Staff

@Gebi22 Hello! Please make sure that you have not defined specific filters that filter out all the servers. If the above is not the case, please open a ticket and include Eddie log taken just after the problem has occurred. In Eddie's "Log" view you can see a "Share" icon. After you have tapped it you can choose to send log via mail or share it in other ways. Kind regards

@Bubga Hello! Currently Netflix USA (and only USA) is accessible from our infrastructure, provided that you query VPN DNS. Kind regards

@giganerd Hello! Well, it's not uncommon that any source code is not released at alpha stage. In several environments it is common practice. It is all in all a wise decision because any part can be even rebuilt from scratch, even from alpha n to alpha n+1. However, as you noticed, the library source code is published and of course it's not alpha.  That would be great! Kind regards

@pjnsmb After you press CTRL-C resolv.conf backup is correctly deleted so the reply you get after you ordered "--recover-network" is expected. Up to this point everything sounds fine. Then you notice lack of Internet connectivity, which might or might not be expected. Please check firewall rules as well as chain policies before and after the VPN connection: if they match your lack of Internet connectivity is expected; if not something wrong is going on, please notify us including rules (first and after you have run the client) and exact distribution name and version. Kind regards

Hello! -6 is an undocumented option in OpenVPN 3 library, it has nothing to do with the frontend. OpenVPN 3 is mostly undocumented by OpenVPN developers and we are doing our best to fill the gap. In the next version we will clarify usage of -6 option to leave no doubts on the matter. You can infer that -6 pertains to IPv6 over IPv4 from the comments in the source code, which contrarily to what your misleading irony suggests has been published in GitHub a long ago. https://github.com/AirVPN/openvpn3-airvpn Anyway that part is identical to the main branch and has not been touched by us, so you can see that part both in our fork and in the main branch, it exists since years ago and has remained undocumented since years ago. At this stage we are focused on bug fixing because, for Linux, we found a dramatic situation to say the least. just consider, as a mere, shameful example, that data structures were systematically not initialized, an error that you can't expect or imagine, not even from C novice children students during their first C course. Lack of initialization in C/C++ causes apparently random crashes and/or unexpected behavior in different conditions, systems and system states, according to how "dirty" the data RAM area is or is not. Situation is now under control (while OpenVPN 3 main branch remains mainly unusable in Linux for practical purposes) but only after a very hard, time consuming work. That said, omitting -6 might not solve the issue. We suspect now that it's another OpenVPN 3 bug; as such we will investigate with the purpose to fix it. Please test anyway without -6 option and let us know the outcome at your convenience. (DONE) Kind regards

@giganerd Hello! We might be in presence of a conflict when you try an IPv6 connection and at the same time you also want IPv6 over IPv4 (which actually may appear contradictory). The error pertaining to address parsing comes from OpenVPN 3 library. Can you tell us whether the problem is resolved or not when you don't force IPv6 over IPv4 for an IPv6 connection (i.e. do not include -6 option)? Kind regards

@pjnsmb Hello! We're not yet in beta testing, thanks for the trust, but we count to release a beta version soon (for Mac too). Can you tell us your exact Linux distribution name and version and send us the client log taken just after the problem has occurred? Using the screen utility was a suggestion pertaining to a different case, or maybe are you connecting remotely via ssh or telnet to the machine that will connect to the VPN? If so using screen is absolutely not a hard work, it's piece of cake don't worry. Kind regards

Hello! AirVPN OpenVPN 3 client version 1.0 alpha 2 is now available. It addresses reported bugs and should resolve them. AirVPN OpenVPN 3 Client 1.0 alpha 2 - 7 November 2019 Changelog [ProMIND] DNS resolver has now a better management of IPv6 domains [ProMIND] DNS resolver has now a better management of multi IP domains [ProMIND] Minor bug fixes ======== Linux 64 bit build can be downloaded here: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz SHA512: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz.sha512 Linux Raspbian 32 bit build can be downloaded here: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz SHA 512: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512 Thank you for your tests! Kind regards

