Jump to content
Not connected, Your IP:


  • Content Count

  • Joined

  • Last visited

  • Days Won


Reputation Activity

  1. Like
    go558a83nk reacted to Staff in Server replacement (LV)   ...

    We inform you that the following servers in Latvia:
    Meissa Phact Schedir Shaula
    have become suddenly nonoperational because the upstream of our provider blocked all traffic. They should come back online within a couple of days, due to new deals with a new transit provider. However, all IP addresses will change. We have decided that this is a good moment to switch to new lines and servers: we are changing the previous 100 Mbit/s lines with 1 Gbit/s lines and ports, and replacing the hardware with more powerful CPU. The four 100 Mbit/s servers will be replaced by three 1 Gbit/s servers. Location will not change, the new servers will be in Riga.

    We should be able to announce the new servers in the next days.

    Kind regards and datalove
    AirVPN Staff
  2. Like
    go558a83nk reacted to thetechdude in Logging for DNS   ...
    There are a few misconceptions here.  There is a difference between logging DNS queries temporarily and logging VPN traffic.  It's possible to enable logs on DNS for like 5 minutes and then turn it off.  Let's say I'm trying to go to a site that Easylist, or any other list, blocks.  Wouldn't it be nice to know that, so that you could then make an exclusion?  This is something that every other DNS filtering service allows; ControlD, NextDNS, AdGuard Home, etc.  So, what I'm asking for is nothing new or scandalous in any way.
  3. Like
    go558a83nk reacted to Staff in New 1 Gbit/s server available (IE)   ...

    We're very glad to inform you that a new 1 Gbit/s full duplex server located in Dublin, Ireland, is available: Minchir.

    The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

    The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 UDP for WireGuard.

    Minchir supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

    You can check the server status as usual in our real time servers monitor:

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove
    AirVPN Team
  4. Like
    go558a83nk got a reaction from Jacker@ in PFsense OpenVPN is no longer connecting   ...
    looks like this is all confusion around which entry IP are tls-crypt and which are tls-auth.  tls-auth entry points use sha1.  tls-crypt entry points use sha512 and tls encryption+auth.

    so, keep an eye on which config you make.  details matter.
  5. Like
    go558a83nk reacted to Staff in When will AirVPN implement tls-crypt-v2?   ...


    It's not planned at the moment because it's more comfortable for us the current single tls-crypt key. tls-crypt 2 doesn't change anything for the client, while on the server side, in our specific case, it would be useless because we maintain tls-auth for backward compatibility,. Any denial attempt would remain potentially possible via tls-auth, hence we would have a complication for nothing. However  when we drop tls-auth (we're afraid not in the near future because of the amount of old OpenVPN versions connecting to our service) then tls-crypt-2 will become attractive indeed.. 

    Kind regards
  6. Like
    go558a83nk got a reaction from Staff in speedtest comparison   ...
    Really thrilled with the wireguard speed.  That's me on Mensa.  https://i.gyazo.com/277f20acfb21cea8c41a8db164713063.png
  7. Like
    go558a83nk reacted to Nummer1 in My review   ...
    It has been a few months since i've last used this VPN, but my experience was great. This vpn might look complicated but its really not and you won't regret getting it.
    Even back a few months it was awsome, probably my favourite out of the ones i've used, great VPN.
  8. Like
    go558a83nk got a reaction from Oblivion 2013 in WireGuard beta testing available   ...
    don't open a port on your router for eddie.  it's not needed for anything if everything's going through the VPN tunnel.
  9. Like
    go558a83nk got a reaction from Air4141841 in My ISP upgraded me from 100 to 1000mbps, need help optimizing cable speeds   ...
    you might want to just use wireguard on pfsense.   No doubt it'll be faster for you.  This is the video I used to help me setup wireguard. 

  10. Like
    go558a83nk reacted to blueport26 in Tom Spark review   ...
    I like and use AirVPN but I don't trust him/his reviews. It's not hidden knowledge that the whole VPN review market is a bidding war between which company pays more.
    Here's my (salty) opinion.
    Although he uses a fixed script for each review and assigns points fairly, no matter which VPN he reviews he mentions his top scorers at least once per video. I have a feeling that the point of every non "S tier" review is to redirect customers, like "hey you know AirVPN is cool and has some promising features but check this two VPNs I'm affiliated with, they're the best".
    The review script is odd. He values <1h customer support response higher than all the privacy points combined. Speed test results may depend on the time of day, location and server load, so one day the score may be 50 and another 40 points or lower.

    A bit off-topic:
    There was a civil war/drama between some VPNs, mainly *cough*Windscribe*cough* and him. I was following their discord channel some time ago. Previously he was promoting them as one of the best VPNs, but when they announced shutdown of affiliate program he started throwing blames (telling a company that they should keep it - continue paying him). Since then he moved them to the bottom of the tier list .

