go558a83nk

then you should be more worried about your ISP than AirVPN.

Little note: we write in the download page
deb http://eddie.website/repository/apt stable mainbut if anyone wants, the https version can be used
deb https://eddie.website/repository/apt stable mainThis because the apt https transport protocol is not installed by default in Debian (but it is installed by default in Ubuntu...).
So, using https under a fresh Debian 8.7.1 throws a
The method driver /usr/lib/apt/methods/https could not be found.until a
apt-get install apt-transport-httpsis done. For me, unbelievable .

Hello,
 
it is of course possible running an additional OpenVPN daemon with tls-crypt directive (each OpenVPN daemon has a different configuration) and listening to some new port. The main issues we need to consider are how to make Configuration Generator and Eddie to make users not running OpenVPN 2.4 to NOT choose such options in a swift, friendly and clearly understandable way, and some other deployment problems. Nothing impossible or too difficult, but we need a careful plan, because anything wrong can lead to some serious troubles, considering that at any given time we have 13000 users connected, that Configuration Generator is used every hour by a remarkable amount of users, that a new Eddie is needed, and some other problems. Each and any of these problems must be analyzed. Anyway we confirm that we're interested in tls-crypt because we agree to repute that actually it can bypass some disruption techniques against OpenVPN.
 
Kind regards

In this page: https://airvpn.org/linux/ the GPG key and PPA details. Please report here any issues specific to PPA repo, thx.

Georgia, where Wordpress and Youtube are sometimes blocked and the only 2 of the 3 residential ISPs are tied to government?
Armenia, where during the Nagorno-Karabakh conflict last year major parts of the country were disconnected from internet?
 
I hope nobody is taking this list seriously.

https://airvpn.org/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/?hl=%2Bport+%2Bforward+%2Bdd-wrt

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Spain is available: Eridanus.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server,  Eridanus supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Austria is available: Caelum.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Caelum supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

began using this when I saw it posted here.  is it just me or does enabling blocking of chrome:// URIs break things?  for me it removes the vertical scroll bar.

I will throw this addon into the mix for anyone interested:
 
https://addons.mozilla.org/en-US/firefox/addon/no-resource-uri-leak/

A problem we also experienced is that when you don't reply to certain claims mixed with advertisement by competitors in your own forum, a remarkable amount of persons will assume that you legitimate such claims, because you haven't done anything in your own "house". The forum dedicated to competitors' reviews remains dedicated to reviews. In the review, a competitor can publish a brief reply to clarify something and of course fix false claims, but can't start a huge promotional thread where here and there obnoxious claims against the very same company that's hosting the thread are inserted.

Hello,
 
this is not a forum to advertise competitors or exercise freedom of expression.
 
The thread you mention is under review for various problems, including advertising. The forum to review competitor can NOT be used by competitors themselves to advertise their companies. To make things worse, the advertiser included a gratuitous insult to AirVPN, here for example:
 
 
Every competitor has the freedom to define "fluff data" an essential method that allows our customers to verify independently our commitment to no overselling, which is a unique, exclusive and noteworthy feature of our service that this competitor does not offer. But not on our forum.
 
We will also censor, as we have always done, advertisement of competitors in our forums.
 
The thread is under review, it has not been deleted, an it will be re-published when advertising and insults have been cut out, when we wish and when and if we decide to dedicate time for this purpose.
 
Kind regards

The saying goes, "iron sharpens iron".  A healthy community should have some friction with the intent being constructive criticism.  The members of a healthy community should learn from eachother and teach eachother and be humble in doing so.

Most of these laws are loosely enforced and there are no clear guidelines for VPNs. From the server standpoint, we configure all nodes identically, no matter the jurisdiction. If the server get ceased, the data on it is of little use, and can't be used to retroactively identify anyone. 
 
 
 
We deal with leaks mentioned above in a similar fashion to AirVPN: The application has a firewall (WFP in Windows, and pf in OSX) and we simply firewall everything outside of the tunnel. We also block ipv6 connectivity. 
 
The browser extension is essentially a fancy proxy server rotator, with ad block built in. We use the same blocklists as Adblock plus (easylist). These are not standard web/http proxies however, its more of an SSL Tunnel. https://www.chromium.org/developers/design-documents/secure-web-proxy
 
Lifetime deal is on for a limited time, and is actually being discontinued next week. Its great because it gives us a massive cash injection, and a lot of exposure we otherwise wouldn't have.We are quite profitable, even without this offer. 
 
If you're speaking about https://en.wikipedia.org/wiki/Copyright_Modernization_Act then yes, its a bit troubling, however in its current form it only applies to ISPs. We have no issues moving the company to an offshore location if the laws change for the worse. 

I finally got this working for Netflix.  Big caveat up front, I'm not a network expert, so there might be a better/safer way to accomplish this.  Here's what I did...
 
1. Followed this guide to get everything running through the VPN first (https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/).  I assume this is where you started as well.  If not, my solution may not work for you.
 
2. Created an alias for all devices I want to bypass the VPN (vpn_bypass)
 
3. Added another NAT outbound rule at /firewall_nat_out.php (which is what it looks like you did above).  This should be at the top of the list.
 
