Staff

IPv6 is fully supported on almost all of our servers since 2018, works perfectly and has always worked perfectly except for short black outs caused by datacenters. Currently we have no known problems with IPv6. Please note that Kitalpha (Swiss) does not support IPv6. The problem must therefore be on client side. In most cases it is simply caused by having disabled IPv6 either on some network interface (for example the tun interface) or at system level. Open a ticket if necessary. Kind regards

Hello! We inform you that all of our Lithuanian servers are being withdrawn and dismissed. The datacenter provider, Cherry Servers, has just asked for a block of all outbound ports except a few ones they called "standard ports" (sic) to prevent any possible future "copyright infringement" (to be noted: no infringement in the past has ever been proved). It is clearly an unacceptable request for us, and we guess for everyone, and it also reveals the true face of Cherry Servers datacenter as an enemy of the Internet. For us, it's also an option to finally get rid of the last servers still not supporting IPv6. Cherry Servers was one of our last providers still lacking IPv6 support, a fact that should have given us a "head up!" about Cherry Servers poor commitment to providing decent services. We will be actively looking for an alternative datacenter. We will be looking for datacenters where the concept of mere conduit is understood, and IPv6 infrastructure is available. In the meantime keep in mind that we offer several servers in the Baltic region as well as other, nearby countries. Kind regards

Hello! We contacted Paysafecard in 2013 and they confirmed that they did not accept VPN providers as merchants. It was a very well known issue and some journalists wrote about it. We remember an article on TorrentFreak for example: https://torrentfreak.com/paysafecard-begins-banning-vpn-providers-130825/ Our brief message exchanges with Paysafecard at the time confirmed fully that we were not allowed to offer Paysafecard as a payment method. Kind regards

@inc @hawkflights Hello! The remote, destination server connection is always logged. Of course it may report exclusively an IP address and not an FQDN with its resolution: that depends on the profile. In case of Air VPN servers, the CN can be either the server name or a generic "server" string (we need to make that consistent, yes). A full integration with the AirVPN "bootstrap" servers will come with the future frontend(s) directing the daemon we mentioned in our previous message (you may have a sort of idea by looking at Eddie Android edition source code). We will disclose an estimated release date of the Hummingbird daemon beta version soon. Your request has been well understood: in Linux several community members asked us to drop Mono and required software "10x" faster than Eddie, and we think that we have made some important steps in the right direction, according to the general feedback (thanks!). Remember, furthermore, that even Eddie 2.18.5 piece running as root is completely written in C++ and does not require Mono (Eddie GUI does). Please keep reporting the problem (we still think it has to do with the re-keying), and also a comparison with OpenVPN 2 from the very same system of yours, if you can and if possible. Kind regards

Hello! AirVPN does not. However all information is held both in your and AirVPN PayPal accounts, or in your credit card company records. Such information can not be deleted and will be maintained by PayPal or by your credit company for a very long time, according to the appropriate legal framework. We remind you that we accept a wide range of cryptocurrencies without intermediaries. Kind regards

@inc Hello! A GUI is planned, when the Hummingbird "backend" will run as a daemon. We are already working on it, right now. At the moment you can see the information you need on the standard output, and rightly so! Hummingbird 1 "branch" must remain a light and stand alone binary with no graphic requirement of any kind. If you need a GUI at the moment please run Eddie. The problem you mention looks like a failure to DHE. Do you notice a similar problem with OpenVPN 2.x or not? Kind regards

Hello! Windows 8 and 10 can freeze processes. The established connections of those processes, apparently, remain frozen too. Network Lock protects you from traffic leaks outside the tunnel when such processes are unfrozen. Just to be 100% positive about that, we have reproduced exactly what you report with the Telemetry Service and no data pass through or outside the VPN tunnel in any case: when the system is not connected to the VPN and the process is frozen and then unfrozen, it can't communicate; and when the system is connected to the VPN and the process get unfrozen no packets get out of the tunnel. You can verify with Wireshark for example. Kind regards

@Giddy169 Yes, a port is just an abstract construct to represent how a host identifies a running process, so that from 2 specific bytes on IP packets the host knows which process must receive those packets payload. If the process does not exist you can't even talk about "open" or "closed" port, simply the port does not exist. However, it's true that a non-existing port is often called a "stealth port" or even "closed port", but that's a sort of language abuse if you think of the actual definition of "port". Kind regards

@inc @colorman Hello! Do you both confirm that the tunnel remains active, data flow continues regularly and connection is not lost? Can you also please confirm that your system time is correct, with a maximum discrepancy of just a couple of seconds? Kind regards

Hello! Currently you need to build Hummingbird directly on your system. Please follow the instructions in GitLab: https://gitlab.com/AirVPN/hummingbird#building-hummingbird-from-sources Kind regards

@Giddy169 Hello! Also make sure that the camera software is listening to port 8000 and not binding to the physical network interface, and that you try to access the camera on the correct exit-IP address of the VPN server, and the proper port (the port you have remotely forwarded and that you remapped to your local port 8000). Furthermore, make sure that no firewall blocks packets to/from the software when the system is connected to the VPN and that you try to access the camera software from a device that's not connected to the same VPN server. Kind regards