  11. Thanks
    go558a83nk got a reaction from Jacker@ in WireGuard beta testing available   ...
    You need to create another "device" which will allow you to generate configs with a different tunnel IP address.  https://airvpn.org/devices/ 

    As far as changing the /10 to /32 I do that in the interface settings of the wireguard tunnel.  First I setup tunnel and peer for wireguard handshake, then setup interface and gateway for that wireguard tunnel.
  12. Like
    go558a83nk reacted to Strathe in Astounding Speed Improvement with WireGuard Beta   ...
    I just enrolled in the WireGuard Beta and decided to run benchmarks to check if there was any performance difference compared with OpenVPN.

    Ubuntu 20.04 LTS with OpenVPN 2.5.1, WireGuard. CPU has AES-NI but weak single-core performance. 1 Gbps line.

    1. Find a server with low load.
    2. Connect to it via OpenVPN 2.51 with cipher AES-256-CBC and additional directives --fragment 0 --mssfix 0 --rcvbuf 0 --sndbuf 0.
    3. Load 10 well-seeded Linux torrents (Ubuntu, Fedora, Arch Linux, etc.)
    4. Observe average and top speeds.
    5. Repeat immediately afterwards using WireGuard with the same AirVPN server and torrents.

    OpenVPN: 350 Mbps average, 410 Mbps peak
    WireGuard: 800 Mbps average, 1064 Mbps peak

    I cannot believe how much faster WireGuard is. Literally a 2.5 times improvement in speed free of charge, and my 1 Gbps line is now the bottleneck.
  13. Like
    go558a83nk reacted to Staff in New feature: DNS block lists   ...

    We're glad to introduce a new feature in AirVPN infrastructure: DNS block lists.

    By default, AirVPN DNS remains neutral in accordance with our mission. However, from now on you have the option to enforce block lists which poison our DNS, in order, for example, to block known sources of ads, spam, malware and so on.

    You can manage your preferences in your account Client Area ⇨ DNS panel https://airvpn.org/dns/.

    We offer only lists released with licenses which grant re-distribution for business purposes too.

    The system is very flexible and offers some exclusive features never seen before in other VPN services:
    You can activate or de-activate, anytime, any combination of lists. You can add customized exceptions and/or additional blocks. Any specified domain which must be blocked includes all of its subdomains too. Lists which can return custom A,AAAA,CNAME,TXT records are supported. You can define any combination of block lists and/or exceptions and/or additions for your whole account or only for specific certificate/key pairs of your account (Client Area ⇨ Devices ⇨ Details ⇨ DNS) Different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. An API to fetch every and each list in different formats (see Client Area ⇨ API ⇨ dns_lists service) is active Any change in your selected list(s), any added exception and any added block is enforced very quickly, within few tens of seconds. You don't need to disconnect and re-connect your account. You can define your own lists and discuss lists and anything related in the community forum here
    Essential requisite to enjoy the service is, of course, querying AirVPN DNS while your system is connected to some VPN server, which is by the way a default setup if you run any of our software.

    Kind regards & datalove
    AirVPN Staff
  14. Thanks
    go558a83nk got a reaction from Staff in WireGuard beta testing available   ...
    I got this on my pfsense box just now . Very nice. . May have even been a little limited by my traffic shaper

  15. Like
    go558a83nk got a reaction from bbqsquirrel in 1000 mbit to 30 mbit on Synology DSM 7   ...
    That CPU does have AES-NI which is important for good speeds with openvpn.  But running it in a VM may keep AES-NI from getting used?  I don't know.

    You could try to use the chacha20 data cipher option that AirVPN supports if your client supports it.  It's usually faster on weaker devices.
  16. Like
    go558a83nk got a reaction from bbqsquirrel in 1000 mbit to 30 mbit on Synology DSM 7   ...
    It's probably a bottleneck on your CPU but without knowing what the CPU is in the device I can't say for sure.
  17. Thanks
    go558a83nk reacted to Staff in [COMPLETED] Dallas datacenter maintenance   ...

    Please be aware that the core router serving our servers in Dallas (TX, USA) will be replaced on Saturday October the 9th at 18.00 UTC (20.00 CEST). Expected downtime of all of our servers is approximately 1 hour.

    Kind regards
  18. Like
    go558a83nk reacted to Staff in New technical specifications   ...

    VPN DNS and "Assigned IP address" technical specifications just changed. All the changes have been reported in the https://airvpn.org/specs page.

