go558a83nk

Is there an answer for this question? if you want only one key then have only 1 key. if you have only one key it'll be the default.

Interesting. The new keys are SHA512, not SHA1.

What is your goal? Most services (e.g. Netflix) the ATV uses will block connections coming from VPN users.

AirVPN doesn't yet support tls-crypt but support is expected this year sometime. When it is available you'll have to download new configs with tls-crypt for openvpn for iOS since openvpn for iOS doesn't allow editing of already added configs (last I looked).

Hello! iptables rules restored when you close Eddie: intended and expected. When Eddie crashes, we can't see how it can modify iptables rules or do anything else. Network Lock is a set of iptables and ip6tables rules, please feel free to clarify. Kind regards I'm running Mint 18.3 (or 18.2 and 18.1 and so on in the past) in a VM and as happens sometimes the Eddie GUI crashes, but openvpn is still running. I'll just reboot at this point. When I rebooted in the past the network lock rules were still running because Eddie wasn't shut down properly. But, I've noticed lately that network lock rules are not in place upon reboot. Sounds like I'm seeing the same thing as the OP.

https://eddie.website/download/?platform=windows-10&arch=x64&ui=ui&format=installer.exe&version=2.13.6 Try that link. But, it sounds like you may be doing it wrong. You click the button that you need for 64 bit, or 32bit, then for installer or portable, then for graphical or command line, The you click download.

I just tested and it's working for me. Do you have some addon or other security software that could be blocking it?

But then how does the router connect to the VPN in the first place? The dd-rwt howto recommends using the IP address of a single server in the .ovpn file, so no DNS resolution is required. But isn't there a way round that, just as there is with a desktop computer (using openresolv)? As I said above, I am using OpenWRT, not dd-wrt, but I looked at the howto for that. The details are surely different, but the situation and basic principles must be the same. That sounds like a possible answer to the problem. So how do you do that? In case it is not obvious, I should perhaps say I am new to this. This is my first attempt at making a VPN router. Using AirVPN with openvpn on a Linux desktop is so straightforward that doing so for a year or two has taught me next to nothing about networking. I'm unfamiliar with dd-wrt so I'm not much practical help, just idea help. My point is re 10.x.0.1 is that you wouldn't need to do anything special to force DNS requests to that address through the tunnel because through the tunnel is the only way it can be reached. I understand that using only that IP as DNS prevents you from resolving the country address when the tunnel isn't up. If dd-wrt doesn't support policy routing or a way to switch DNS to VPN DNS, then my suggestion is to search for the best current tomato distribution and use that, for I know it has an option to switch DNS to the VPN. That was years ago when I used it, so I'm no help now. Or, if you have an Asus router, use merlin-asus firmware.

dd-wrt doesn't have an option to switch to DNS of the VPN upon connection? tomato does, so does merlin-asus. point is, you know the DNS request is going through the VPN tunnel if you're using 10.x.0.1 for DNS server. Or, if dd-wrt has policy routing you can create rules such that any traffic to DNS servers you specify (opennic) have to go through the VPN tunnel.

Yea, just wanted to make sure I'm not missing anything so I've put these domains into routes and directives. However I've just set up Manjaro (linux distro based on arch) as dual boot and installed the client from the arch user repository. Now I've set up the same routes and it's working perfectly fine, when using windows it still doesn't work (at least for netflix). But I guess it's enough for me if it at least works on linux. please make sure your VPN is working properly. I must say I'm quite surprised.

network lock can't turn on until Eddie starts up. if you really must not have any network activity outside the VPN tunnel then turn off your wifi or unplug your ethernet until Eddie is running and network lock is activated.

It's pretty much impossible to accomplish this because Netflix uses servers such as AWS to stream. You'd have to route all of AWS outside the tunnel as well. Early on after Netflix began blocking VPN traffic you could do what you're doing but that was quickly squashed. BTW, I think you're being redundant in putting domains in the routes tab and also in custom directives. Also, putting those domains in the addresses allowed field of the network lock tab is correct but allow detected DNS shouldn't matter if you're using AirVPN DNS.

It has been written by Air staff that tls-crypt is coming soon.

Staff understood you to mean that you were connecting to any "American" server, which could include Canadian servers. If you are connecting directly to a USA server and you're sure all geolocation databases have the correct location for that server, then it's possible you have a leak. What does ipleak.net say?

Clodo mentioned one of the reasons for the delay in another thread. It seems some of the problem is not AirVPN's fault at all but rather a lack of capability of openvpn. Thus Air has to workaround.

I hope you're aware that AirVPN doesn't do a canary and have given their reasons for not doing so already in the past.

Did you try other ports besides UDP 53?

Sounds like you’re not connected to a server.

Use Asus Merlin firmware and don’t concern yourself with DNS except to select exclusive for the DNS option in the OpenVPN client setup.

Same, here. My mint 18.3 is a virtualbox guest.

oh, you're connected just fine. it's checking route that's failing. In advanced settings disable the option to "check if the tunnel works" but I suggest you do use network lock, if you're not already.

Good to hear. Use the network lock. There's a setting to allow local network access even with network lock on. You shouldn't have to add routes to get to your router.

Show all, then scroll to the one blacklisted and fix it.

What are they supposed to do about sites blocking their servers? There's a difference between being blocked for geolocation rules and being put on a blocklist due to IP address range, or because some idiot got the server blocked because of abuse. Unfortunately, I've even been blocked by pfsense forums because they use some database that had the server I used on a blocklist. What issues? Don't like the forums? Create your own. It's theirs to control. They don't control the whole internet. The fraction they do control is a tiny speck of the whole matter. Their servers are blazing and I regularly get 400mbit/s speeds when the actual content server (e.g. Microsoft updates) can handle it. On the other hand, I've tried other providers and not been pleased at all.

AirVPN servers don't use port 89. Post a log here so we can see what's up.