Staff

Hello! The critical error: OpenVPN 2.3.18 is very old and doesn't support "data-ciphers" directive which is included in configuration files for OpenVPN 2.5 and higher version. Try to generate a configuration file for OpenVPN 2.4 (*), but more importantly upgrade Tunnelblick, if possible, to a version that runs at least OpenVPN 2.4 (if possible go straight to OpenVPN 2.7). See here a thorough list of versions and pick the most recent one that's supported by your macOS: https://tunnelblick.net/cRlsNotes.html (*) OpenVPN 2.4 is also very old and abandoned but AirVPN will still support it during 2026. In the Config Generator page please turn on the "Advanced" switch, then select "2.4" on the OpenVPN profile combo box. Then generate and download as usual. The first Tunnelblick release featuring OpenVPN 2.4 is Tunnelblick 3.6.10: https://tunnelblick.net/cRlsNotesOld.html Kind regards

Hello! In Windows 11, by default "Fast Startup" is enabled, so pressing briefly the on/off button when the machine is on will cause an Hybrid Shutdown + Partial Hibernation. In turn, this causes multiple problems (not only to Eddie). If Fast Startup is enabled, please disable it and test whether the problem disappears. Also make sure that Eddie's setting available in the Preferences > UI window, "Ask confirmation at exit", is NOT checked. NOTE: long pressing the on/off button will cause a power outage and therefore possible corruption of files and file system, so this should be avoided at all costs. Kind regards

@Kevig Hello! Which Eddie version are you running? Can you test Eddie 2.25 beta (if you haven't already done so) and check whether the same problem occurs? https://airvpn.org/forums/topic/79305-eddie-desktop-edition-225-beta-released/ Is the server OS capable to manage the ACPI hardware event triggered by pushing the on/off button? For example a Linux server fully supporting the underlying BIOS is able to catch the event and start a graceful shutdown (typically via acpid or systemd-logind), and this should ensure that Eddie exits cleanly. What is the OS of the server? Does the problem occur even when the shutdown is properly performed? Kind regards

Hello! Actually we do not publish a report similar to the one you linked but here it is: you can take those figures, divide by 3 and get a precise estimate. Kind regards

Hello! We managed to reproduce this, but it's not a "real" problem, it looks like expected behavior but at first we were fooled too. Vivaldi opens and causes key wallet access or other operations request, when it is run inside the namespace. This may happen for example because it is run by a different user, e.g. airvpn, so the configuration file path is different and the configuration file must be created the first time. While Vivaldi waits for authorization to access the wallet, it does not allow any connection. Check any other window that should open when you run Vivaldi through cuckoo by airvpn user (it's not brought in front by the DE and Vivaldi main window doesn't throw any warning, so you might be fooled as well) and you should find the prompt for the password for your desktop wallet (KDE wallet, just to mention an example) or any equivalent tool according to your Desktop Environment. When we fill in the request (necessary only once and for all for each account), Vivaldi goes on and works perfectly fine. Kind regards

Hello! Important update: OpenVPN 2.7 and DCO deployment entered its final stage. Check the update on this thread first message. Now you can start using OpenVPN + DCO on a wide portion of AirVPN infrastructure and very soon on all of it. Kind regards & datalove

@0bacon Hello! GTK warning and dconf error do not pertain to the Suite. It's unexpected that Vivaldi can't reach the Internet. Have you allowed Bluetit to select automatically an IP address for your "aircuckoo" namespace? Can we see your new Bluetit log and /etc/airvpn/bluetit.rc content? Kind regards

Today we're starting AirVPN 16th Birthday celebrations with big discounts on longer term plans. From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 23 countries on four continents! AirVPN is now one of the few major consumer VPNs that is still independent. In other words, it is not owned by large corporations with diverse interests that interfere through editorial publications or conflict with privacy protection. Since our 15th birthday celebration, our customer base has grown remarkably, and we would like to thank all the old and new customers who chose or confirmed AirVPN. AirVPN has focused on comprehensive enhancements, including: line and server expansion to accommodate the outstanding customer growth. The infrastructure can now deliver up to 1,256,000 Mbit/s. Compared to the 970,000 Mbit/s available in June 2025 this is a 29.5% increase in less than a year AmneziaWG support deployment started on the client software and infrastructure (currently completed on Eddie Android edition) OpenVPN DCO (Data Channel Offload) support and kernel module deployment started on VPN servers the unlimited traffic quota for every and each customer subscription plan is confirmed remote inbound port forwarding feature has been confirmed for new customers too several bug fixes on the API and the account management panels On the software side: all AirVPN applications and libraries are free and open source software released under GPLv3 new, greatly improved Linux AirVPN Suite and Eddie Android editions Eddie Android edition implements, on top of several improvements, complete AmneziaWG support as well as a QUIC CPS database of real web sites enabling effective circumvention of new blocks against VPN protocols enforced in various countries If you're already our customer and you wish to extend your stay, any additional subscription will be added to your existing subscriptions and you won't lose any days. Check the promotional prices here: https://airvpn.org/buy Promotion will end on June the 16th, 2026 (UTC). Kind regards and datalove AirVPN Staff 

@0bacon Hello! AirVPN Suite 2.1.0 Release Candidate 1 is available. It addresses some problems related to your case and features a stricter check to avoid entering entire subnets for the namespace. A single address is required (in your case, anyway, you can also rely on automatic choice, since you're behind a NAT). Feel free to test the new Suite version and check whether the problems are resolved. Bluetit is linked statically against libxml2 so the problem is Cuckoo-only in the 2.0.0 Suite. On Suite 2.1.0 version, Cuckoo is no more linked (dynamically) against libxml2 because it does not need it anymore and the problem gets solved for Cuckoo too. Kind regards

