Staff

@Stalinium Thank you! The AirVPN founder has been working pro bono for EFF (Europe, not USA) for a couple of years, and that's not a thing that can be acknowledged in the donation pages or evaluated monetarily. Anyway, it must be said that we have not donated to EFF during 2021, but we will. Kind regards

Hello! Are you sure that your UDP port (in your local network interface) exists? Maybe the listening software accepts TCP packets, not UDP ones. Anyway UDP tests are not reliable for the very UDP nature (it's connectionless). Kind regards

@debu Hello! We're sorry, this version can't run in Windows XP. On our side we do not test Eddie on Vista anymore we're sorry. However, it should run fine in Windows 7. Windows 7 end of life was reached on January 2020. https://www.microsoft.com/en-US/windows/windows-7-end-of-life-support-information Kind regards

Hello! Of course every security model can have different approaches and settings, but in general this approach of yours is very good. "sudo" is sometimes (frequently?) used improperly in Linux and can potentially do more harm than good. Now imagine that you, the superuser, wants to give some other user (even your regular user, for example) the privilege to drive Bluetit (which performs even root actions, such as changing network) but not any other root privilege. With the current permission model, you can do it swiftly and comfortably. Without the airvpn group, you would be blocked and you should implement the current permission model by hand by yourself, which would be a very inelegant flaw of ours, the daemon developers and distributors. Even in your system, therefore, the default configuration is more comfortable for you, should any more refined need arise. No, it's already set to maximum verbosity, and such setting can't be modified in the current release, it's a gabby daemon. 😋 Kind regards

@Stack of computer parts Hello! Very strange issue indeed, and it's also stranger that it solved "by itself". If it re-occurs, please take all log and configuration files and open a ticket. This is a question that's ignominious for any UNIX administrator, let's pretend it was born during a momentary lapse of reason or some nefarious Windows-ish influence 😀 Joking apart: Bluetit is a daemon and runs with high privileges to modify your inner system settings (routing table, kernel packet filtering table...). By default policy, Bluetit accepts commands from clients that are run by any user in the airvpn group. Creation of airvpn user in the airvpn group is an additional comfort provided by the installer. It allows superusers to have fine grained selection according to the most classical and robust UNIX permission model (remember CUPS, X server and other tons of daemons permission scheme? same thing). For example, nowadays many Linux users routinely log into their machines with a user that can also gain all the root privileges, and they might like to NOT allow this user to send commands to Bluetit for trivial security reasons. They can do so simply by not adding their regular login user to the airvpn group. Another good, very similar example is having users that can not gain root privileges but can send commands to Bluetit. Of course the above is the default permission scheme set up by the installer and the provided files, nothing prevents a superuser to change it and adopt a different one. Kind regards

Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.21 beta. It is ready for public beta testing. How to test our experimental release: Go to download page of your OS Click on Other versions Click on Experimental Look at the changelog if you wish Download and install Please see the changelog: https://eddie.website/changelog/?software=client&format=html This version contains an almost completely rewritten code for routes management, DNS and more, so please report any difference from the latest stable release 2.20. This version implements WireGuard support. AirVPN servers will offer it, during an opt-in beta-testing phase, within September. WireGuard support is expected to work out-of-the-box (no need to install anything else but Eddie) in Windows and macOS. In Linux it works if kernel supports it (WG support by kernel is required). PLEASE CONSIDER THIS AS A BETA VERSION. Don't use it for real connections it's only for those who want to collaborate to the project as beta-testers.

@Stalinium Hello! We might have underrated the non-linear growth of load over clients amount, which is very difficult to compute in advance because it depends not only on bandwidth required by a client, but (also) on an unknown variable, that is the amount of half.-connections established by single clients, which varies enormously over time and by single clients (different usages). We are fine tuning and resolve the issue if necessary, thank you for the head up. Kind regards

@WilDieteren Excellent, thank you for the information. Enjoy AirVPN! Kind regards

@WilDieteren Hello! The AirVPN Suite is a software suite for LInux which includes Hummingbird, Bluetit and Goldcrest. Hummingbird is already available for macOS High Sierra or higher version, while the other software of the suite (Bluetit and Goldcrest, which is a client of the Bluetit daemon) are planned to be ported to macOS. TUI is a Terminal (or Text-Based) User Interface, ncurses is a library which offers an API to build terminal independent TUIs. We have plans to implement an ncurses based TUI in Goldcrest. Eddie various problems in Rosetta 2 will be solved by having Mono native for M1, but as we wrote it's not available at the moment. Kind regards

@amazeballs Hello! Unfortunately the matter is not entirely in our hands because Eddie frontend (the GUI and CLI) runs in Mono framework, and a native Mono "M1" version still doesn't exist. For Mac we also have plans to port the AirVPN Suite, which includes Goldcrest client and Bluetit daemon. Goldcrest will have an ncurses based TUI. Of course, if in the meantime Mono is released for M1, we will quickly re-build Eddie fronted native for M1. Currently you can anyway run Eddie in M1 (frontend will run in Rosetta 2) and have it run Hummingbird for M1, to have anyway the performance boost. Only Eddie GUI will run in Rosetta, Hummingbird will run natively, and you don't need the CLI anymore. Kind regards

@m1ster Hello! You can't build Hummingbird or the AirPVN Suite in FreeBSD because OpenVPN3 AirVPN library needs various modification for FreeBSD, you will not be able to even compile it at the moment. We have plans to port the AirVPN Suite to FreeBSD later this year, but first we need to adapt the library, which might be or not a trivial task, and we must release a new Eddie Android edition version before the summer is over. At the moment you only have the Linux binary compatibility mode option (try with Hummingbird, as Eddie will have too many complications due to Mono), and of course OpenVPN 2.5.2. Hummingbird and the Suite support and have always supported pf, the default FreeBSD firewall, but different directory tree and some other issue may cause trouble. https://docs.freebsd.org/en/books/handbook/linuxemu/ Anyway we assure you that FreeBSD support improvement with native applications remains our goal for 2021. Our FreeBSD users are many (25% of our Windows customers, and 20% of our Linux customers, who are currently the absolute majority), not to mention the system outstanding superiority, so stay tuned. Kind regards

@Similiar Hello! if your router CPU does not support AES-NI (New Instructions) you may enhance performance by using CHACHA20-POLY1305 cipher on the Data Channel. It's supported by all AirVPN servers and requires OpenVPN 2.5 or higher version. Kind regards

@56rohrschach2u Thank you for your tests! Can you please try again now? Kind regards

Hello! It's possible that the first "bootstrap server" that Eddie tries to contact is not working well or is unreachable from your nodes. After the timeout, Eddie goes on to the next available "bootstrap" server, that's why it works but you notice a delay each time Eddie wants to download the "manifest file" from any bootstrap server (we offer wide redundancy of bootstrap servers, but Eddie will try them always in the same order). We will start an investigation soon. Can you confirm that the problem is still ongoing? Kind regards

@YLwpLUbcf77U Hello! Yes. To confirm that OpenVPN works over TCP just have a look at the OpenVPN log. To confirm that OpenVPN has used TLS Crypt for negotiation check your TLS key. If it's ta.key then TLS Auth mode was used for negotiation, if it's tls-crypt.key then TLS Crypt was. Another way is checking the VPN server IP address you connect to. Entry-IP addresses 3 and 4 are reserved to TLS Crypt and won't work with TLS Auth. Entry-IP addresses 1 and 2 are reserved to TLS Auth and won't work with TLS Crypt. Kind regards