Staff

Hello! You opened two tickets a few minutes ago. It looks like a matter for the sales department because at least one payment has been reversed by PayPal. Please be patient, you will receive an answer after an investigation. Sales department is active on office times (GMT), it's not like the tech dep. Kind regards

Hello! If you have never enabled Network Lock you can rule out firewall problems. We suspect you suffer for a DNS issue. That's unexpected (Eddie must restore DNS settings when you shut it down properly) but we deem it possible since it has been sporadically reported before. Uninstalling Eddie will make no difference. Anyway, if that's the case, solution will take just 30 seconds of your time. Set publicly reachable DNS in your system while Eddie is NOT running, that's all. We recommend OpenNIC https://www.opennic.org but of course you can set any favorite DNS. How to change DNS in Mac: https://www.macobserver.com/tips/how-to/change-mac-dns-entries/ Kind regards

Hello! Please check your iptables rules. Network Lock blocks TCP and UDP, and may or may not (according to Eddie settings) block ICMP. So, if Network Lock remained "on" even after you shut Eddie down, you might find ICMP unblocked, while TCP and UDP remain blocked. From a root terminal, while Eddie is NOT running: iptables -F should resolve the issue. Feel free to keep us posted. Kind regards

Hello! It sounds related to a notorious Office 365 bug which Microsoft refuses to patch so far. Please see here: https://www.macwheeler.com/windows-10-office-365-cannot-connect-over-openvpn-fixed/ Verify whether that's really the source of the problem or not. Kind regards

Hello! That is not possible: packets will be accepted and forwarded to your final node IP address from all the servers your account is connected to. It's not a big deal anyway (see below). Why? Just make sure that the port does not exist in the proper machines, that's all. Kind regards

Hello! It's nice but it might have a significant impact on the battery. We need a careful evaluation. Eddie makes your battery live so much longer than "OpenVPN for Android" thanks to a maniacal care for each method draining battery. Kind regards

Hello! Thank you for the crash report. To download Eddie latest beta version for Mac: go to https://airvpn.org/macosxclick "Other versions"click "Experimental"you will be brought back to the download page pointing to the latest beta versiondownload and install as usualFeel free to report whether it solves the issue or not. Kind regards

Hello! If Windscribe and Torguard work, then the block might be not against the protocols, but against our own IP addresses, we're sorry. Kind regards

Hello! This is exactly what Eddie does. Your problem is treated in another thread and is not reproducible so far. Moreover your problem is unrelated to this thread. Please do not pollute threads and help us keep them clear and in good order. A split is mandatory. EDIT: thread has been split for consistency. Kind regards

Hello! Simply because when you are the one to decide when to unlock, you can first terminate those app which must not have their traffic outside the VPN according to your threat model. Yes, we are talking about the same. There's nothing to report, the option works as expected. It's you that you're asking it for what it can't (and did not promise to) do, i.e. block the traffic unconditionally, if we understand correctly what you want. The "Block connection ..." new sub-option under "Always on" blocks traffic of the unregistered (to the VpnService API) applications while the tunnel is non-existing. All the traffic of the registered to the service applications is not blocked as well as the traffic (outside any tunnel) during all the time necessary to rebuild a tunnel and connect. Eddie leaves you the freedom of choice according to your threat model. If the "Alway on" + "Block connections..." are not a hazard for your threat model, then you can disable VPN lock in Eddie. On the contrary, if you can't allow the risk of traffic flowing outside any tunnel in aforementioned cases, then enable Eddie "VPN lock". Finally, always remember that, even while the tunnel is up, in an Android device leaks are ALWAYS possible by applications running with high privileges (typically Google and system manufacturer software), trivially by binding to the physical network interface . Such leaks could be theoretically prevented only with the correct packet filtering table rules, which you can't modify if you're not root (that's why Eddie leaks prevention is a "best effort"). The same happens in iOS where Apple. by policy, reminds you that Apple applications will bypass whenever they want any VPN and exchange data outside the VPN tunnel without warning you. Kind regards

Hello! The VPN lock is the only safe way to prevent traffic leaks in specific circumstances. The feature can anyway be disabled in the Settings, if your threat model can tolerate traffic leaks. In this way Eddie will behave similarly to all the other OpenVPN based apps, trying to re-connect as soon as possible in any case with potential, unavoidable leaks. Eddie will anyway re-connect to the server whenever doing so will not expose the device to traffic leaks (i.e. the tunnel was not destroyed), even when the VPN lock feature is on. EDIT: please note that the Android Oreo (and higher versions) options you mention are not aimed to prevent leaks in various circumstances. Kind regards

