Staff

@Giddy169 Hello! Also make sure that the camera software is listening to port 8000 and not binding to the physical network interface, and that you try to access the camera on the correct exit-IP address of the VPN server, and the proper port (the port you have remotely forwarded and that you remapped to your local port 8000). Furthermore, make sure that no firewall blocks packets to/from the software when the system is connected to the VPN and that you try to access the camera software from a device that's not connected to the same VPN server. Kind regards

@inc Hello! It looks like the client fails to negotiate the new Data Channel key after the old one has expired (in our service PFS is implemented and DHE occurs every 60 minutes by default). Since the old key is kept in use until the re-negotiation is not finished, the connection is not broken, but the Data Channel uses always the same encryption key. How frequently do you get those errors? Did anybody else notice them? Kind regards

Hello! Netflix USA and only USA is accessible from AirVPN servers as usual if and only if your system queries AirVPN DNS (which happens by default with our software). EXCEPTION: the following servers can not reach Netflix USA at the moment;: Kruger Sneden Fang Nahn Sham Also note that Netflix application has been reported as maliciously bypassing system DNS or exploiting other techniques to disclose your real location. You will be blocked if you are not in the USA in Netflix' app belief, but it's not a fault of our system. Deleting application's cache and then running it only and uniquely when the device is connected to the VPN has been reported as solving the problem in various cases. @giganerd Connecting through a VPN to stream Netflix USA when you are in the USA makes sense in any case (check the wars of major USA ISPs/transit providers against Netflix to get paid by Netflix in order to not block its traffic). Unfortunately Netflix at the end of the day sided with those who have contributed to dismantle the Internet and Net Neutrality in some countries of the world and in this sense it's just another enemy of that very same infrastructure and technology that made its fortunes. Kind regards

@Giddy169 Hello! Can you please recheck your tun interface name with command ifconfig or ip link show from a telnet or ssh connection to your router? Just in case it's not "tun11". Check also whether "br0" is correct or not. Moreover, what is that destIP in the script you pasted, in FORWARD and even in the PREROUTING chain of the nat table? "destIP" must be replaced with the actual IP address you want to pre-route and forward packets to. Kind regards

@jx35552zza Hello! The connection is lost without chance to recover it (fatal error). It's expected when the network interface is turned off to save power. Eddie then "locks" the tunnel to prevent leaks. If you have Android 9 or 10 you can disable the "VPN lock" option from the "Settings" and enable Android's features "Always on VPN" and "Do not allow traffic outside the tunnel" to prevent traffic leaks AND give Eddie the option to re-connect safely after any unrecoverable connection error. Kind regards

Hello! What are the features of the sleep mode? Specifically, is the network card turned off, applications frozen and/or the whole system hibernated? Kind regards

Hello! There is no option to tell Eddie not to try to reconnect, but you can have Eddie connect always to one server or the last server it connected to: define a white list of servers which contain only one server, or tick "Lock current server" tick box in the "Servers" window. Kind regards

Hello! A service of ours listens to port 89 for internal communications in the infrastructure. Moving thread to "off-topic". Kind regards

@gmini Hello! Good, so you have strong clues (or even a proof) that torrenting is the cause of the problem. Now, to discern whether the cause is torrenting in general or specifically qBittorrent, change p2p software and check. Kind regards

Hello! It's a weak way for a user to have a security check on access. Not very useful and surely not privacy concerning. It has nothing to do with logging or not logging client traffic on VPN servers, obviously, and is irrelevant in any context. Enable 2FA instead for a robust, additional account access protection. Kind regards

@gmini Hello! Is it so difficult to read the documentation of those programs that one runs? µTP and protocols in general can be set in "Connection" > "Protocols" or "Enabled Protocol" combo box. Kind regards

@gmini Hello! Xfinity traffic shaping techniques: https://www.xfinity.com/support/articles/network-management-information As you can see their sentences leave room for almost anything they decide to do. If they think that a sustained UDP flow is an UDP flood, and therefore a menace to the customer or their network, they might start blocking UDP causing VPN disconnection. For the above problem you can consider to connect with the following mode which has been reported to be good by some Comcast residential customers: port 443 protocol TCP entry-IP address 3 (THREE) Assuming that Xfinity is not the "culprit", the problem you experienced may be on your side. The reported behavior is compatible with uTP activation in your torrent software. uTP is a traffic shaping tool integrated in some torrent software that can cause all sorts of problems when all of your traffic is tunneled in UDP, so make sure that uTP is disabled. Kind regards

@AirVPNconsumer @containermalt Hello! Please test Hummingbird binary now available on GitLab, it has been rebuilt in a different environment and now it requires older libraries. Please keep us informed. EDIT: the binary is now available in our repository too and replaces the previous build. https://gitlab.com/AirVPN/hummingbird/tree/master/binary Kind regards P.S. Radical solution is simply building Hummingbird directly in your system (detailed instructions on GitLab).

