Staff

Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.19beta. It is ready for public beta testing. How to test our experimental release: Go to download page of your OS Click on Other versions Click on Experimental Look at the changelog if you wish Download and install Please see the changelog: https://eddie.website/changelog/?software=client&format=html PLEASE CONSIDER THIS AS A BETA VERSION. Don't use it for real connection, it's only for those who want to collaborate to the project as beta-tester.

@Maddog77 Hello! Can you tell us your Linux distribution name and exact version? Both OpenVPN and curl appear old. Please upgrade OpenVPN and curl, or consider to upgrade the distribution itself, and the problem should be solved. In reality, if you don't need tls-crypt and IPv6, you can still run OpenVPN 2.3.10. However curl needs an update as your version (which is invoked by Eddie) seems unable to support the latest TLS requirements by our servers. Alternatively you can avoid to use Eddie and run OpenVPN directly, but you will lose all the additional features Eddie is packed with. Hummingbird (another free and open source software by AirVPN) might or might not be a viable option, it depends on how old glibc and other libraries are in your system. One of the oldest Linux distributions that can run Hummingbird is Debian 9, which features really archaic and obsolete software & kernel, in line with Debian philosophy, so it's possible that your distribution can run it too. Kind regards

@Berlingo Hello! Can you please check your Eddie version? If it's older than 2.18.9 please upgrade and test again. You can download Eddie latest stable release (currently 2.18.9) for Windows here: https://airvpn.org/windows You can download Eddie latest stable release (currently 2.18.9) for Linux here: https://airvpn.org/linux You can download Eddie latest stable release (currently 2.18.9) for Mac here: https://airvpn.org/macos Kind regards

@Genje Hello! Does the port exist in your system, i.e. does the listening service listen to the correct interface and correct port (it must not bind to the physical network interface)? What is the software that must receive the forwarded packets? Kind regards

Hello and thank you for your choice! Your Eddie version is very old. Please upgrade Eddie and the problem should be resolved. You can download Eddie latest stable release for Windows here: https://airvpn.org/windows You can download Eddie latest stable release for Linux here: https://airvpn.org/linux You can download Eddie latest stable release for Mac here: https://airvpn.org/macos Kind regards

Hello! You can't remotely forward inbound ports under 2048 in our service. Port 1122 is not, and has never been, forwarded to your node. Please also note that port 1122 is not even a "remapped" destination port for your client. Thus, perhaps, all the problems are caused by a single, trivial error, i.e. a wrong port number assumption. Kind regards

Released as stable here . Any pending issue (please remind us below) will be addressed in the next beta 2.19,

Hello! OK. You can't do that with your setup as you would end up with conflicting/overwriting routes and gateway. Windows does not support multiple routing tables anyway, so it's worth to consider an alternative solution. As a first consideration, the following setup should meet your needs: create a VM and attach it to the host via NAT connect the host (using Eddie for example, or OpenVPN with an AirVPN profile) to some AirVPN server when the connection from the host to AirVPN is established, connect your guest VM to your own VPN server via OpenVPN and your own OpenVPN profile Traffic from the VM will reach your VPN server through the AirVPN server the host is connected to. Kind regards