Hello! Good to hear that no vulnerability has surfaced and no exploit is available. Kind regards

Before this thread becomes even more grotesque than it is now, we would like just to remind you that no vulnerability has been found so far on this subject, so we invite the OP to publicly declare that he/she found no vulnerability and no exploit, or report them to us. Kind regards

Hello! Currently the only way is NOT using VPN DNS. In this case you will be excluded from every and each "micro/geo routing" while in the VPN. Kind regards

Hello! Please feel free to send us at your earliest convenience the crash report and consider to test Eddie 2.17.2 beta as well. Kind regards

Hi, Been testing for a bit and updating to Eddie 2.1 has completely solved this issue, thank you very much. Will this new version be in beta for a while just out of interest? Hello! Eddie 2.1 has been released. It's the latest stable version. Next version will be Eddie 2.1.1 or 2.2 with minor updates for additional comfort, stay tuned. Side load is still necessary because Amazon has not yet approved the new version, so in the Appstore you still find 2.0.1 version. Google Play Store users don't need side load because Eddie is live in the Play Store. Kind regards

Hello! The post is anyway useful, thank you! No reasons to delete, really, but the final choice is yours. More technical details (including nohup, disown and how to handle properly stdin/stdout/stderr in such cases): https://superuser.com/questions/178587/how-do-i-detach-a-process-from-terminal-entirely We would like to add that, in order to detach completely a job from the original shell job list with a complete control and fine tuning, you can simply use GNU Screen, a terminal and terminal emulators multiplexer with a tiny RAM footprint: https://linuxize.com/post/how-to-use-linux-screen/ Kind regards

Hello and thank you! That's correct, since leaks prevention in desktop and mobile systems are deeply different. Using the same definition might cause confusion. In desktop systems you can modify the packet filtering table which provides a 100% effective leak prevention as long as some administrator modifies the filtering table itself. In Android you don't have administrator access to the system so we can talk only about a best effort leaks prevention. The leaks prevention method by Eddie is not and can not be as effective and safe as the desktop "Network Lock" is. The method can prevent leaks after a first connection to some VPN has been established and a tunnel is created, while the desktop "Network Lock" can of course act even in absence of a tunnel, as it is a set of filtering rules. Anyway, Eddie for Android features an exclusive traffic leaks prevention system, which is superior to anything seen so far in any other OpenVPN based application Kind regards