Hello! We're glad to announce that AirVPN Suite 2.1.0 Release Candidate 1 is now available. It features an additional bug fix, a few more refinements on IPv6 management and improved traffic splitting namespace management. Please see the first message of this thread for complete description, full changelog and download URLs. Thank you in advance if you wish to test! Please feel free to report any glitch and bug on this thread. Kind regards

Hello! Please follow this checklist: https://airvpn.org/forums/topic/66388-port-forwarding/?do=findComment&comment=243305 Kind regards

Hello! The cause of the problem (Table = off and improper traffic splitting setup) and its solution can be found in the "best answer" post of the thread. If they don't apply to you, please feel free to open your own thread. Kind regards

Hello! Please see here for a quick solution to the quoted critical error: https://airvpn.org/forums/topic/70745-eddie-cant-connect-to-any-server/?do=findComment&comment=249545 Kind regards

Hello! Excellent. We also see the ports as open, we can reach your service(s) from the Internet and we receive back a proper reply. The port tester is successful but remember that the test is only over TCP. Kind regards

Hello! This is an error, please set an IP address for the namespace virtual interface, not a whole subnet. Do you mean that the problem started when you deleted and re-created /etc/netns, or it was solved when you did this? Can you please send us the output of: ls -l /etc Furthermore, please send us the complete Bluetit log, that you can generate with: sudo journalctl | grep bluetit > bluetit.log # if you have systemd based Arch sudo grep bluetit /var/log/syslog > bluetit.log # if you have Arch-systemd-free cuckoo: error while loading shared libraries: libxml2.so.2: cannot open shared object file: No such file or directory Yes, this is a required library. It is pre-installed on many distributions and we considered it as available by default. We shall ponder revising the minimum requisites list, thank you. Kind regards

Hello! Confirmed. This is a bug that has been lurking in the code for a long time (probably since the early 2.0.0 testing versions). It has been addressed so you will see a fix on the next version already. Thank you for your tests! Kind regards

Hello! AMule uses both TCP and UDP protocols for different functions. TCP is primarily used for client-to-client transfers and connections to eDonkey servers, while UDP is used for extended protocol features, according to Wikipedia. For your account you have forwarded a few UDP only ports. Please change them to "TCP and UDP" and test again. Furthermore, if your system is Windows, make sure that the Windows Firewall (or Defender etc.) allows incoming packets for aMule on both private and public networks: if the VPN is considered a public network (check it out) by default incoming packets will be rejected or dropped. Kind regards

Hello! We're glad to inform you that AirVPN Suite 2.1.0 beta 1 is now available. Packages for ARM 64 bit architecture are available as well, if you wish to test. https://airvpn.org/forums/topic/80022-linux-airvpn-suite-210-preview-available/ Kind regards

Hello! We're very glad to inform you that AirVPN 2.1.0 beta 1 is now available. Please check here: https://airvpn.org/forums/topic/80022-linux-airvpn-suite-210-preview-available/ This version includes even more bug fixes and IPv6 management improvements. It is linked against updated libraries. NEW BLUETIT AND GOLDCREST OPTION air-4to6 Enables or disables IPv4 over IPv6 for AirVPN connection. This option is available when the tunnel is built on IPv6, i.e. air-ipv6 on. When air-4to6 option is on or omitted, both IPv4 and IPv6 traffic will be sent over the IPv6 tunnel. Values: on | off . Default: on Kind regards

Hello! Thank for your choice! The infrastructure servers are updated periodically and rebooted on a scheduled, slow rotation to avoid excessive disruptions, except when an urgent update is absolutely necessary. On the 1st of May, an urgent update became essential to address a paramount, critical vulnerability affecting all Linux kernels. Therefore, after having verified that no exploit was attempted on the servers, and after applying a temporary patch preventing the exploit, we proceeded at a rapid pace to update all kernels and reboot the servers in large batches to complete all updates within 24 hours. Kind regards

Hello! Roughly 30% to 50% of peers in a typical Linux distro swarm have working IPv6 connectivity. However, BitTorrent clients or systems may prefer IPv4 and the perceived percentage of IPv6 peers can be dramatically lower. Kind regards

Hello! We can't provide an ETA right now but stay tuned. Are you sure that blocks from Russia are effective when you use QUIC CPS of a real .ru website? According to a few reports, that's good to bypass current blocks. However, it must be said that different ISPs implement different blocking techniques. Kind regards

Hello! Syntax error. Check our previous message and fix accordingly, there's an undue space character between "Nftables" and "TableOwner" that must be deleted, otherwise the option is not recognized. Kind regards

Hello! We already told you where to look at and you already provided evidence of the duplicate and exposing Bluetit's bug, don't worry and thank you. No further action is required at the moment. You must see that Bluetit's warning about exclusive tables ownership disappears and Network Lock now works properly. firewalld exclusive tables ownership prevents Network Lock from working properly on any Suite version, obviously. Kind regards

Hello! Exactly. Add it (you can edit the file with any text editor with root privileges), set it to "no" and verify that the issue gets resolved. NftablesTableOwner=no then re-start firewalld. This is vital to let Bluetit operate "Network Lock" properly. Exclusive ownership of the firewall tables must be pondered on a case by case basis. In this case if you wish to enable "Network Lock" you can't assign exclusive ownership of the tables to firewalld. You have two default routes via 192.168.178.1 on the same interface (enp6s0), one without explicit metric (so metric 0) and one with metric 100. Such duplicates are harmless in general but Bluetit detects them, probably fails to understand that the metric of one of them is 0, and throws a critical error believing that the metric is the same for both. We'll work on the matter carefully. In the meantime just delete the duplicate route and configure your interface either fully static or fully DHCP to keep on testing Kind regards