Hello! We're very glad to inform you that a new stable release of Eddie is now available for Linux, Mac and Windows. Eddie is a free and open source (GPLv3) OpenVPN GUI and CLI by AirVPN with many additional features such as: traffic leaks prevention via packet filtering rules DNS handling optional connections over Tor or a generic proxy customizable events traffic splitting on a destination IP address or host name basis complete and swift integration with AirVPN infrastructure Eddie 2.18.9 has been extensively rewritten to increase speed, stability, security and compatibility with the latest OS versions. It is the outcome of a massive work which took care to meet very many requests from our community and got rid of some issues affecting Eddie previous stable release when running in latest OS releases. Eddie GUI and CLI now run with normal user privileges, while only a "backend" binary, which communicates with the user interface with authentication, gains root/administrator privileges, with important security safeguards in place: stricter parsing is enforced before passing a profile to OpenVPN in order to block insecure OpenVPN directives external system binaries which need superuser privileges (examples: openvpn, iptables) will not be launched if they do not belong to a superuser Eddie events are no more run with superuser privileges: instead of trusting blindly user's responsibility and care when dealing with events, now the user is required to explicitly operate to run something with high privileges, if necessary Backend binary has been completely rewritten in C++ on all systems (Windows included), making the whole application faster. On top of that various optimizations have been implemented. Now Eddie provides you with higher responsiveness and an improved overall feel and comfort. CLI version has been improved as well, featuring numerous glitch and bug fixes. Compatibility for macOS Catalina and latest Linux distributions, including DNS handling, has been enhanced. Settings, certificates and keys of your account stored on your mass storage can optionally be encrypted on all systems either with a Master Password or a system key-chain if available. For Windows systems, wintun support has been added. You can now, if you wish so, replace the driver for OpenVPN virtual network interface with the new wintun for higher throughput (OpenVPN 2.5 tech preview required). In Linux and Mac systems, Eddie can also launch Hummingbird, which is very fast and is based on OpenVPN3-AirVPN library, replacing OpenVPN 2.x. In this way you can have at once a GUI for Hummingbird (which lacks it), the usual great amount of features and options Eddie is packed with, and faster connections/disconnections, as OpenVPN3-AirVPN is exceptionally faster than OpenVPN 2 during connection and disconnection phases. Eddie 2.18.9 can be downloaded here: https://airvpn.org/linux - Linux version https://airvpn.org/macos - Mac version https://airvpn.org/windows - Windows version Eddie 2.18.9 is free and open source software released under GPLv3. Source code is available on GitHub: https://github.com/AirVPN/Eddie Eddie 2.18 changelog shows you the massive work behind it and all those implemented changes that remained necessarily not mentioned in this announcement. Complete changelog can be found here. Kind regards & datalove AirVPN Staff Version 2.18.9 (Thu, 02 Apr 2020 12:14:10 +0000) [add] - Windows - Added DotNet 4.5 check & install in Installer edition [bugfix] - Linux - Resolved an elevation issue in some Linux distribution (Raspbian mainly) [bugfix] - Fixed a bug that intermittently ignores --connect Version 2.18.8 (Thu, 26 Mar 2020 12:59:48 +0000) [bugfix] Windows - Support of OpenVPN2.5 tech-preview (also with new wintun driver) [bugfix] MacOS - -mmacosx-version-min=10.9 on all binary [bugfix] Service reinstalls automatically when version-incompatibility detected [change] Code cleanup for stable release [change] Enforcement of operation allowed by Elevation [change] Enforcement of service checking [change] Windows - Elevated converted from C# to C++ [change] Little score adjustment in UI [change] Better feedback in CLI edition (mainly latency check steps) [new] Linux - enabled CLI-only packages in all editions [change] Minor changes Version 2.18.7 (Wed, 29 Jan 2020 13:54:35 +0000) [bugfix] - Update notification for beta versions [bugfix] - Windows - Message when driver installation is denied [bugfix] - macOS - Fix of error "hummingbird not allowed: Not owned by root". [bugfix] - Linux - Fix of error "Client not allowed: [...] parent process (spot mode)", CLI edition with sudo [bugfix] - Fix of error "Failed to connect to ... port 89: Connection refused" when using Hummingbird in SSL/SSH mode [bugfix] - Better exception management to avoid some crash (especially when related to Mono) [bugfix] - Linux - Arch deployment and AUR management [bugfix] - Tor Cookie/Password detection in every supported OS [bugfix] - Updated 'curl' binary in Windows