@WindUp Hello! Agreed. Since when we decided to cut any intermediary for cryptocurrencies payments, we need to implement crypto payment options one by one internally. Monero is the next on list anyway. Kind regards

@maxandjim Thank you, we will investigate about communications in the local network. If for some reason the remote ssh session gets broken with CTRL-C you can consider to run the client inside a screen and send a soft kill signal when you want to shut it down gracefully. Warning: if you lose ssh connection, the client will continue to run in "its screen", completely detached (even its stdin, stdout and stderr will be detached from the previous shell) so the machine will remain connected to the VPN and "network locked": make sure you can remotely force a machine reboot as an emergency rescue just in case you can't access it anymore via ssh. About fantastic screen utility: https://www.gnu.org/software/screen Kind regards

Hello! Of course you are correct. We plan to release the stable edition of the software (or maybe the beta version) on GPLv3. We are at alpha stage currently, as you may have noticed. However OpenVPN 3 AirVPN code is available, have you examined it? Here it is: https://github.com/AirVPN/openvpn3-airvpn Kind regards

Thanks a lot! Bug confirmed, a fix will be available soon. Kind regards

Hello! No problems detected at the moment... Do you still experience the issue? If so, does it persist if you log your account out and in again? Kind regards

Hello! ovpn profiles are not scripts or binaries that you can run: they are text files that will be parsed by some OpenVPN binary. Use profiles as arguments of the client software as you always did. Let's end it here and now, please: if you need clarifications on that, please feel free to open a ticket at your convenience because it's off topic here. Kind regards

Hello! @giganerd Bug detected and fixed, a new testing version is almost ready to be deployed. Thanks! @QueenSasha Thank you, actually speed, efficiency and low RAM footprint have been a priority in OpenVPN 3.3 AirVPN design. Glad to hear that you get remarkable performance boost in Raspberry. Our OpenVPN 3 development goes on and is aimed as usual to bug fixing and new features implementation. Developer will answer soon to your technical questions, in the meantime feel free to keep us posted if you find any glitch or bug. @usr32 Great comparison thank you! We are surprised that you could beat AES with ChaCha20 in an AES-NI supporting machine. Can you please specify the whole architecture? We would like to make some verifications with OpenVPN 3+mbedTLS for AES-NI support in specific archs. @GJElde So you made an OpenVPN text configuration file +x and you tried to run it? @maxandjim Thank you, we will investigate asap. Kind regards

Hello! If you have time to make comparisons, please take note whether OpenVPN 2, on rigorously equal terms (therefore no ChaCha20 comparison is possible unless you run OpenVPN 2.5 beta), is faster or slower than 3.3, and feel free to publish the throughput you get with both versions. Kind regards

@giganerd Hello! Thanks! We can guess the bug from the log, yes, in the attempt to resolve IPv6 addresses instead of names which produce those warnings and in the end a fatal error. Can you please send us your profile (without certificates and keys, of course) for additional investigation? Kind regards

