go558a83nk

Why not just try it and come tell us.  If the router supports wireguard, it supports wireguard.

1 hour ago, Aardvark56 said:

Thats a thought
[Interface]
Address = 10.aaa.bbb.ccc/10 - which is different.
PrivateKey = 
DNS = 10.128.0.1

[Peer]
PublicKey = 
PresharedKey = 
Endpoint = 213.152.161.180:1637
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 15

Works - thank you
Any idea why AirVPN use a /10 rather than something a lot smaller - its only a tunnel

On 7/5/2022 at 8:03 AM, Nagi2288 said:

Hi everyone,

I'm sorry if this has been asked before, I have been searching for a solution for hours and hours without any luck.
If anyone knows or can point me to the right direction, it'll be greatly appreciated.

My problem is that I want to access Plex remotely through AirVPN.
Why? Because my ISP has double NAT and remote access is impossible without paying extra for static IP.

I am using Unraid with Plex having it's own IP at 192.168.50.101
Router is Asus GT-AX11000 with latest Asuswrt-Merlin firmware.
Here are the steps I have taken.
 

1. Create a port through AirVPN Client Area, port is XXXXX
2. Tunnel traffic from 192.168.50.101 through one of AirVPN's servers
3. SSH to router, and add a nat-start file in /jffs/scripts
4. Reboot, script is verified to run from /jffs/syslog.log
5. Test port through AirVPN Client Area 

Testing the port fails with timeout errors.

nat-start script:

#!/bin/sh

iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o vlan1 -j DROP
iptables -I INPUT -i tun11 -j REJECT
iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE

iptables -I FORWARD -i tun11 -p udp -d 192.168.50.101 --dport XXXXX -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d 192.168.50.101 --dport XXXXX -j ACCEPT
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport XXXXX -j DNAT --to-destination 192.168.50.101:32400
iptables -t nat -I PREROUTING -i tun11 -p udp --dport XXXXX -j DNAT --to-destination 192.168.50.101:32400

tun11 should be the right interface, from what I've read it should correspond to OVPN1.
There's also tun12, which I assume is OVPN2.

It looks like this is a case of them blocking IP addresses they don't want accessing their server.

On 7/1/2022 at 2:44 AM, saud2 said:

Avoid this seedbox company at all cost. Do not give money to owner of PulsedMedia / Magna Capax Finland Oy. There is only one person behind this company which is Klaus Markku Aleksi Ursin.

1. Stability is bad. Prepare what your seedbox will turn off on monthly basis.
2. Speed is slow and network is congested. He is overselling like crazy.
3. No refunds and aggressive customer support
4. There was some big security issues and person who found the issue didn't get rewarded and banned on Discord.

This company is banned from /r/seedboxes for a reason. Be aware and read reviews.

re the openvpn setup

1) set accept DNS configuration to something like yes or exclusive.  that way you use AirVPN DNS.
2) AirVPN does not use compression so the two different compression settings you're using need to be gone.
3) I don't see anywhere that you're choosing the auth digest algorithm.  Is there another openvpn config page we're not seeing?  If you're using a tls-crypt config then you need to choose something different at "tls control channel security" and use sha512 for auth digest algorithm.  If using only tls-auth config then you have tls control channel security correct but auth digest is sha1.
3) I don't think your policy routing rule is correct but I've never used that OS.  It looks like you'd need to enable it at least.

6 hours ago, Dogcatchersito said:

So I tried this and there is still gateway overlap since they are still within range. Is there a way to get a gateway on a different segment? This would make configuration of two separate locations much easier with PFsense and Wireguard.

I'm on 2 dallas servers 24/7 and they perform well almost always.  The owner of the datacenter is quick to fix problems and has messaged me privately to make sure things are working well for me.  I like that.  I hope they don't move away from those servers!

those are internal and on different servers so it doesn't really matter.  it's like the fact that so many people in the world have a home router at 192.168.1.1.

but if you want them different then make new devices and setup your wireguard tunnels using the new device info....when you use the config generator you choose what device you want the config for.

https://airvpn.org/devices/

the OISD Full blocklist contains metrics.lowes.com and smetrics.lowes.com.  I wonder if blocking those is preventing the whole site from loading?

