Staff

Hello! Please check here for a very quick solution: https://airvpn.org/forums/topic/53004-openssl-error-restart-every-3-seconds/?do=findComment&comment=187787 Kind regards

Hello! Do you declare an MTU size on the WireGuard conf file? Relevant for this discussion: https://superuser.com/questions/1537638/wireguard-tunnel-slow-and-intermittent Different networks may require different sizes. This is probably the reason for which WireGuard developers opted for the smallest allowed size in Android, 1280 bytes. Of course if it's possible to set higher sizes the performance will improve. Kind regards

Hello! For your information, the official WireGuard Android user app forces MTU to 1280 bytes (in our Eddie app, we also had to force 1320, although MTU remains customizable in Eddie settings). Higher sizes cause malfunctions, timeouts, line breaks or snail throughput on virtually any device and network we tested, almost surely because there is (often) no room in the frame. Even the Linux client forces 1280 bytes (if it doesn't find anything else in the profile) if our memory is correct. Thus your findings are consistent and hint to the necessity to keep a low MTU size. Kind regards

Hello! The promotion is now over. Many thanks to all of our customers. Kind regards

Hello! From the screenshot we can see that you did not enable Network Lock. Please enable it to prevent any possible traffic leak, including leaks caused by configuration errors like yours. In general you must not bind programs to the physical network interface: since the original gateway is not deleted in order to allow connectivity after a VPN connection is closed by the user, by binding to the physical network interface a process may bypass the VPN tunnel when Network Lock is not active and incoming connections arrive. Note that wrong binding will arise even from UPnP, NAT-PMP and any other "automatic port mapping" methods so make sure to disable such options from the torrent program. Anyway Network Lock will prevent traffic leaks even in this case. Check your torrent program settings against the following guide available in the FAQ section: https://airvpn.org/faq/p2p/ Kind regards

Thank you, this is a relevant information. You can stop sending us reports, we have collected enough data. Now you should tell us, if you can, and this is very important too, the exact name and version of your phone custom ROM. Kind regards

Hello! Local network exclusion is not possible when the connection is on LTE/mobile, so it's irrelevant, don't worry about it. Please review our previous questions and reply when you have time to do so, because we have some ideas and we need confirmations (or denials) from you to fully understand the issue. Kind regards

We released a new experimental version, mainly to fix some failure related to network adapter not related to OpenVPN/WireGuard.Other issues still under investigation. Version 2.22.1 (Thu, 15 Sep 2022 12:54:46 +0000) [change] [all] OpenVPN 2.5.7 [change] [Windows] Fix detection/conflict with some unusable VPN network interfaces

Thanks a lot. Now, about point 3 and 4, can you please check? Turn on the screen, and wait some time, until the network is up (check Android indicator), Also try to access the Log via the side panel (the drawer which you can access settings etc. from). Note whether the log view opens or not (it should be accessible regardless of network and Eddie condition). When the network is up, go to Eddie and check again whether Eddie still does not reconnect by itself (big button still unresponsive or not? does Eddie report "disconnected" status in spite of network up?). If the network never comes up (wait at least a minute or two after you have turned the screen on, and keep thee screen on, do not allow it to go off again) try to switch off your LTE connection (from Android settings (*) ) and then on again, and check what happens both to your device and Eddie. Thank you in advance for all the additional tests. (*) IMPORTANT: If your device connects via WiFi to an LTE router (and not directly by using a SIM in itself), and your switching on/off the WiFi card doesn't change Eddie status, reboot the router (or press the activation button which is available on certain LTE routers) and check whether Eddie status changes after the router has re-established the LTE connection. Kind regards

Hello! It will end on September the 21st. Kind regards

Hello! Can you please tell us the exact system you run in your phone? We see Android 13 from the report but probably you have a custom ROM since you have a Pixel 6. We would like to know what it is to check whether the malfunction is specific. We need to understand this part fully. Please check below and confirm or deny that each step is right: You leave the device unattended After some time, you find the device with the screen off You turn the screen on and you find Eddie disconnected. At this stage, check on Android bar whether your network is up or not (according to Eddie it's not) and tell us what you find (do not test with a browser because your leak prevention Android settings will not allow traffic) You can't access Eddie's log view at all (please make sure you can confirm or deny this for sure). What happens when you tap the "Log" entry in the side drawer? Is it totally unresponsive? Note that it is normal that the Log button on the status tab is missing when network is off. The big button for quick connection and disconnection is unresponsive too You force a connection by selecting manually a server and immediately the log view is again available and Eddie connects to that server instantly. Kind regards

For your comfort and peace of mind, check with traceroute (tracert in Windows) or mtr, and/or access various end points which tell you the IP address your packets come from. Typical speed tests sites and "what is my address" web services are perfect. Compare the IP address you get with the supposed exit-IP address of the VPN server you're connected to and verify they match. Finally, query the IANA database (with whois) for a final cross-check. Repeat multiple times for each server to minimize the likelihood that you end up to services which are accomplices of the attackers and therefore mask your IP address making you believe that you have a perfectly fine IP address while in reality your packet has come out from inside the evil Russian network. As a welcome and smart side-effect, while the attackers could do nothing with the data in transit inside their nodes because of end-to-end encryption, a re-routing of such a kind which would add an additional exit node would turn infringement notices against us exactly to zero, and alas this is not what we observe, not at all 🙄. We have never met such kind and gentle attackers, unfortunately. Kind regards 😋

Hello! OK, as soon as we have the exact version or image of the distribution you experience this problem on, we will investigate thoroughly. Kind regards