and CA file [change] - macOS - Minor info.plist update in CLI edition [change] - Windows/Linux - OpenVPN Management skip [change] - In 'Latency mode', now load and users have minor impact on score. Version 2.18.6 (Fri, 17 Jan 2020 13:46:48 +0000) [change] Bug fixes and code cleanup [change] OpenVPN 2.4.8 [change] Windows - Tap driver (Win7-Win10) upgraded from 9.23.3-i601 to 9.24.2-i601 [new] New option 'Skip promotional messages'. [change] macOS - New menubar icons [bugfix] macOS - 'Rules not loaded' in some environment [change] Hummingbird integration (experimental) Version 2.18.5 (Wed, 30 Oct 2019 15:03:32 +0000) [new] Linux - systemd service [change] Code cleanup for stable release [bugfix] Windows - Service installation issue in Windows 7 [bugfix] Windows - SSL connections [bugfix] Suppression of some unwanted elevated log [bugfix] Windows bug 'Do you want to reset Eddie to default settings?' [bugfix] Fix for occasional error on exit, 'Object reference not set to an instance of an object'. Version 2.18.4 (Wed, 02 Oct 2019 18:20:00 +0000) [bugfix] OpenVPN > Error: Not supported OpenVPN config [bugfix] Linux - Crash "Unexpected crash of elevated helper:Elevated communication closed" during IPv6 block, if IPv6 not available [bugfix] macOS - Autorestart service if upgraded, avoid error "unknown command" [bugfix] Enforce Elevated compatibility check [change] macOS - KeepAlive in launchd [change] Minor changes [new] New deploy/build scripts Version 2.18.3 (Fri, 27 Sep 2019 11:07:42 +0000) [change] Switched 'ping' method in Linux and macOS [change] Code cleanup [change] macOS - Direct invocation with AuthorizationExecuteWithPrivileges for superuser privileges [change] Linux - "Minimize to tray" false by default [change] Linux - Mono, Portable and AppImage editions [change] Minor UI improvements [change] Better log of issues [change] Better log of dns flush actions [bugfix] Linux - Icon and Window glitch in KDE [bugfix] macOS - SSH connection [bugfix] macOS - Show/Hide Main Window issues [bugfix] OS Keyring conflicts with multiple profiles [bugfix] Linux - Raspberry, ARMHF build, fixed issue 'file_getasroot' [bugfix] Linux - Fixed a fatal crash with some UI tray icon issues [bugfix] Linux - Detect and use iptables-legacy (nft transition) [bugfix] Linux - Fixed a SSL connection issue (related to error 'Cannot create pid file') [bugfix] Parser of OpenVPN version [new] Linux - WM_CLASS registration [new] Linux - New IPv6 block [new] Latency test only about servers in whitelist [deprecated] Option "Remove Default Gateway" (routes.remove_default) removed [deprecated] Windows - Option "Switch DHCP to Static" (windows.dhcp_disable) removed Version 2.18.2 (Thu, 12 Sep 2019 15:59:45 +0000) [change] Linux - FIxed a Lintian error on some distributions [bugfix] Linux - Netlock issue if IPv6 is disabled via GRUB ('Address family not supported by protocol' error) [bugfix] Linux - Sometimes Eddie doesn't close [bugfix] Linux - Arch issue with elevation, also restored .xz packages [bugfix] Windows - Issues with username with spaces [bugfix] macOS - Dump PF output and file in logs in case of failure [change] macOS - Notifications, better layout with icons [change] Added Boost in Libraries [bugfix] Minor UI changes Version 2.18.1 (Wed, 11 Sep 2019 09:11:31 +0000) [change] Core Engine partially rewritten [new] UI doesn't run as root anymore in every OS [new] Profile data encryption in any OS, either through OS keychain if available or "master" password [bugfix] Linux - DNS resolv.conf issue [change] New formula to compute "best server" [bugfix] Windows - Windows10 SSH [new] No log for inconsistent cipher or keysize directives when used with custom Data Channel cipher [bugfix] Linux - Flush DNS with systemd-resolve [change] Linux - Better performance when netlock is activated at application start [change] Windows - Tun driver updated to 9.23.3 [change] OpenVPN 2.4.7 [change] Removed TOS window. [removed] Linux - resolvconf DNS switch method [removed] Insecure OpenVPN directives [new] binaries run with root privileges must belong to superuser Version 2.17.2 (Sun, 23 Sep 2018 11:55:26 +0000) [bugfix] macOS/Linux - Crash at boot if Network Lock is active Version 2.17.1 (Sat, 22 Sep 2018 13:19:08 +0000) [change] Better Lifebelt Test network report [bugfix] Windows - Recovery issue about routes (slowdown, no security issue) [bugfix] Misc UX fixes [bugfix] IPv6 route check failure with OpenVPN versions older than 2.4 [change] Force usage of .Net Framework >=4 in every Windows OS [bugfix] Improved check of custom directive names [new] New option "netlock.allow_dhcp" true by default [bugfix] Multiple "Bootstrap failed" windows [new] New Eddie version notification [change] Linux - Faster Network lock (build iptables-save format and apply directly) [bugfix] Linux - Flush DNS in some distro [bugfix] Linux - Glitch on black window when minimized in some distro (tested in Ubuntu 18.04) [change] macOS - Better detection of DNS servers in DHCP mode