Hello! We are very glad to introduce a new client software for Linux 64 bit and Linux Raspbian 32 bit (which is frequently installed in Raspberry PI), based on our own AirVPN OpenVPN 3 library. The software is an initial and temporary step toward a more refined product to meet right now various demands by many Linux and *BSD users. It does not have a code name yet, and it is just "AirVPN OpenVPN 3 client" at the moment. It will evolve in to an integrated client and daemon targeting Linux, Mac, OpenBSD and FreeBSD platforms. Main features: lightweight and stand alone binary no heavy framework required, no GUI tiny RAM footprint (less than 3 MB currently) lightning fast based on OpenVPN 3 library fork by AirVPN with tons of critical bug fixes from the main branch, new ciphers support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on Raspberry PI and any Linux-based platform not supporting AES-NI robust leaks prevention through Network Lock based either on iptables or nftables through automatic detection proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features Versions for Mac, FreeBSD and OpenBSD will follow in the near future. The software is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. Source code will be made public at the release of a stable version. If you wish to test, feel free to download the binaries here and report in this very thread any bug, glitch and anything you wish: Linux 64 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz Raspbian 32 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz How to install AirVPN client for Linux x86_64 and Raspberry Requirements ------------ Linux x86-64 CPU/architecture A reasonably recent 64 bit Linux distribution tar sha512sum (optional) Raspberry Linux Raspbian distribution tar sha512sum (optional) Linux Installation ------------------ Download airvpn-static-linux-1.0-alpha2.tar.gz [optional] Download airvpn-static-linux-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-linux-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-linux-1.0-alpha.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-linux-1.0-alpha.tar.gz The process will create a directory airvpn-static-linux-x86_64 Issue the "cd airvpn-static-linux-x86_64" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Linux client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" (depending on specific Linux distribution) Raspberry/Raspbian Installation ------------------------------- Download airvpn-static-raspberry-1.0-alpha2.tar.gz [optional] Download airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-raspberry-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-raspberry-1.0-alpha.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-raspberry-1.0-alpha.tar.gz The process will create a directory airvpn-static-raspberry Issue the "cd airvpn-static-raspberry" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" Running the Client ------------------ Run the client and display its help and become familiar with its options. From your terminal window issue this command: sudo ./airvpn --help After having entered root password, the client responds with: AirVPN OpenVPN 3 Client 1.0 alpha 1 usage: ./airvpn [options] <config-file> [extra-config-directives...] --help, -h : show this help page --version, -v : show version info --eval, -e : evaluate profile only (standalone) --merge, -m : merge profile into unified format (standalone) --username, -u : username --password, -p : password --response, -r : static response --dc, -D : dynamic challenge/response cookie --cipher, -C : encrypt packets with specific cipher algorithm (alg) --proto, -P : protocol override (udp|tcp) --server, -s : server override --port, -R : port override --ncp-disable, -n : disable negotiable crypto parameters --network-lock, -N : enable/disable network filter and lock (on|off, default on) --gui-version, -E : set custom gui version (text) --ignore-dns-push, -i : ignore DNS push request and use system DNS settings --ipv6, -6 : IPv6 (yes|no|default) --timeout, -t : timeout --compress, -c : compression mode (yes|no|asym) --pk-password, -z : private key password --tvm-override, -M : tls-version-min override (disabled, default, tls_1_x) --tcprof-override, -X : tls-cert-profile override (legacy, preferred, etc.) --proxy-host, -y : HTTP proxy hostname/IP --proxy-port, -q : HTTP proxy port --proxy-username, -U : HTTP proxy username --proxy-password, -W : HTTP proxy password --proxy-basic, -B : allow HTTP basic auth --alt-proxy, -A : enable alternative proxy module --dco, -d : enable data channel offload --cache-password, -H : cache password --no-cert, -x : disable client certificate --def-keydir, -k : default key direction ('bi', '0', or '1') --force-aes-cbc, -f : force AES-CBC ciphersuites --ssl-debug : SSL debug level --google-dns, -g : enable Google DNS fallback --auto-sess, -a : request autologin session --auth-retry, -Y : retry connection on auth failure --persist-tun, -j : keep TUN interface open across reconnects --peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,... --gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob) --epki-ca : simulate external PKI cert supporting intermediate/root certs --epki-cert : simulate external PKI cert --epki-key : simulate external PKI private key --recover-network : recover network settings after a crash or unexpected exit The client needs a valid OpenVPN profile in order to connect to a server. You can create an OpenVPN profile by using the config generator available at airvpn website in your account "Client Area" To start a connection: sudo ./airvpn your_openvpn_file.ovpn To stop a connection, just type CTRL+C. The client will initiate the disconnection process and will restore your original network settings according to your options. To start a connection with a specific cipher: sudo ./airvpn --ncp-disable --cipher CHACHA20-POLY1305 your_openvpn_file.ovpn Please note, in order to properly work, the server you are connecting to must support the cipher specified with the "--cipher" option. If you wish to use CHACHA20-POLY1305 cipher, you can find AirVPN servers supporting it in our real time servers monitor https://airvpn.org/status : they are marked in yellow as "Experimental ChaCha20". To disable the network filter and lock: sudo ./airvpn --network-lock off your_openvpn_file.ovpn To ignore the DNS servers pushed by the VPN server: sudo ./airvpn --ignore-dns-push your_openvpn_file.ovpn Please note: the above options can be combined together according to their use and function. Note on network filter and lock ------------------------------- The client's network filter and lock uses natively iptables and nftables. The client will automatically use the infrastructure available on your system. Please note: services firewalld and ufw may interfere with the client's network filter and lock and you are strongly advised to not issue any firewall related command while the VPN connection is active. Note on DNS ----------- The client currently supports both resolv.conf and systemd-resolved service. When the client is running you are strongly advised to not issue any resolved related command (such as resolvectl) or change the resolv.conf file in order to make sure the system properly uses DNS pushed by the VPN server. Please note: DNS system settings are not changed in case the client has been started with "--ignore-dns-push". In this specific case, the connection will use your system's DNS. Recover your network settings ----------------------------- The client is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. In case the client crashes or it is killed by the user (i.e. kill -9 `pidof airvpn`) as well as in case of system reboot while the connection is active, the system will keep and use all the network settings determined by the client; hence, your network connection will not work as expected, every connection is refused and the system will seem to be "network locked". To restore and recover your system network, you can use the client with the "--recover-network" option sudo ./airvpn --recover-network Please note in case of crash or unexpected exit, when you subsequently run the client it will warn you about the unexpected exit and will require you to run it again with the "--recover-network" option. It will also refuse to start any connection until the network has been properly restored and recovered. Kind regards and datalove AirVPN Staff