Hello! We're glad to inform you that Eddie for Android and Android TV version 2.1 has been released! You can download Eddie from the Google Play Store: https://play.google.com/store/apps/details?id=org.airvpn.eddie You can also download Eddie Android 2.1 apk directly from our repository: https://eddie.website/repository/eddie/android/2.1/org.airvpn.eddie.apk At the moment Amazon Appstore still features Eddie 2.0.1 but the approval process for version 2.1 should be completed soon, at least according to what Amazon claims. The application is fully localized. Current implemented languages: Chinese (simplified), Chinese (traditional), Danish, Dutch, English, French, German, Italian, Portuguese, Spanish, Russian, Turkish. Eddie for Android 2.1 is a major refinement of version 2.0.1 and implements several features which were suggested by the community. It also underwent a deep re-engineering of some architectural components which translates into higher stability, correct co-existence with other VPN and non-VPN applications and in general improved events handling. Eddie for Android is free and open source software released under GPLv3. We invite you to check from independent 3rd parties the lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie Source code is available on GitLab: https://gitlab.com/AirVPN/EddieAndroid Main features: Free and open source OpenVPN GUI based on OpenVPN 3The only Android application officially developed by AirVPNRobust, best effort prevention of traffic leaks outside the VPN tunnelBattery-conscious applicationLow RAM footprintErgonomic and friendly interfaceAbility to start and connect the application at device bootOption to define which apps must have traffic inside or outside the VPN tunnel through white and black listLocalization in traditional and simplified Chinese, Danish, Dutch, English, French, German, Italian, Portuguese, Russian, Spanish, TurkishFull integration with AirVPNEnhanced security thanks to locally stored encrypted data through master passwordQuick one-tap connection and smart, fully automated server selectionSmart server selection with custom settingsManual server selectionSmart attempts to bypass OpenVPN blocks featuring protocol and server fail-overFull Android TV compatibility including D-Pad support. Mouse emulation is not required.Enhancements aimed to increase accessibility and comfort to visually impaired personsAirVPN servers sorting optionsCustomizable "Favorite" and "Forbidden" servers and countriesOpenVPN mimetype support to import profiles from external applicationsNEW: Eddie for Android 2.1 - Release notes Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profilesSupport for custom bootstrap serversSupport for favorite and forbidden countriesAirVPN broadcast messages supportUser's subscription expiration date is now shown in login/connection informationThe app is now aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resourcesOptional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devicesLocalization override. The user can now choose the default language and localization from one of the available onesFavorite and forbidden lists can now be emptied with a single tapVPN Lock can now be disabled or enabled from settingsVPN reconnection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled)User can now generate an OpenVPN profile for any AirVPN server or country and save it in OpenVPN profile managerDanish, Dutch, simplified Chinese and traditional Chinese localizationNew server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connectionNetwork name and extra information are now shown along with network typeBetter device network status managementBug fixes Changelog: Changelog 2.1 (VC 18) - Release date: 13 March 2019 by ProMIND - [ProMIND] Production release Changelog 2.1 RC 1 (VC 17) - Release date: 8 March 2019 by ProMIND - [NEgiXr] Added Simplified Chinese localization - [NEgiXr] Added Traditional Chinese localization - [anonymous] Added Dutch localization - [ProMIND] Native Library: updated openvpn3, mbedtls, asio, lz4 and boost 1.69.0 from their respective repositories - [ProMIND] Native Library: fine tuning of compilation options in order to avoid TCP crash in arm32 architecture - [ProMIND] Updated default manifest.xml CountryContinent.java - [ProMIND] CountryContinent(): Added support for simplified and traditional chinese EddieApplication.java - [ProMIND] onCreate(): BuildConfig.VERSION_CODE and BuildConfig.VERSION_NAME are now sent to the Log VPNManager.java - [ProMIND] The status of VPN Lock and LAN exclusion are now reported to the log at connection - [ProMIND] In case network connection is MOBILE, LAN exclusion is ignored and forced into the tunnel LogActivity.java - [ProMIND] onCreate(): BuildConfig.VERSION_CODE and BuildConfig.VERSION_NAME are now exported to the Log header - [ProMIND] onCreate(): Settings dump is now exported to the log file MainActivity.java - [ProMIND] It now signals whether the app is in foreground by using SupportTools.setAppIsVisible() NetworkStatusReceiver.java - [ProMIND] Added NetworkType enum - [ProMIND] Added getConnectionType() method to properly determine connection type according to NetworkType enum - [ProMIND] Added a more accurate control in order to avoid duplicate events from BroadcastReceiver PackageChooserActivity.java - [ProMIND] ApplicationListLoader class: Package list is now loaded in a UI Thread SettingsManager.java - [ProMIND] Added dump() method. Returns a complete dump of the current settings SupportTools.java - [ProMIND] Added methods setAppIsVisible() and isAppIsVisible() - [ProMIND] All information dialogs are now shown only in case the app is in foreground Changelog 2.1 beta 2 (VC 16) - Release date: 25 February 2019 by ProMIND NetworkStatusReceiver.java - [ProMIND] networkDescription(): Fixed Android 9 compatibility Eddie for Android 2.1 beta 1 - ChangeLog Changelog 2.1 (VC 15) - Release date: 22 February 2019 by ProMIND - [ProMIND] Fixed minor bugs reported in crash reports - [ProMIND] Added country_menu, whitelist_country_menu and blacklist_country_menu menu resource files - [ProMIND] Added new class OpenVPNProfileDatabase for storing and managing multiple OpenVPN profiles - [staff] Added Danish localization AirVPNServerProvider.java - [ProMIND] getFilteredServerList() now filters server list according to white and black listed countries AirVPNManifest.java - [ProMIND] Added