go558a83nk

If you're using the AirVPN (Eddie) app then you certainly do *not* want to enable DMZ on your router. That's a potential security risk. DMZ is not needed in this case. In fact, I can't really think of a case where DMZ is needed in conjunction with openvpn. As to why port forwarding isn't working we'd need more information on your setup.

the easy thing to do is just blacklist (in eddie) the server you don't want to connect to.

You can have multiple connections to the same server if you use different ports (at the server) or if you use different keys https://airvpn.org/devices/ . However, multiple connections to the same server means port forwarding won't work unless Air comes up with the ability for us to direct which key/device the port forward goes to.

All traffic is routed through the tunnel. Problem is that, if not using AirDNS, requests to other DNS servers are unencrypted after the AirVPN server. Sure, they are recursive DNS that Air runs but the requests they make to authoritative DNS are not tied back to you. If you use another DNS like 1.1.1.1 you also still have some anonymity since you're one of dozens of people using the VPN server.

There's a guide for pfsense on this website/forum, or there are others around the web. The hardware build doesn't have to be spectacular. Just an AES-NI CPU, small amount of RAM, small hard drive, dual network card, power supply and motherboard, of course. I was building pfsense box at lowest cost and what was cheapest for me was a regular tower case sort of setup. Putting the parts together wasn't difficult. If you've never done it, you can certainly find help online. Anyway, I'm talking only like $150 was spent but it'll do at least 430mbit/s with AirVPN. I don't know how much higher because that's my ISP max. Some people need the box to be small and pretty and I don't know how to accomplish that except to just buy one.

Asus is making some router(s) with AES-NI CPUs now (e.g. ac86). But, if you really want performance then build your own with an AES-NI capable desktop CPU running pfsense or the like.

No, the listening server is whatever you're trying to forward a port to. If that's not up and running and listening on the port you've assigned in the port forwarding rule the test will fail.

A firewall on my end? Because I don't have one running. What steps should I take to troubleshoot this from here? Are you using Eddie and is the listening server on the same machine running Eddie?

10.4.0.1 if you want to use AirDNS to get stuff like Netflix

this is my experience exactly. i have a pfsense router. i have plugged in static DNS to the TV and in the router to assign to my TV. i still get blocked content. if i boot up a laptop, my mac or other laptop using Eddie client it works just fine. i've tried to look at the configuration within Eddie and matched to my openvpn custom configuration. and it still does not work. i don't think this is Airvpn's issue. i feel that the Android OS is the issue. i also had this issue on a LG tv. WEBOS. and that was why i bought a Sony. but have the same issue... SIGH Air Staff is saying to make a rule like this where for you redirect any DNS query that's not to the DNS server you want to the DNS server you want. See /firewall_nat.php

Thanks but it doesn't work as soon as i turn on the VPN PlanePlotter stops uploading and downloading Is there a way to test if the port forwarding is actually working? My guess is that planeplotter need to announce to peers what the external (public) port is since it's different from the usual due to having to share the VPN with other users. Peers try to connect to the default and that's not what's setup. Do you have such a setting in the server? Apps that rely on port forwarding for remote access (e.g. Plex) have an option to use an alternate external (public) port.

Online Sessions: 15973 - BW: 71229 Mbit/s

Of course. But, you can setup a port forwarding rule with AirVPN and have remote access to Plex through the VPN.

https://airvpn.org/topic/28153-ipv6-support-and-new-smart-features/

Commendable work but what happens when your ISP loses the route to the server that was working so well?

1 is the default 2 is the same server setup as 1 but a different entry IP in case the default IP is blocked by your ISP 3 is tls-crypt 4 is the same server setup as 3 but a different entry IP in case the 3 IP is blocked by your ISP

Did you do anything "special" with your router to get that speed? I've seen others with that router struggle to get high speed even though it has the AES-NI CPU.

yep, those pfsense forums block a lot. it makes no sense for a firewall software to have as a huge part of their software openvpn server and client and yet block those of us using such a thing.

Think of it like this. You've got a huge map of Bitcoin addresses on a whiteboard. You know who sent some transaction, but not all. If you can get any clues as to who's who, it helps you to deduce the rest by process of elimination. Using vanity addresses (1myNaMEisBoBhfsfdfdhjfhdfdjfh) is a clue, and hurts everyone's privacy a little. For instance, anyone looking at the 1Air... addresses can assume these are all AirVPN addresses. That means any change that gets sent back to AirVPN customers is identified (although before, the Bitcoin payments service AirVPN required the customer email from AirVPN, so this is better) One thing: if anyone else uses 1Air... addresses, by random chance or deliberately as AirVPN do, then that will screw with doing analysis like this. But it's better if there's no extras info to use at all, I really hope this is changed OK, I'm looking at it from the perspective of having purchased my bitcoin anonymously using cash and hold it in an electrum wallet...and the receiving address is different from the sending addresses I use. So, even that it's seen that Air receives from "me" they don't know who "me" is. Then to link that transaction with my account on Air is a whole other big leap.

It's connected There's no problem here. That's just pfsense disconnecting from monitoring itself. I get hundreds of those notices. The "initialization sequence completed" is what matters. If you can't get any traffic through the VPN tunnel then your NAT and/or firewall rules are incorrect.

Have you tried just changing servers to see if that fixes it? I was having problems and changed server and it worked. Then I switched back to the location I liked, and it worked.

Yeah, I think all that "management" stuff is normal. It's just the router making a note that it checked on itself basically.

hash is not sha256. it's sha1 unless you're using tls-crypt configs, where it's sha512.

Those two default rules need to be deleted and it looks like you have a duplicate rule for "airvpn_lan allow outbound".

You need to follow the guide. Firewall rules are required. This note is under the "i" at the bottom of the firewall rules pages - "Everything that isn't explicitly passed is blocked by default." Therefore, if you don't create rules to pass traffic out the AirVPN gateway (or wherever you want it) it'll be blocked!