Staff

Hello! Please upgrade to Eddie 2.24.6 (latest stable release), try again and in case of failure publish a system report according to the instructions available here: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-%E2%80%93-heres-what-to-do/ Kind regards

Hello! Please make sure to run Eddie with the proper options, do not forget --connect . Also add specific server or country if you prefer connections always to the same server or country. Avoid bash parsing or expansion of your password special characters by enclosing the password in single quotes (Quoting is used to remove the special meaning of certain characters or words to the shell) or by escaping it with backslash character \ (or pick a password without characters that pose this problem). For additional details please check the bash manual Quoting paragraph (type man bash to see it locally or read the web page previously linked). Type on a terminal man eddie-cli to read the manual of your Eddie version, it explains all the options. Kind regards

Hello! Yes, there has been intensive work behind the scenes to fix some tricky bugs and improve the implementation of specific parts (special thanks to beta testers behind the scenes). The next beta version, or perhaps the first Release Candidate, is scheduled for the very first days of April. Kind regards

Hello! In the last 12 months it appears that Singapore datacenters are "cursed": a major fiber cut, various server hardware failures (now Hydra motherboard is gone, for example), various power outages... We operate servers in two separate datacenters, we will assess the situation in the near future. Kind regards

Hello, for the readers, problem was solved in this way: https://airvpn.org/forums/topic/66976-eddie-disconnects-after-3-seconds-continually/?do=findComment&comment=244491 Kind regards

Hello! This is correct and fine, very well. Geo-location can be finalized not only through IP address, but also through other methods such as cellular and Wi-Fi networks evaluation (a technique used by HTML5 geo-location method for example), GPS, language and time zone cross-checked with other info. In some circumstances it can indeed weaken your anonymity layer and in general harm your privacy so we recommend that you disable HTML5 geo-location on the browser(s), and turn off GPS on the equipped devices when not needed and when connected to the VPN. For Android, our software Eddie Android edition features a GPS coordinates spoofing option (disabled by default) which comes handy in some circumstances. When this option is enabled, Eddie spoofs the coordinates determined via GPS and make them match with the location of the AirVPN server the device is connected to. Kind regards

Hello! Excellent, and thank you for having let us know. However, there's something unexplained, because with Firefox DNS over HTTPS enabled you shouldn't have seen your ISP DNS addresses: Furthermore, your /etc/resolv.conf file while connected to the VPN showed your router address as the name server address, and this is unexplained as well. Maybe you just gathered the wrong information earlier (for example you took /etc/resolv.conf content when the system was not connected to the VPN) and everything is fine, but just to stay on the safe side keep all of the above in mind. Kind regards

Hello! Yes, that's correct. The amount of devices that can connect is unlimited, the limit is that no more than 5 can be connected at the same time. Router or any computer sharing the VPN connection and acting as a 'hot spot' counts as ONE device in any case. The intermittence of the problem is enigmatic, unless it is caused by a browser which does not block HTML5 geo-location. Are those mobile device and LG TV both connecting to your router and share the VPN connection? Is your "real" IP address (the public IP address assigned by your residential ISP to you) ever shown, or is the problem limited to the location? Kind regards

Hello! Can you please tell us your Linux distribution name and version and send us log by Eddie taken after the problem has occurred? Kind regards

Hello! Very good, if that's the case then even the "LG problem" would be solved. Let us know how it goes with Stremio and online gaming. Kind regards

Hello! We don't play competitive or online games so you need to ask for reports from those who do: https://airvpn.org/forums/topic/46019-is-airvpn-suitable-for-gaming/?do=findComment&comment=244500 https://airvpn.org/forums/topic/46019-is-airvpn-suitable-for-gaming/?do=findComment&comment=244813 The above ones are very recent reports but of course each case is different due to ISP policy, routing, peering with our transit providers... also consider that while online gaming consumes a tiny amount of bandwidth and the main variable you want to monitor is the round trip time (a ping time as low as possible), streaming games is on another level (in this last case, you should connect only to 10 Gbit/s servers in our infrastructure). You can consider to ask for a free trial (through a ticket), test the service, and report back your gaming experience on the above thread. While most VPN for consumers advertise their service as "good for gaming" for valid reasons such as protection against DDoS attacks (the attack would involve the VPN server and not your own IP address which is not exposed to other malicious players exploiting game vulnerabilities for attacking strongest players and getting an unfair advantage, or just to disclose the public IP address for more sinister purposes) and access to different regional servers, we don't do it because each case is different. It is not possible to say for sure that competitive gaming via VPN is suitable for everyone, from every line and ISP. Also consider that while gaming via VPN is typically allowed by most games, some games forbid it when it causes regional licensing problems (you may access the game from a region which is not allowed or from which you should have paid more to join, etc.). No problems for torrents of course. We do not have any direct experience with Stremio but we can confirm that it is accessible and usable, according to many reports of our customers, from our VPN servers. If you do not want to buy another router or modify your 7530ax, you can anyway count on the five connections slots included in any subscription. So you can connect up to five devices at the same time (the router would always count as one, no matter how many devices are connected to it), but the LG TV would remain excluded: as far as we know LG TV can not run directly WireGuard or OpenVPN. Kind regards