* Do not NAT => not checked
* Interface => WAN
* Protocol => any
* Source => Network, vpn_bypass/32
* Destination => Any
* Address => interface address
* Port => [blank]
* No XMLRPC Sync => not checked
* Description => "LAN to WAN bypassing VPN"
 
4. Added a new NAT rule to forward DNS traffic from vpn_bypass to a public DNS (Google in my example).  This will allow traffic bypassing the VPN to access a DNS directly.  Without it, your device will have access to the WAN directly, but won't be able to resolve the URL netflix.com, which is what I think was causing you problems.  You can add this is at /firewall_nat.php
* No RDR (NOT) => not checked
* Interface => AIRVPN_LAN
* Protocol => TCP/UDP
show advanced
* Source => single host or alias, vpn_bypass
* Source port range => any to any
* Destination => CHECK invert match, AIRVPN_LAN address
* Destination port range => DNS to DNS
* Redirect target IP => 8.8.8.8
* Redirect target port => DNS
* Description => "DNS for VPN bypass using Google"
 
Make sure it also creates an associated filter rule.  You may need to reorder the rules on this page as well.  I put this near the top, so traffic wasn't directed through the VPN accidentally.
 
5. Add another firewall rule that allows the vpn_bypass group to create connections directly with the WAN.  This is basically a clone of "AirVPN_LAN allow outbound" with a few tweaks.  This should be put ABOVE the "AirVPN_LAN allow outbound" rule when we're done.
* Action => pass
* Interface => AIRVPN_LAN
* Address family => IPv4
* Protocol TCP/UDP
* Source => Single host, vpn_bypass
* Source port range => 1024 to 65535
* Destination => any
* Destination port range => wan_service_ports to wan_service_ports
* Description => AirVPN_LAN allow outbound for VPN bypass
SHOW ADVANCED
* Gateway => WAN
 
 
Hopefully this helps.  Now, if I could get port forwarding to work correctly for Plex, life would be better

Hi, Just sound this thread. I'm actually the founder of Windscribe, will be happy to answer any questions. 
 
We used AirVPN as a model for a bunch of aspects of the service while we were developing the product. 

That's a very old axiom. Not sure why did you realize it only after you temporary lost SMS as a factor.
Gmail has great security compared to other services. From location and user-agent matching for new
sign-ins, up and not limited to an email notification per each new signed in device. Brute force prevention
by captchas unsolvable even by humans, intense physical security of the service. No matching competitors.
This is not their fault that you used SMS as a 2FA factor, you could use Authy or FreeOTP, or even their
own Google Authenticator which implements a real and cryptographicly hashed TOTP instead of SMS:
https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
 
 
 
This is not in theory.
Regarding any mail service in general, if they can control the MX records, all those aliases are useless.
Anyone who can modify the DNS records and point the domains MX records to it's own server, is able to
read all your unencrypted emails, with a possibility to bounce them later to the original server so it can go
unnoticed for a very long time. That's axiom number 2. This is also why you have to use PGP, no matter
what all those hipster services claim, when privacy of conversations matters.

interesting.  PIA have a win-win scenario.  If their audit finds problems - they look like heroes not only because they found problems but because they are probably still using some ancient hacked version of openvpn that they can claim is SAFE!.  If their audit doesn't find problems they still take credit in marketing for the wonderful work they've done.

This is pretty cool, just thought I'd share.  I'm already using the 2.4 release candidate. Good stuff.
 
https://www.privateinternetaccess.com/blog/2016/12/private-internet-access-funds-openvpn-2-4-audit-noted-cryptographer-dr-matthew-green/

Guys I just wanted to update this thread. I found out the issue. It wasn't my HDD, SSD, CPU or RAM issue. It was my external USB Wireless adapter that kept dropping connections every few seconds. I got a new wireless adapter and it's been working flawlessly.

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Austria is available: Alderamin.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Alderamin supports OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team
 

Hello!

We're very glad to inform you that two new 1 Gbit/s servers located in Switzerland are available: Achernar and Sirrah.

The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Achernar and Sirrah support OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team
 

Hello!

We're very glad to inform you that two new 1 Gbit/s servers located in Czech Republic are available: Centaurus and Turais.

The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP.

Just like every other Air server, Centaurus and Turais support OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team
 

Hello!

We're very glad to inform you that two new 1 Gbit/s servers located in Belgium are available: Capricornus and Columba.
 
The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
The servers accept connections on ports 53, 80, 443, 2018 UDP and TCP.
 
Just like every other Air server, Capricornus and Columba support OpenVPN over SSL and OpenVPN over SSH.
 
As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.
 
Kind regards and datalove
AirVPN Team
 

Every VPN providers servers are 3rd party. Anyone else who tells you otherwise likely has not done their research
 
AirVPN servers are run in 3rd party datacentres, but they have complete control over them as they use dedicated baremetal servers rather than a cheap virtual instance (VPS)
 
For example, Alcor is in https://www.ukrnames.com/  datacentre. 
 
Several new servers are owned by M247, a british company in Manchester including all Swiss servers except virginis and kitalpha (and arneb if its still around) 
 
Your deluding yourself if you think a tiny VPN provider in Italy can spare the resources to own and man datacentres all over the world off an individual subcription fee of about $8.00 USD and thats per month, its cheaper if you do yearly or quarterly.
 
If you don't trust AirVPN for that then your pretty well fucked for alternatives. You could run a computer out of your house, or rent your own dedicated servers, but they have your name all over them which defeats the point to begin with.