    The changed section is:
    Assigned IP
    Servers support both IPv4 and IPv6 tunnels and are reachable over IPv4 and IPv6 on entry-IP addresses.
    DNS server address is the same as gateway, in both IPv4 and IPv6 layer.
    Chosen IPv4 Local Address
    OpenVPN: 10.{daemon}.*.*, Subnet-Mask:
    WireGuard: Chosen IPv6 Unique Local Address (ULA)
    OpenVPN: fde6:7a:7d20:{daemon}::/48
    WireGuard: fd7d:76ee:e68f:a993::/64
    The new sections are:

      DoH, DoT
      Every gateway/daemon assigned to you acts as a DNS (port 53), DoH (dns-over-http, port 443), DoT (dns-over-tls, port 853).
    DoH and DoT don't add any actual benefit, because plain DNS requests are encrypted inside our tunnel anyway.
    However, users might need it for special configurations. In such cases, use dns.airservers.org (automatically resolved into VPN gateway address).
    Our DNS returns a NXDOMAIN for "use-application-dns.net", for compatibility reasons.

    Special resolutions
    check.airservers.org - Gateway IPv4 and IPv6 addresses
    exit.airservers.org - Exit-IPv4 and exit-IPv6 addresses
    use-application-dns.net - NXDOMAIN, for DoH compatibility, ensuring Air DNS will be used (for anti-geolocation features)

    Special URLs
    https://check.airservers.org - Info about connected server
    https://check.airservers.org/api/ - Same as above, in JSON
    Use https://ipv4.airservers.org or https://ipv6.airservers.org - Same as above, specific IP layer

    Kind regards and datalove
    AirVPN Staff
  19. Like
    go558a83nk got a reaction from d3adf1sh in When you don't read instructions...   ...
    No, the problem is with you unable to follow directions.

    In the tutorial, the first directive in the "generate AirVPN certificates" section is to enable advanced mode.  Have you turned on advanced mode in the config generator?
  20. Thanks
    go558a83nk reacted to aquintex in [COMPLETED] Emergency maintenance in Dallas, Texas (US)   ...
    This was unplanned.  Hardware replaced and circuits are operational.

    I sincerely apologize to AirVPN and its awesome customers. 

  21. Sad
    go558a83nk got a reaction from ®yan in [COMPLETED] Emergency maintenance in Dallas, Texas (US)   ...
    Is the current outage unplanned?
  22. Sad
    go558a83nk got a reaction from ®yan in [COMPLETED] Emergency maintenance in Dallas, Texas (US)   ...
    Is the current outage unplanned?
  23. Thanks
    go558a83nk reacted to Staff in [COMPLETED] Emergency maintenance in Dallas, Texas (US)   ...

    We see remarkable, intermittent packet loss spikes every other hour or so on most Dallas servers. We are investigating.

    Kind regards
  24. Like
    go558a83nk reacted to Staff in [COMPLETED] Emergency maintenance in Dallas, Texas (US)   ...

    We inform you that an emergency maintenance due to urgent hardware replacement will be ongoing on 2021-09-18 between 19 and 23 CEST on the Dallas datacenter. The maintenance will impact all of our VPN servers in Dallas: expected downtime is approximately 30 minutes.

    Kind regards
    AirVPN Staff
  25. Thanks
    go558a83nk reacted to Stalinium in M247 misrepresenting true location of Barcelona Phoenix and Berlin Air Servers   ...
    The server is not in Berlin. M247, AS9009 does not have peering in Berlin.
    I checked with a looking glass run by a very nice person and it has multiple servers from different networks in Frankfurt and one server in Berlin. Apart from outsiders that have 14ms ping from allegedly FRA to FRA, most pings are ~1ms and confirm what traceroutes here show. The only lg Berlin server to Air's Cujam has got 8ms ping. That lg Berlin server is hosted on a network that's has peering at BCIX and ECIX-BER. Even if the Cujam server were 'physically in Berlin' then it doesn't matter because what matters to users is latency, alias geographic location.
    Back to what M247 say themselves, all four German DCs are in Frankfurt: Ancotel (Equinix), Interxion FRA4, Telehouse Frankfurt, Global Switch Frankfurt
    https://m247.com/services/host/dedicated-servers/ https://m247.com/services/cloud-hosting/ https://m247.com/services/host/colocation/
    The only location in Germany on this map is Frankfurt.

    I cannot thoroughly check Spain, but again AS9009 is at DE-CIX Madrid and doesn't appear to be present at DE-CIX Barcelona, two Madrid servers' pings are 0.3ms and 2ms to "Barcelona" Eridanus.

    Whatever the reasons, the current descriptions are not representing the reality.

    PS: Actually the entire prefix/subnet is reported as Berlin by M247. Hence the geolocation databases say it is "in Berlin", that's the definition of a "virtual location" right? Still I see how it could be useful in certain cases even though the server is not physically there. Until this is clearly indicated, it will be a shortcoming especially in terms of sincerity and transparency.
  • Create New...