private properties load_factor and users_factor to conform to new manifest.xml layout - [ProMIND] Property speedFactor datatype changed to double - [ProMIND] Added class Message representing Manifest's messages to be shown to the user AirVPNServer.java - [ProMIND] computeServerScore(): score is now computed according to new AirVPNManifest's speedFactor, loadFactor and userFactor - [ProMIND] getOpenVPNProfile() can now generate country profiles AirVPNUser.java - [ProMIND] Added daysToExpiration property to reflect the number of days to AirVPN subscription expiration according to expirationDate property BootVPNActivity.java - [ProMIND] Added new class which replaced and superseeded the old one. It takes care of launching the last connected OpenVPN profile at boot time client.cpp (native library) - [ProMIND] Client::Impl::socket_protect() updated interface according to new OpenVPN3 interface ConnectAirVPNServerFragment.java - [ProMIND] Long press on "favorite" and "forbidden" lists now enables "empty list" context menu - [ProMIND] AirVPN subscription expiration is now shown in network/vpn status dialog box - [ProMIND] AirVPN user name is now shown in network/vpn status dialog box - [ProMIND] CreateGroupList() added support for favorite and forbidden countries management - [ProMIND] Added methods addCountryToFavorites(), removeCountryFromFavorites(), addCountryToForbidden() and removeCountryFromForbidden() - [ProMIND] AirVPNServerExpandableListAdapter class: added support for showing and managing countries views as child items in favorite and forbidden groups - [ProMIND] Added OnItemLongClickListener() to ListView in order to show a message in case item long press and user not logged in to AirVPN - [ProMIND] Added exportToOpenVPNProfiles() for exporting AirVPN OpenVPN profiles in user's profile list ConnectionInfoFragment.java - [ProMIND] Removed showErrorMessage() method. VPN errors are now displayed to txtVpnStatus TextView - [ProMIND] Removed connection error layout. All VPN errors are now sent to the log and displayed to txtVpnStatus TextView - [ProMIND] Class now implements EddieEventListener in order to manage VPN events on its own - [ProMIND] Connection info box now shows OpenVPN profile name in OpenVPN profile connection mode ConnectOpenVpnProfileFragment.java - [ProMIND] Added ListView for stored OpenVPN profiles and made it fully Android TV compliant for dpad navigation - [ProMIND] Added connectDatabaseOpenVPNProfile() for connecting a stored OpenVPN profile connection_sequence.csv - [ProMIND] Set a new connection sequence: second attempt is now TCP,443 instead of UDP,53 (which is now third) CountryContinent.java - [ProMIND] Load country list according to user locale setting EddieBroadcastReceiver.java - [ProMIND] Removed tryRestoreLastProfile(). To start the VPN at boot, this class now starts an intent of BootVPNActivity class EddieEvent.java - [ProMIND] Better concurrency support: events are now synchronized and use a local clone of EddieEventListener ArrayList LogActivity.java - [ProMIND] Added Android Fingerprint to log MainActivity.java - [ProMIND] updateConnectionStatus does not longer propagate VPNManager's events. VPNManager events are now properly managed by EddieEvent class - [ProMIND] Implemented onSaveInstanceState() to save fragments' state - [ProMIND] Implemented onRestoreInstanceState() to restore fragments' state - [ProMIND] onAirVPNManifestChanged() check for manifest's broadcast messages and shows them to the user - [ProMIND] Added setVpnManager() method in order to set vpnManager object in case the VPN is started by an external event, such as BootVPNActivity class - [ProMIND] In case of unexpected OpenVPN disconnection, it retries to reconnect to the VPN when the user has set "VPN reconnection" in settings NetworkStatusReceiver.java - [ProMIND] Added ExtraInfo and SubtypeName to network description OpenVPNTunnel.java - [ProMIND] Changed networkStatusChanged() return type to void - [ProMIND] VPN Lock is now engaged according to "VPN Lock" setting QuickConnectFragment.java - [ProMIND] AirVPN subscription expiration is now shown in network/vpn status box SettingsActivity.java - [ProMIND] Added VPN Lock setting - [ProMIND] Added VPN reconnection setting - [ProMIND] Added custom bootstrap setting - [ProMIND] Added language selection setting - [ProMIND] Added exclude local networks setting SettingsManager.java - [ProMIND] Added methods getAirVPNCountryWhitelist(), setAirVPNCountryWhitelist(), isAirVPNCountryWhitelisted(), getAirVPNCountryBlacklist(), setAirVPNCountryBlacklist(), isAirVPNCountryBlacklisted() - [ProMIND] Added methods isVPNLockEnabled(), setVPNLock() - [ProMIND] Added methods getSystemApplicationLanguage(), setSystemApplicationLanguage() - [ProMIND] Added methods areLocalNetworksExcluded(), setExcludeLocalNetwork() SupportTools.java - [ProMIND] Added method runOnUiActivity() - [ProMIND] Added methods saveXmlDocumentToFile() and loadXmlFileToDocument() to write and read plain XML files - [ProMIND] Added method setLocale() - [ProMIND] RequestAirVPNDocument(): add custom bootstrap servers to the top of server list in case user has set them in settings - [ProMIND] Added methods for IP convertion: IPToLong() and longToIP() VPN.java - [ProMIND] Added CONNECTION_REVOKED_BY_SYSTEM status VPNContext.java - [ProMIND] ensureRoutes(): default routing is now added in case user has not selected local network exclusion VPNManager.java - [ProMIND] onStatusChanged() now conforms to EddieEvent class - [ProMIND] unbindService() does not change VPN status anymore (managed by VPNService) - [ProMIND] start() now checks for network connection and, in case it is not available, activates a pending connection status to be resumed as soon as the network connection becomes available. - [ProMIND] createProfileBundle(): add proper route to OpenVPN profile for local network exclusion VPNManagerListener.java - [ProMIND] Class deleted. Event moved to EddieEvent.java VPNService.java - [ProMIND] Added MSG_REVOKE property to notify client (VPNMaganer) in case of system revocation - [ProMIND] Removed Status enumerator. The class now conforms to VPN.Status enumerator - [ProMIND] Removed redundant members vpnStatus and vpnLastError as they are managed by VPN class For Changelog of older versions, please consult the proper announcement or check directly GitLab. Kind regards and datalove AirVPN Staff