Hello! When the problem occurs can you verify whether a disconnection and re-connection to the VPN server occurred? Can you also check whether the problem disappears by re-starting qBittorrent? Kind regards

Hello! Please upgrade to Eddie 2.24.6 (latest stable release) first, then open a ticket if the problem persists. The support team can provide you with alternative bootstrap servers. Please include a system report (in the ticket) generated by Eddie: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-–-heres-what-to-do/ Kind regards

Hello! Please check the guides and FAQ linked to the welcome e-mail. If you preferred not to link a valid e-mail address to your account, please start from here: https://airvpn.org/forums/topic/18339-guide-to-getting-started-links-for-advanced-users/ Frequently Asked Questions answers are available by clicking "FAQ" from the upper "Home" menu, direct link https://airvpn.org/faqs/ To troubleshoot the problems you reported, can you please tell us your exact macOS version and send us a system report generated by Eddie, if the program is responsive after the error? Please see here: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-–-heres-what-to-do/ If you can't manage to generate the system report because the program exited or became unresponsive after the error is thrown out, please delete the configuration file, just in case it got corrupt. Please make sure that Eddie is not running, open the terminal and enter the following command: rm ~/.config/eddie/* Then start Eddie and check whether the problem got resolved or not. Kind regards

Hello! Unfortunately not, OpenVPN over TCP to port 443, even when OpenVPN works over tls-crypt, is discernible from HTTPS if you know where to look at. In this case you can try a better approximation with OpenVPN over stunnel (TLS), again to port 443 but also to port 53. It's not impossible, but it's harder to distinguish this connection mode to port 443 from HTTPS; also, sometimes packets to outbound port 53 are not blocked. If both attempts fail, you can try OpenVPN over SSH: if SSH is not restricted and if the VPN server entry-IP addresses are not blocked this connection mode will work. Kind regards

Hello! The binary file name is eddie-cli, not eddie-ui. You must invoke eddie-cli with the proper options as specified in the earlier messages. Alternatively you can consider the AirVPN Suite which offers a real daemon (Bluetit) fully manageable via systemctl, signals and the client Goldcrest. Documentation available here. It's correct to allow packets to the proper port of the tun interface (the virtual private network interface) and not of the physical network interface. Network Lock will replace firewall rules (to restore them at the end of the session) so if you need ufw custom rules for the purposes you mention you have to keep Network Lock disabled. Therefore, you may additionally consider ufw rules to prevent traffic leaks outside the VPN tunnel and bind your torrent program to the virtual private network interface, if a bind option is available in your torrent program settings. Kind regards

Hello! eddie-ui --cli has been replaced by eddie-cli that doesn't need Mono anymore. Please run eddie-cli directly. You can download it by selecting the CLI only package in the Linux download page. The correct default directory is ~/.config/eddie and the default configuration file name is default.profile (the path and filename specified by the author were correct in very old Eddie versions). If the file is encrypted, the procedure can not work (at the time the author wrote the document, probably the encryption of the default configuration file via Master Password was not yet implemented), therefore make sure to generate a non-encrypted default.profile A different solution to consider (which is potentially better) is disabling ufw and enabling Eddie's Network Lock , either by adding --netlock option: ExecStart=eddie-cli path=/etc/airvpn/ --batch --netlock or by using a profile where Network Lock has been enabled at Eddie's startup. In Eddie's Preferences > General window check Activate Network Lock at startup. Kind regards

Hello! Of course, you're right. New rules with additional flexibility are being tested and will be available soon on the Linux AirVPN Suite 2.0.0 next beta version which is imminent. You will be able to decide whether allowing only ping (in, out, in/out), only IPv6 NDP, none of them or both of them. The same new rules are also being implemented in Eddie for all Desktop platforms so you will see them in the future Eddie version. Kind regards