@inc Hello! It looks like the client fails to negotiate the new Data Channel key after the old one has expired (in our service PFS is implemented and DHE occurs every 60 minutes by default). Since the old key is kept in use until the re-negotiation is not finished, the connection is not broken, but the Data Channel uses always the same encryption key. How frequently do you get those errors? Did anybody else notice them? Kind regards

Hello! Netflix USA and only USA is accessible from AirVPN servers as usual if and only if your system queries AirVPN DNS (which happens by default with our software). EXCEPTION: the following servers can not reach Netflix USA at the moment;: Kruger Sneden Fang Nahn Sham Also note that Netflix application has been reported as maliciously bypassing system DNS or exploiting other techniques to disclose your real location. You will be blocked if you are not in the USA in Netflix' app belief, but it's not a fault of our system. Deleting application's cache and then running it only and uniquely when the device is connected to the VPN has been reported as solving the problem in various cases. @giganerd Connecting through a VPN to stream Netflix USA when you are in the USA makes sense in any case (check the wars of major USA ISPs/transit providers against Netflix to get paid by Netflix in order to not block its traffic). Unfortunately Netflix at the end of the day sided with those who have contributed to dismantle the Internet and Net Neutrality in some countries of the world and in this sense it's just another enemy of that very same infrastructure and technology that made its fortunes. Kind regards

@Giddy169 Hello! Can you please recheck your tun interface name with command ifconfig or ip link show from a telnet or ssh connection to your router? Just in case it's not "tun11". Check also whether "br0" is correct or not. Moreover, what is that destIP in the script you pasted, in FORWARD and even in the PREROUTING chain of the nat table? "destIP" must be replaced with the actual IP address you want to pre-route and forward packets to. Kind regards

@jx35552zza Hello! The connection is lost without chance to recover it (fatal error). It's expected when the network interface is turned off to save power. Eddie then "locks" the tunnel to prevent leaks. If you have Android 9 or 10 you can disable the "VPN lock" option from the "Settings" and enable Android's features "Always on VPN" and "Do not allow traffic outside the tunnel" to prevent traffic leaks AND give Eddie the option to re-connect safely after any unrecoverable connection error. Kind regards

Hello! What are the features of the sleep mode? Specifically, is the network card turned off, applications frozen and/or the whole system hibernated? Kind regards

Hello! There is no option to tell Eddie not to try to reconnect, but you can have Eddie connect always to one server or the last server it connected to: define a white list of servers which contain only one server, or tick "Lock current server" tick box in the "Servers" window. Kind regards

Hello! A service of ours listens to port 89 for internal communications in the infrastructure. Moving thread to "off-topic". Kind regards

@gmini Hello! Good, so you have strong clues (or even a proof) that torrenting is the cause of the problem. Now, to discern whether the cause is torrenting in general or specifically qBittorrent, change p2p software and check. Kind regards

Hello! It's a weak way for a user to have a security check on access. Not very useful and surely not privacy concerning. It has nothing to do with logging or not logging client traffic on VPN servers, obviously, and is irrelevant in any context. Enable 2FA instead for a robust, additional account access protection. Kind regards

@gmini Hello! Is it so difficult to read the documentation of those programs that one runs? µTP and protocols in general can be set in "Connection" > "Protocols" or "Enabled Protocol" combo box. Kind regards

@gmini Hello! Xfinity traffic shaping techniques: https://www.xfinity.com/support/articles/network-management-information As you can see their sentences leave room for almost anything they decide to do. If they think that a sustained UDP flow is an UDP flood, and therefore a menace to the customer or their network, they might start blocking UDP causing VPN disconnection. For the above problem you can consider to connect with the following mode which has been reported to be good by some Comcast residential customers: port 443 protocol TCP entry-IP address 3 (THREE) Assuming that Xfinity is not the "culprit", the problem you experienced may be on your side. The reported behavior is compatible with uTP activation in your torrent software. uTP is a traffic shaping tool integrated in some torrent software that can cause all sorts of problems when all of your traffic is tunneled in UDP, so make sure that uTP is disabled. Kind regards

@AirVPNconsumer @containermalt Hello! Please test Hummingbird binary now available on GitLab, it has been rebuilt in a different environment and now it requires older libraries. Please keep us informed. EDIT: the binary is now available in our repository too and replaces the previous build. https://gitlab.com/AirVPN/hummingbird/tree/master/binary Kind regards P.S. Radical solution is simply building Hummingbird directly in your system (detailed instructions on GitLab).

Hello! You are using an obsolete OpenVPN 3 AirVPN, when "ncp-disable" and "cipher" were not implemented. By aligning to latest OpenVPN AirVPN 3.6.1 you should resolve the issue. Options to link against OpenSSL or mbedTLS will be kept. Thank you for the feedback. Kind regards

Hello! NEWS We have a name for the software! Stable version of Hummingbird has just been released! Please check the first post in this thread for updated links, instructions and changelog. Kind regards