Staff

Hello! You did (for Firefox) here: https://airvpn.org/forums/topic/25140-the-issue-your-browser-is-avoiding-ipv6/?do=findComment&comment=81717 Quite the contrary, please re-read. Our IPv6 handling is fully compliant to RFC (including ULA choice). It's the setup of some Linux systems that's not compliant to RFC 3484 and that can be easily fixed. Additionally it's the default setup of Chrome and Firefox that makes them prefer IPv4 when possible. In our opinion, it is a good thing currently, because of the poor status of IPv6 infrastructure nowadays. Anyway browsers' setup can be fixed too, but it's outside the scope of our service. We don't see a valid reason to change our setup at the moment. We get 10/10 in https://test-ipv6.com from FreeBSD. It is anyway OT, the problem of the OP @Hotgloblin is related to apparent lack of OpenVPN IPv6 tunneling in certain firmware, even when IPv6 routes are pushed. Kind regards

@bookth Hello! That's actually unexpected. First thing to check is DNS settings. Make sure that publicly accessible DNS servers are set in your Mac, while Air software is not running. Did it happen while you were running Eddie or Hummingbird? Kind regards

@arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards

@Hotgloblin Hello! We see that in AsusWRT and in Asus MerlinWRT, IPv6 is not tunneled by OpenVPN, even though IPv6 push is performed. According to some forums, this is a current limitation of the firmware implementation. In Eddie Android edition IPv6 over IPv4 is enabled by default and you can fine tune according to your preferences in "Settings". However the OpenVPN3-AirVPN library in the current Eddie Android edition release has serious problems if you need a PURE IPv6 connection, so at the moment you need to renounce to pure IPv6 connections in Eddie Android. @giganerd We're not sure why you should, but if you need that IPv6 is preferred over IPv4 in spite of the solution you proposed some time ago, check here, even for a "patch" different than the one you suggested: https://gist.github.com/e00E/70bcb5f7f0db216739029a7b7e342fdf Kind regards

@bigdaddy Hello! Do not confuse server ports with your system ports. You can't remotely forward inbound ports below 2048, so packets to port 89 can''t be forwarded to your system. Service of ours listen to port 89 on VPN servers exit-IP address. Kind regards

@alphastep Hello! AirVPN allows only OpenVPN encrypted connections. You can see that here for example (respectively for Control and Data channels): . 2020.07.25 18:53:36 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA . 2020.07.25 18:53:38 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2020.07.25 18:53:38 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key If you don't have stunnel you can't add an additional TLS tunnel (which might be useful only in very exceptional circumstances) on top of OpenVPN connection, nothing else. It has nothing to do with OpenVPN encryption. Kind regards

@cheetoh Hello! Network Lock option is highly recommended and explained in various guides and basic instructions. Even in the welcome e-mail we describe and recommend it. Network Lock prevents any possible traffic leak outside the VPN tunnel including leaks caused by software mis-configuration as well as leaks caused by unexpected VPN disconnection. Network Lock is even enabled by default by Hummingbird. When Network Lock is enabled you don't have to worry about errors in torrent software, and any other software, binding. Kind regards

@ntropia Hello! Eddie runs ping hundreds of times to perform "latency" tests, and each ping send at least two ICMP packets. Some ISPs don't like the behavior. Consider to disable "latency" tests in "Preferences" > "Advanced". Also consider Hummingbird for Linux: https://airvpn.org/hummingbird/readme/ Kind regards

@Maggie144 Hello! If it's a generic line problem you should see the same disconnections (even though with different error message, possibly) with OpenVPN 2. Can you please test for a discernment? If the connection is stable with OpenVPN 2 (you should keep it active more than 23 hours) we can safely assume that the problem is OpenVPN3-AirVPN related. Kind regards

@Maggie144 Hello! Is reneg-sec 1000 (or something similar) included in your profile? Kind regards

Hello! Currently not, we're sorry. It's the server that must listen to specific ports, it's not a client task. Maybe some server does not respond properly on port 41185, can you please give us the server(s) name(s)? Excellent! We're glad to know it. Stay tuned for future developments for macOS. Kind regards

@Maggie144 Hello! Please see here to run Hummingbird on its own: https://airvpn.org/hummingbird/readme/ Kind regards

Hello! It's physically impossible because, when done properly, wiretapping is external and transparent. Please check here to defeat adversaries with the ability to wiretap at the same time VPN servers lines and your line: https://airvpn.org/forums/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745 Kind regards

@Maggie144 Hello! Can you please check whether: running Hummingbird alone resolves the problem or not running Hummingbird (both alone and through Eddie) with the additional directive reneg-sec 1000 resolves the problem or not Kind regards

@hawkflights Hello! We would like to underline that it's not a matter of "resisting". Wiretapping and correlation between incoming and outgoing traffic is performed freely, no need to ask for provider (VPN service or datacenter) cooperation at all. The real situation is that wiretapping without judicial overview will be transparent: the servers owners and operators will not even realize it is happening as it can be easily performed outside the server. Nothing changes indeed for careful Chinese customers and users, because they already needed to connect to servers outside Hong Kong according to the golden rule suggesting to always use servers located in jurisdictions different than your own. With the current move we are actually protecting those users who are unaware of the issue. Cowardice, if any, may be typical of those VPN services that keep operating in Hong Kong just for those few more bucks brought by unaware or naive customers. Kind regards

Hello! We are very sorry to inform you that we are withdrawing all of our servers in Hong Kong. Because of the new legal framework allowing unlimited line wiretapping by Chinese entities without judicial overview, the painful decision is due and undelayable. Our presence in Asia will continue in Singapore and Japan, where our infrastructure is oversized, while we are considering expansion in other countries when both legal framework and infrastructure status of a country allow it. Kind regards & datalove AirVPN Staff

@mith_y2k Hello! Hummingbird uses OpenVPN3-AirVPN library, which leaves dynamic, real time socket buffer adjustment to asio library. Fixed buffer sizes directives are ignored. It's a superior solution. Kind regards

Hello! Wintun driver can only be used by OpenVPN 2.5 with the proper directive. Make sure you have installed OpenVPN 2.5 and configure Eddie to run OpenVPN 2.5 and enforce windows-driver wintun directive, according to the very same instructions you mention. Kind regards

@wildbill Hello! We're not sure what fix you would like. Actually the behavior you report is expected and logic, by design. When you define a white list, only servers in the white list are taken into consideration, even to gather stats. It's the exact purpose of a white list: exclude anything outside it. Anyway as @giganerd pointed out you can bypass momentarily any white or black list with a single click. Kind regards

Hello! Of course, we need to implement the feature. Kind regards

Hello! If Network Lock was on, and you did not tamper the firewall rules, it is physically (in the sense of Laws of Nature) impossible that your real IP address could be found from the Internet p2p swarm. Either the notice is not genuine or the report is not accurate. Kind regards

Hello! Eddie might not run on Graphene OS. Can you test OpenVPN for Android and check whether it works? Kind regards

@Lestrad Excellent! We're glad to know that the issue has been sorted out. Kind regards

Fixed, sorry.

Version 2.19.4 (Mon, 06 Jul 2020 13:17:19 +0000) [bugfix] Linux, Font/UI issue in some distribution (Manjaro) [bugfix] Linux, modprobe issue with zstd [change] If Netlock fails to activate, stop autoconnect.