Hello and thank you very much! Historically, guides written by the community members have always been valuable and of course we appreciate them a lot. OpenSourcerer is not an AirVPN staff member, he is a community moderator and spends his time for free and for passion to moderate AirVPN community forums. However, he does not influence our decisions to move a guide to "How To" forum (where new threads can be opened only by us) that collects several guides including community written ones. The decision to replace old guides is also our exclusive competence and follows our and community tests. Please accept our apologies if we have chosen a moderator who discourages you from writing valuable guides for the entire community, but we're sure he is in good faith. We would like to thank you for your time and dedication now and in the past on the previous guides, and we warmly invite you to overlook this time the moderator's attitude and complete your guide that might replace the old one once it is tested. If we miss your messages when your guide is ready and tested (as OpenSourcerer wrote, a guide must first pass the tests in order to be moved to the guides section) just feel free to contact us directly and give us a reminder. We will then gladly test the guide, check the community feedback and evaluate the replacement. Kind regards

Hello! If Plex works in that way, you must use pool 1 at the moment for Plex, although we have directly verified that Plex is anyway reachable on ports of the pool 2. This matter will become not relevant when we implement a significant expansion to the port forwarding system. In this new system you will have no more pool distinctions on the client side so your account will be tied to a specific pool and single exit-IP address, therefore you will be able to use any port just like you did with the old system for any software and protocol, including p2p and Plex. The new system has already reached an advanced and successful testing stage and will make the remote port forwarding system even more comfortable and above all scalable. Kind regards

@Tubular Thanks for the relevant log and output. We have two overlapping problems here. One is caused by the translations between iptables and nftables (only when ufw is enabled, otherwise nftables usage is consistent and translations never enter into play). This is quickly resolved by not enabling ufw, as you noticed. The other problem is that when a session is over Eddie restores an old /etc/resolv.conf backup created in the past by Eddie 2.21.8: # Generated by Eddie v2.21.8 - https://eddie.website - Tuesday, January 14, 2025 3:36:48 PM UTC nameserver 10.<cut> The above is wrong and it could be the consequence of some old Eddie 2.21.8 dirty status caused by a crash. For the new Eddie the above file is the normal system setting to restore at the end of a session, so Eddie will make your system unable to resolve names when your system is not connected to the VPN. Please shut down Eddie, edit /etc/resolv.conf with any text editor (root privileges required) and enter only publicly available name servers, for example Quad9 (we recommend it for privacy and neutrality commitment). An example: nameserver 9.9.9.9 nameserver 149.112.112.112 nameserver 2620:fe::fe # only if your system, router and ISP support IPv6 Save the file, re-start Eddie, connect to some VPN server, shut down Eddie and verify whether the problem is solved. Kind regards

Hello! This is unexpected, and it could be the cause of the problem. Eddie should modify /etc/resolv.conf if you have Eddie configured to use VPN DNS exclusively (which is the default setting). Can you verify whether systemd-resolved is running in your system (anyway Eddie must be capable to manage any systemd-resolved working mode)? Can you also publish Eddie's system report generated while the problem is ongoing? Please see here: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-%E2%80%93-heres-what-to-do/ Last but not least, please publish the output of the following commands: ls -l /etc/resolv.conf cat /etc/resolv.conf while the system is connected to the VPN. Kind regards

Hello! We offer TOTP based 2FA. TOTP is an open protocol. lt has been adopted as Internet Engineering Task Force (IETF) standard RFC 6238, it is not developed by Google. Furthermore, Google software and/or related services are not required in any way to use TOTP. TOTP (Time-based one-time password) is "the cornerstone of Initiative for Open Authentication (OATH) and is used in a number of two-factor authentication (2FA) systems". It is also supported by the Google Authenticator app, but of course you are not forced to run this app (Google Authenticator does not requite anymore your phone number, just to be precise). Here you can see a wide list of apps: https://en.wikipedia.org/wiki/Comparison_of_OTP_applications We are confident that this information will convince you of the imbecility of your beliefs. Kind regards

Thanks! Can you publish Bluetit's log taken after the problem has occurred? The following commands will write the log on 'bluetit.log' file: sudo journalctl | grep bluetit > bluetit.log Kind regards

@OpenSourcerer @WowSuchSpeed Hello! The decision to block ASNs, CDN, in general IP addresses or ranges of IP addresses is (was?) up to the web site operators, through the Cloudflare firewall control panel, where you can "whitelist", "blacklist" or "challenge" whatever you like (even the entire IPv4 and IPv6 spaces, if you wish so ). Why are you discussing as if it were a Cloudflare's decision? Did something change recently and now Cloudflare blocks ASNs or anyway address ranges with no chance for the web site operators to unblock them? Kind regards