3 minutes ago, He who shall not be named said:

Wow.  I switched the primary DNS server on my router from 10.4.0.1 (AirVPN) to an OpenDNS address and was able to access all of the web sites right away.  Thanks @go558a83nk.

I'd prefer to use the AirVPN DNS for better privacy, but will have to go with this config for now.

6 minutes ago, He who shall not be named said:

The ping response means that the server is responding to a ping, not a HTTP request.  However, I'm getting reds across the board on HTTP responses- generally HTTP 301 and HTTP 403. 
 

1 hour ago, He who shall not be named said:

I just tried your link and got 100% failure rate.  I'm wondering if they release blocks after a certain period of time.  If anyone sees this post soon, can you try the same link above and see if lowes is blocked or accessible?  Thanks.

PS- I also got 100% error rate for https://airvpn.org/routes/?q=www.backyardchickens.com  Do you get the same?

if you use the checking route tool all seems well to lowes.  I didn't try the others.  https://airvpn.org/routes/?q=www.lowes.com
 

Switching from Dedipath to more m247. 😞

26 minutes ago, BuiltOnSelfSuccess said:

Resurrecting this post as it's been over 5 years of mostly pain free connectivity. I've been on a 200/20mbps line which this brilliant device ran with 3 load balanced simultaneous OpenVPN connections, I could manage a 180/20mbps connection. I've now been upgraded to a 350/30mbps connection and need something that can handle the connection speeds, spotted this with a Intel N6005 and wanted to run it past you clever bunch to see if you could confirm that I would be able to achieve higher speeds through the VPN connections?
 

I'm using qbittorrent on windows.

I don't think the torrent address checker requires any port be open for incoming connections.  It's just letting you know what IP address and port the torrent client is advertising to the world to make sure it's correct.

I just tested it and the torrent address checker worked for me.

To be more precise, it's not possible with the AirVPN app.  It is possible on something like pfsense using a gateway group and a downloader that makes multi threads of a download like the old downthemall extension...or 10 simultaneous downloads via ftp.

10 hours ago, ilikefish said:

Quote

Make sure the port you've forwarded with AirVPN is the same port for the local section and the remote

I don't know what this means. Would doing what you say explain why everytime I test the airvpn port it times out? Can you walk me through how to fix going over each step in detail?

2 hours ago, ilikefish said:

Edit - Ok I don't know why but all of a sudden it's working now. Torrents now work with network lock enabled. As long as the port in qbittorent does NOT match the forwarded port by Airvpn since those ports time out.

Do you have any idea how I can configure qbittorent to work with network lock? I'm absolute newb at this, and up until now have only been using the standard connection and kept everything default in both Airvpn and qbittorent.

I've tried doing the following:
 But it doesn't work. Interestingly if on this website I go to client area>forwarded ports>test open on any port they always say "Connection timed out (110)"  whether I have network lock enabled or not.

Really all I want to do is torrent with airvpn without getting a letter from my isp (which I did even though I had Airvpn on without network lock, so I assume Airvpn briefly went down and I didn't know it).

Network lock is the only way you can be sure that you aren't "leaking" outside the VPN tunnel.

I would bet that in your case you are leaking outside the VPN tunnel when torrents work.  Some mis-configuration somewhere is keeping the torrent from working properly through the VPN.

9 hours ago, OpenSourcerer said:

OpenVPN or Wireguard?
Latency to this server from your position?
Your ISP, if you're confortable sharing it, subscribed throughput and what kind of access technology (Fiber, Cable)?

I'm asking because I'll have a Gbit line by the end of the year, and the right way to achieve this is inconclusive, taking threads of the past into account.

20 hours ago, mazurka7 said:

Would you know why AirVPN do not provide their own public DNS servers for users instead of 10.4.0.1 and 10.5.0.1 unlike many other VPN providers? I'm just wondering whether there is some advantage to this approach.