Hello! You should have the identical behavior. Can you open a ticket and send us a report as usual while you're connected with OpenVPN, with some "excluded" app? Kind regards

Hello! We're very glad to announce a special promotion on our long term Premium plans for the end of Summer or Winter, according to the hemisphere you live in. You can get prices as low as 2.06 €/month with a three years plan, which is a 70% discount when compared to monthly plan price of 7 €. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy All reported discounts are computed against the 7 EUR/month plan. Kind regards & datalove AirVPN Staff

Hello! In this case unfortunately you can't have robust leaks protection, trivially because you explicitly need traffic outside the VPN tunnel. You may consider to re-enable VPN re-connection in Eddie settings and disable VPN lock. Any other app may also leak traffic when an unexpected disconnection occurs, but Eddie will reconnect quickly, so the system and the "excluded" apps might not have the time to close the previous socket (which will have a several seconds timeout) and open a new one outside the tunnel: the re-connection, once a network is again available, is often faster. This is a serious traffic splitting on an apps basis byproduct, when you want auto re-connection, which could be resolved only through more advanced techniques (multiple routing tables and/or cgroups) which are totally out of reach for Android apps not running with root privileges. Probably, when traffic leak prevention is an absolute must, you should either renounce to traffic splitting, or keep VPN Lock enabled and give yourself in to manual re-connections, according to the old saying "you can't have your cake and eat it too". Evaluate therefore your threat model and the consequences of a potential, although short lived, traffic leak. Kind regards

@VPN3rd Hello! In your case that's an expected behavior because VPN Lock option is enabled. Since you have Android 12 you can safely disable VPN Lock and enable "Always on VPN" and "Block traffic if VPN is inactive" in order to have traffic leaks prevention and, at the same time, let Eddie re-connect when necessary. Also make sure that in Settings > VPN view, the VPN reconnection item is on (you currently have it off, another reason for which Eddie will not re-connect). @harold.lewis In your case the missing reconnection attempt is expected because you have disabled VPN reconnection option too (see the note above to VPN3rd). The unexpected occurrence is that Eddie is frozen: how is it frozen? You mention that you can unfreeze it by connecting manually, do you mean that some functions are unresponsive, while other ones are working fine? Can you elaborate? Thanks a lot to you both for your relentless testing! Kind regards

Hello! Yes, it is an intended change following several users request. Kind regards

Hello! We're very glad to inform you that Eddie Android edition 3.0 Beta 2 is now available. The original post has been updated accordingly. New in Beta 2: detected client's IP address not written in local log anymore WireGuard error streams management rewrite (*) dark theme heading color change (*) fixing reported bug according to internal tests, please check Find full description, download link and SHA256 signature in the first post of this very thread. Thank you very much for your tests and please report and describe any bug you find! Kind regards

Hello! Another option is WireGuard app for iOS, of course, if WireGuard is not blocked by the provider. Configuring WireGuard in iOS is easier, as our CG proposes the QR code. https://airvpn.org/ios/wireguard/appstore/ Kind regards

@telemus Hello! That's normal, it's a Windows exclusive option as it is the only system which needs third-party drivers for tun interfaces. You don't need this option at all in Linux or Mac. Probably "Automatic" is still checked. You need to uncheck it first. Kind regards

@g6mfyimwel Hello! You can use Bluetit included in the AirVPN Suite, especially if you need a true daemon. It also offers a "persistent network lock" feature which creates "network lock" rules as soon as the network interfaces come up and the default gateway is defined. Compatible with systemd and SysV style init, so it's fine for Ubuntu and at least 90% of recent Linux distributions. https://airvpn.org/linux/suite/ User's manual: https://airvpn.org/suite/readme/ Kind regards

Hello! The following network interface: 2022.09.10 16:15:52 - Using WinTun network interface "VPN - VPN Client (VPN Client Adapter - VPN)" is causing a critical error to OpenVPN: 2022.09.10 16:15:58 - OpenVPN > There are no TAP-Windows nor Wintun adapters on this system. You should be able to create an adapter by using tapctl.exe utility. 2022.09.10 16:15:58 - OpenVPN > Exiting due to fatal error You should be able to resolve the problem in the following way: please select Settings > Networking enter "Eddie" (without quotes) in the VPN interface name field (see also https://www.clodo.it/host/images/f625221af86ac02e33238f0aaaffca81bae26bbf.png ) click "Save" and test again a connection Alternatively, you can remove that problematic network interface. As a further option, you can connect with WireGuard. To do so, please select Settings > Protocols and pick WireGuard. (WireGuard will not use the interface detected by Eddie for OpenVPN). Kind regards

@Riddick Hello! Watch out, your screenshot shows the settings window to force Eddie to use a specific interface and give it a specific name; it doesn't change the connection mode. OpenVPN and WireGuard connection modes, instead, can be selected on Settings > Protocols window. @telemus If WireGuard doesn't appear in the list of connection modes, probably your system doesn't have support for it. Kind regards

Hello! Thank you very much for your feedback and suggestions, they will be taken into due consideration for sure, especially to delete a specific information: the log you send may contain (if the country setting is unset) your real IP address in the logging moment, an information which normally would be visible only during an active connection and only to the core AirVPN management members if they perform very specific search inside the VPN server (other developers can't see it), while in this case it would become available to Eddie Android development team as well. Once you have uploaded the report, the data retention in eddie.website is 30 days, OR you can delete anytime the log by yourself. The log is first visible only to the support team (not outsourced) so the support team can edit it before sending it to the development team. We will seriously consider to include the automatic deletion of such info in Eddie 3.0 beta 2 (which will also contain a fix for the bug you and other testers have reported). Kind regards