. To allow such payments via a web site interaction with PayPal, PayPal wants that the beneficiary is the web site owner. Additionally, the developer of NordVPN application in the Google Play Store is CloudVPN. The developer of ProtonVPN application in the Google Play Store is Tesonet. So you know that: - CloudVPN is not a payment processor in the transaction phase, but the beneficiary of the payment - CloudVPN signs the application(s) of NordVPN (therefore it has full access to Google Play Store keys of NordVPN) - Tesonet signs the application(s) of ProtonVPN (therefore it has full access to Google Play Store keys of ProtonVPN) - the CEO of Tesonet, CloudVPN and ProtonVPN is the same person - CloudVPN introduced itself to PayPal as the web server owner of NordVPN This is a matter of trust, and when trust is involved, a lack of transparency should trigger a red alert. This is plainly incorrect even under a purely technical aspect. With Wireshark etc. you can only see that your packets go to or come from the VPN server. You have absolutely no idea of what happens once they are there, outside of your control. As an additional side note, please keep in mind that data mining does not necessarily involves inspection of the traffic content, which is rather trivial and obvious (another trivial consideration: otherwise end-to-end encryption would have meant death of intermediary data mining worldwide ). Kind regards
  49. 2 points
    This is very exciting to me. I've been trying to find a good openvpn cli for Docker (with network lock, reconnects, etc), and upon initial testing I think this might be it. The Eddie cli has always been painful and unreliable in Docker. This doesn't appear to be a great desktop solution, though I did set it up to run in a tmux session at boot. It's nice to have a status icon either via Eddie or Gnome's vpn interface. That said, this is a great addition to my VPN client arsenal.
  50. 2 points
    Running 1.0 on Arch Linux, so far so good. What would be the recommended way to automatically run $ sudo ./hummingbird your_openvpn_file.ovpn at startup? Thanks.
×
×
  • Create New...