@juancarlos101 Hello! Please allow at least one hour and a half during the current period to receive an answer from the support team, thank you for your patience. To everybody: we expect that the average response time to tickets will be even higher in the near future, so don't get upset if you need to wait 2-3 hours, thank you for your understanding. Kind regards

@airvpn@ignlg.com Hello and thank you! The logging you mention is correct, Hummingbird writes to stdout everything coming from OpenVPN3-AirVPN library by design, which could be changed in the future but at the moment we're fine with that, as it appears rational to write to stdout connection errors etc. from the library and not errors related to Hummingbird in itself. The logic behind it is that any connection or packet error is related to line etc. and not to the binary operation, so it is reasonable that all the OpenVPN3-AirVPN library responses pertaining to connections and packet operations go to stdout. "No ALTQ support in kernel" error might be caused by a macOS version older than Catalina, can you tell us your exact macOS version? Connection errors in paragraph 2 suggest that UDP and/or OpenVPN are blocked, does the same happen if you try a connection in TCP to entry-IP address THREE? Kind regards

@tester.user We will not mention your country here (we came to know because you published your real IP address, which we redacted before the message went public, so no worries) but we confirm, from dozens of independent reports, that OpenVPN is blocked in your country. The good news are that those same reports confirm that, by using the connection mode we recommended, the block against OpenVPN is bypassed successfully. We see now from the screenshot you published that you don't run Eddie, the Air software client, and that you also try to connect to some VPN server that's not ours, so you are NOT using an AirVPN configuration file. You also have a problem with the tun/tap adapter, which is the virtual network interface used by OpenVPN. In order to connect to AirVPN through OpenVPN GUI follow the instructions here: https://airvpn.org/windows/openvpn/gui/ When you generate the configuration file for OpenVPN in the Configuration Generator, make sure to tick "Advanced Mode". Then, pick the connection mode with the following parameters: protocol TCP port 443 entry-IP address THREE Then, in order to resolve the tun/tap network interface problem, reset the adapter when OpenVPN and/or Eddie do not run, and later make sure that you run only one OpenVPN instance. To reset the adapter: Open Start > Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings Locate the Tap-Windows Adapter (TAP Windows 32 or similar descriptions) Right click on it and select Disable from the contextual menu Right click on it again and select Enable If you wish to switch to Eddie for Windows, you can download it here: https://airvpn.org/windows In Eddie you must take care to change connection mode in "Preferences" > "Protocols" window. Set the aforementioned connection mode. With Eddie you do NOT need the Configuration Generator. Kind regards

Version 2.18.9 (Thu, 02 Apr 2020 12:14:10 +0000) [add] - Windows - Added DotNet 4.5 check & install in Installer edition [bugfix] - Linux - Resolved an elevation issue in some Linux distribution (Raspbian mainly) [bugfix] - Fixed a bug that intermittently ignores --connect @rgrdgr

Hello! From your country the following connection mode is mandatory. OpenVPN is blocked everywhere, while UDP Is not infrequently blocked on some networks. Protocol TCP Port 443 Entry-IP address THREE You can change connection mode from Eddie's "Preferences" > "Protocols" window. Detick "Automatic", select the line with the above setting (it will be highlighted in blue) and click "Save". Enable Network Lock from Eddie's main window. Kind regards

I know. I also tried with Hummingbird and the same thing happened over and over again. It's not an Eddie problem then. Feel free to open a ticket and provide all the necessary documentation that may help us resolve your problem. Please don't hijack the thread anymore. Kind regards

Hello! Yes, as @go558a83nk explained, but in any case your CPU load is anomalous (too high) in both cases, could you please tell us your exact system architecture, OS name and version? Can you also make sure that during those tests which cause 100% CPU load no other computing intensive applications are running? Also, how do you determine exactly that the whole CPU is 100% loaded? Please describe with details to prevent any bias from wrong interpretations, just in case. Kind regards

@go558a83nk Hello! A momentary misconfiguration which has been fixed, thank you. Kind regards