Hello and thank you! Not reproducible. We have intensified our tests to check, still it's not reproducible. If something relevant comes out we will of course act accordingly to fix it. In the meantime, you might like to send us your Eddie log showing the issue. Again not reproducible. Same as above, and we will also make more thorough tests. Waiting for your log as well, as usual, when you have time to send them. Again not reproducible, if you catch it again... log! We can't see wtf.jpg, can you please check and re-post please? Not reproducible in OpenVPN for Android, but it's not relevant as it is not into our scope, so let's discard it in this thread. The Master Password has the purpose to encrypt your sensitive data locally. Nothing on the web site can accomplish the same purpose. It's a precise design choice, according to which security of your keys and login credentials has the priority on a mobile device. Then it would not be useful anymore and not a Master Password. This is a problem which affects Eddie desktop editions, but a desktop system is less likely to be stolen or forgotten somewhere (although laptops might). Anyway, adding security to Eddie desktop edition is a priority as well: we are working with such aim in mind. About Eddie Android edition, the alternative would be simply offering the option to disable the Master Password. We must think carefully about it because we could cause a storm of negative feedbacks, given the requirements of Air VPN users who are security minded. Anyway, please consider that if you want to clone OpenVPN for Android behavior with profiles and keep them unencrypted you can do that with Eddie. You can even generate a profile from the settings, without the Configuration Generator, when you use Eddie with AirVPN. In this way you will have your local data exposed in clear text according to your wishes. Kind regards

Hello! You can safely ignore the warning at the moment. The transition between "comp-lzo" and "compress" is not trivial since the directives (if nothing changes in OpenVPN design) will be mutually incompatible between different OpenVPN versions. Please check here: https://airvpn.org/topic/26051-config-generator-using-deprecated-openvpn-commands/ Kind regards

Hello! Wireguard currently supports only UDP so it's a no go at the moment, at least on those networks which severely shape or block UDP. (common practice in China as well as on many mobile providers all over the world). Since 2010 OpenVPN over SSL to port 443 and more recently OpenVPN with tls-crypt in TCP (OpenVPN 2.4 or higher version is required) are the best ways to bypass blocks. Kind regards

Thanks for the response, hopefully the update solves it. I presume I have to sideload this version onto the firestick? Hello! Yes, we're sorry. Unlike Google Play Store, Amazon Appstore does not have a beta testing program/section for the apps. Kind regards

Hello! Please see here, so you can have a complete overview: https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Manchester, UK, is available: Westerlund. The AirVPN client will show automatically the new server. If you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Wsterlund supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/westerlund Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team