Hello! You are using an obsolete OpenVPN 3 AirVPN, when "ncp-disable" and "cipher" were not implemented. By aligning to latest OpenVPN AirVPN 3.6.1 you should resolve the issue. Options to link against OpenSSL or mbedTLS will be kept. Thank you for the feedback. Kind regards

Hello! NEWS We have a name for the software! Stable version of Hummingbird has just been released! Please check the first post in this thread for updated links, instructions and changelog. Kind regards

@jyams73@mail.com Hello! If the listening services run in a machine not directly connected to the VPN, but behind a NAT created by some other device which runs OpenVPN (for example your DD-WRT router), do not forget to implement packet forwarding and prerouting on that device (for example the DD-WRT router) to the final, destination IP address(es) of your local network (I.e. the IP addresses of the machines in your local network running the listening services). A specific guide for DD-WRT (and any other system that can run iptables) is here: https://airvpn.org/forums/topic/9270-how-to-forward-ports-in-dd-wrt-tomato-with-iptables/ Kind regards

@hawkflights Hello! Currently, pure IPv6 support seems lost in OpenVPN 3 library: it happened recently and it looks like a regression at a first glance, but we will look into the problem more carefully in the future. If the bug(s) will not be patched on the main branch we can consider to do it by ourselves as usual. Kind regards

Hello! OpenVPN AirVPN 1.0 Release Candidate 2 has just been released! A new version for Linux ARM 64 bit is now available, tested successfully in Ubuntu 19.10 running in a Raspberry Pi 4 with 4 GB RAM. Please check the first post in this thread for updated links, instructions and changelog. Kind regards

Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68.6% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. code shown in the above picture is an example, not a real code If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans' special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff

Hello! That's the way it has always been. A pop-up is displayed only when Eddie is launched. Again, that's the way they work (except for the flashing of the tray icon, which is not implemented). There can be only ONE pop-up. Furthermore the pop up is displayed in an asynchronous window, i.e it does not interfere with other windows and does not stop Eddie operations (for example if it must enable Network Lock and connect at startup, it will do so even if you ignore the pop-up). In other words, Eddie's pop-ups are not invasive and everything continues to go on even if you ignore the pop up window and never click on it (exception: in Android views, you will have to change view or dismiss pop-up, according to Google Android guidelines). And the feedback is clear: no pop-ups, something like several hundreds of complaints. Pop-ups, less than 20 complaints. Last but not least, pop-ups are sent only to users whose plan's expiration date is nearer than a certain amount of days. Yes, and a further confirmation comes from the fact that NordVPN Android app sends your data to various trackers. Proof: https://reports.exodus-privacy.eu.org/en/reports/com.nordvpn.android/latest/ Kind regards

@esjalistas Please open a ticket as well at your earliest convenience. The connection times you report are totally unexpected: Eddie must connect your system in less than 30 seconds, even in Windows. Note: you forgot to attach the system report you mention. Kind regards

Hello! All Air VPN servers do not keep any account data, not even client key, so no worries under this respect. VPN servers also don't keep log. We also remind you that you are not required to enter personal information in your account, not even a real e-mail address. Please note that the investigation that was disclosed by the press pertains to datacenter owners and a few web sites hosted in it, and did not involve AirVPN and/or AirVPN servers in any way at any stage. Air VPN servers were not seized and were not disconnected: we decided to drop the datacenter and withdraw the servers because of repeated lack of IPv6 connectivity, frequent drop-outs and packet loss, as well as very slow customer care reactions (maybe an impact from the investigation when it was made public? we don't know) to solve problems. As you know our technical requirements are quite precise and if a datacenter fails repeatedly to meet them we are forced to look elsewhere, otherwise the overall perceived quality by our customers will go down. Kind regards

Hello! OpenVPN AirVPN 1.0 Release Candidate 1 has just been released! Please check the first post in this thread for updated links, instructions and changelog. Kind regards 

Hello! Do you mean that you still see the popup when you re-run Eddie? It was no more sent after Black Friday sales ended, and anyway it was never sent to anyone already having a long plan. When we did not send it during the past deals, we always received a massive, massive amount of tickets for weeks, from people complaining that they were not aware of a special offer and they missed it because Eddie did not tell them anything and they discovered the special offer when it was too late. If you still see the popup can you please report at your convenience? Kind regards

@Maggie144 The vulnerability is still unknown so let's wait for the paper. Vulnerability will be disclosed to the public only when a patch is available. Please do not discuss the issue here as it is off-topic for Eddie: another thread is already available, although there's almost nothing to say until the vulnerability is secret, except that the attacker must control your router/access point or be an adjacent to it user, so you know in general how to prevent the potential attack in the meantime. Kind regards