Hello! The sentences Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price should be more transparent than a ghastly ghost. Kind regards

Version 2.18.5 (Wed, 30 Oct 2019 15:03:32 +0000) [new] Linux - systemd service [change] Code cleanup for stable release [bugfix] Windows - Service installation issue in Windows 7 [bugfix] Windows - SSL connections [bugfix] Suppression of some unwanted elevated log [bugfix] Windows bug 'Do you want to reset Eddie to default settings?' [bugfix] Fix for occasional error on exit, 'Object reference not set to an instance of an object'. All other reported issues are under investigation.

Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors: active OpenVPN 3 open source development ChaCha20 cipher on OpenVPN Data Channel for higher performance and longer battery life on tablets and smart phones IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high standards for privacy protection no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary crystal clear, easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! Grim regards & datathrills AirVPN Staff

Hi, if you find a way to modify routing table, default gateway and firewall rules in a computer from an account that can't have superuser privileges then you should have found a critical vulnerability in that computer. Kind regards

Hello, the maximum performance we could achieve with AES-NI and load balancing on a single server with daemons working on 4 cores has been 1.8 Gbit/s, meaning that a client with no CPU power limitation connected alone on a VPN server with 1 Gbit/s line full duplex (or a 10 Gbit/s line as in our Netherlands and Dallas servers) with "perfect" peering and routing, and when the weakest hop between client and server is stronger than both those client and server, can achieve a theoretical maximum of 1800 / 4 = 550 Mbit/s (because OpenVPN does not scale, it runs exclusively on a single thread of a single core). In real life with good peering and no CPU bottleneck you can expect the speeds you see reported in real time in the "Top 10 Users speed" in our servers monitor https://airvpn.org/status which means 180-250 Mbit/s, i.e at least 20 times the minimum allocated bandwidth per client we guarantee against overselling in the ToS. Kind regards AirVPN Support Team

@Lordvpn Hello! We can't see how the problem can be solved by Eddie, an application running in the userspace, when not even a system administrator in front of the keyboard can kill a process. If your report is accurate an immortal process that's not a zombie shows that the system is out of control. Not so surprising in Windows but please re-check your claims, just in case, i.e. is openvpn.exe really impossible to kill without rebooting the system? Kind regards

Hello! Cause of the issue is trivial: in 1970 our certificates are not valid. 19700101 01:04:09 N VERIFY ERROR: depth=1 error=certificate is not yet valid: C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org So no bug but correct behavior. According to your own descriptions, it is plausible that the router could not reach the configured NTP server to set the correct date and time. Kind regards