@inc Hello! Of course, Hummingbird 1.0.2 was announced on Twitter too, on Feb the 5th,. 2020: https://twitter.com/airvpn/status/1225024418327474176 Kind regards

@puff-m-d Hello! Our initial plan was that all the servers would run OpenVPN 2.5 and therefore support CHACHA20 with OpenVPN 2.5 stable release. The plan was made in autumn 2019. OpenVPN 2.5 stable release had been previously announced for December 2019. We are now almost in April 2020 and OpenVPN 2.5 stable has not been released yet. Therefore, we could add a few additional servers. We have already several requests and we need to decide additional locations. Please tell us your favorite country (not here, as the thread would be quickly hijacked, but in a ticket). Kind regards

@barnabas Hello! After you have deticked "Automatic" select a connection mode by clicking a line. The line will be highlighted in blue. Click "Save". A connection mode can not be edited, as modes are decided by us server side. You are free to pick one between the dozens available. If your ISP disrupts OpenVPN and/or UDP we recommend that you try the following parameters: - protocol TCP - port 443 - entry-IP address THREE Since 1194 is the "official" OpenVPN port, if an ISP wants to disrupt OpenVPN, blocking outbound port 1194 would be trivially the first and simplest thing to do. Kind regards

@barnabas Hello! By default Eddie will connect to port 443. You can change connection mode, as you correctly noticed, on "Preferences" > "Protocols" window. Port 1194 is a port that's recommended specifically for OpenVPN by IANA, in this sense it's the "official" OpenVPN port. Our servers accept connections on ports 53, 80, 443, 1194, 2018 and more. Kind regards

Version 2.18.8 (Thu, 26 Mar 2020 12:59:48 +0000) [bugfix] Windows - Support of OpenVPN2.5 tech-preview (also with new wintun driver) [bugfix] MacOS - -mmacosx-version-min=10.9 on all binary [bugfix] Service reinstalls automatically when version-incompatibility detected [change] Code cleanup for stable release [change] Enforcement of operation allowed by Elevation [change] Enforcement of service checking [change] Windows - Elevated converted from C# to C++ [change] Little score adjustment in UI [change] Better feedback in CLI edition (mainly latency check steps) [new] Linux - enabled CLI-only packages in all editions [change] Minor changes

@majmac Hello! Therefore the reply we wrote for the original post(er) applies to you identically. Please update Eddie and let us know. Kind regards

@Ponch22 Hello! Servers are not overloaded, AirVPN infrastructure (globally) is still used less than 25% of its capacity. Residential ISPs lines are actually overloaded in peak times in various countries,. but we have reports of major problems only from UK, and only for limited times. Very minor problems, almost irrelevant, from Italy. See also: https://airvpn.org/status/ In any case, a route check failure is in general not related to any congestion, as it is performed only after the connection to a server has been established successfully according to OpenVPN. What are your Operating System and Eddie exact versions? If you run Eddie 2.16.3 or older version, please test Eddie 2.18 beta 7, please see here to download it: https://airvpn.org/forums/topic/45326-eddie-desktop-218beta-released/ Eddie 2.18, during its eight beta iterations, has been extensively tested not only by us but also by a large part of our community since almost a year ago. You can use the current latest beta version reliably as no critical problem has been found in it. A stable version will come in the very near future. If Eddie 2.18 beta does not resolve the issue, please post a system report ("Logs" > LIFE BELT icon > COPY icon > paste into your message). Also feel free to open a ticket if necessary. Kind regards

@65tiklak If you enforce Network Lock you should disable UFW. It is an iptables frontend which adds custom chains that may interfere. About the outcome of your tests, you therefore imply that the iptables rules mainly impair upload speed, and not download speed. It's a reasonable assumption, yes, because Eddie overwhelms the OUTPUT chain of the filter table. Use Hummingbird and make a new comparison please, for a potential confirmation of your assumption (with Network Lock on) as Hummingbird enforces only 19 rules on OUTPUT, instead of the 1000 rules enforced by Eddie. If you wish to reproduce Network Lock through UFW, just look at the rules enforced by Hummingbird, make sure to delete any UFW custom chain, and set your own. However using directly iptables (or nftables if you have a system supporting it) is probably a better solution, but it's up to your taste at the end of the day. Please keep us posted at your convenience after you have tested Hummingbird, even with CHACHA20-POLY1305. Kind regards