-
Content Count
11396 -
Joined
... -
Last visited
... -
Days Won
1982
Everything posted by Staff
-
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
@laowai Hello! Yes, if you need to re-enter the Master Password, then Eddie re-started. If you have the chance to take a logcat, that would help us immensely: we start to suspect that Eddie crashes in your customized Android version, and the idea is supported even by some other unexpected behaviors you report and by the fact that after your last system upgrade situation improved remarkably. About starting Eddie at (re)boot, that's entirely up to the system. Eddie registers to the list of applications that the system should launch at boot. Then it's up to the system when and if running them. In some device (for example some Asus phones and tables), a boot launcher manager pre-installed by the manufacturer and running with root privileges is active by default and manages the list of apps to run at boot, so it will bypass Eddie (and any other app) registration. Kind regards -
Hello! No, they can't of course. And surely nobody would pay for such a "feature"! There is no remaining trace of your real IP address in your packets once they are not between the VPN server and you, (not like in proxies which add X-Forward etc. field, obviously) and a web site owner can not access our VPN servers (again, that's obvious) as administrator or physically to perform a correlation analysis in real time. Kind regards
-
Hello! If the disconnection from the previous network did not cause an unrecoverable OpenVPN error Eddie would re-connect, of course, because the VPN would have remained paused and the tunnel up (no leaks possible). Otherwise what you suggest would be terribly wrong, as it would expose you to traffic leaks during the re-connection. Anyway, since you run Android 9, you can enable proper options in your system to prevent traffic leaks outside the VPN tunnel and then disable VPN lock from "Settings" view. Doing so will let Eddie re-connect in any case, and you will not suffer traffic leaks outside the tunnel, not even during re-connections caused by unrecoverable OpenVPN error. Kind regards
-
Hello! Probably the servers bind to physical network interface, with explicit configuration or through UPnP, and Eddie's Network Lock is not enabled. Thus they accept incoming connections from the Internet and their traffic is outside the tunnel. Can you please confirm that Network Lock is not enabled? Kind regards
-
Hello! We're very glad to inform you that on October the 10th 2019, we released a new version of OpenVPN AirVPN library fixing critical bugs affecting main OpenVPN 3 branch for Linux since years ago. Please see the changelog here: https://github.com/AirVPN/openvpn3-airvpn/blob/master/CHANGELOG.txt Critical bug fixes are essential to offer an OpenVPN AirVPN library based client on Linux. As those bugs remained unresolved for years in the main branch and made OpenVPN 3 de facto unusable in a safe way in Linux, we could not wait anymore. Therefore, we will be able to release a first beta version for Linux and macOS of a command line based, light-weight client software based on OpenVPN AirVPN 3.3.2 around October the 20th. FreeBSD and OpenBSD versions remain planned for the very near future. Kind regards and datalove AirVPN Staff
-
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
@laowai Thank you! Description of point 1 makes us think that the problem is unrelated to Eddie. Anyway we'll try to reproduce it (so far we couldn't but we have tested on different hardware). About point 2, the description seems coherent with the expected behavior of a VPN lock following an unrecoverable error. In such a case human intervention is required. The operator has the option to shut down critical applications before unlocking the communications: it's what you need for the safest leaks prevention within the limits enforced by Android. If you have Android 8 or 9 you can disable VPN Lock (from the "Settings" view) and let Android handle leaks prevention with the proper system options. Anyway, feel free to elaborate and clarify if our interpretation of your description is incorrect. Kind regards -
Hello! We are aware of the issue and we are investigating. Unfortunately, as it pertains to Netflix, we can't promise anything, we're sorry. Kind regards
-
AirVPN Canada servers (Amanah Tech servers in general mostly) Hello! Not reproducible so far. Can you please list server names for a more accurate cross-check? Kind regards
-
Hello! Can you both, independently, provide a list of servers you experience the various issues on? Kind regards
-
Hello! We're very sorry, currently we have no plans for an email service. Kind regards
-
ANSWERED Can my internet history be read in router logs?
Staff replied to BL1133's topic in General & Suggestions
Hello! Yes, if the connected device (where OpenVPN runs) is behind the router. Outgoing traffic flow is already encrypted while incoming traffic flow is still encrypted. Kind regards -
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
Hello! Problem resolved: several NL servers, including ChaCha20 supporting servers Comae and Luhman, had a brief downtime. The roadmap is the same we informed you about during the last months: ChaCha20-Poly1305 will be available on all servers when OpenVPN 2.5 stable is released. In the meantime we will keep adding servers supporting ChaCha20 with OpenVPN 2.5 beta version whenever necessary. Kind regards -
Slow vpn - usually Dallas servers
Staff replied to Mpress2018's topic in Troubleshooting and Problems
Hello! The problem got solved but it's the second time it occurs in just 10 days. A high volume router check-up has been scheduled for the next working day as the problem could be sorted out only by rebooting that router in both cases. Please do not hesitate to report again any malfunction in Dallas in the meantime. Kind regards -
Issue with eddie-ui -cli -netlock on raspbian
Staff replied to frnckdsrt's topic in Troubleshooting and Problems
Hello and thank you for your testing! Please post your message again on the following thread at your convenience: https://airvpn.org/forums/topic/45326-eddie-desktop-218beta-released/ Eddie desktop devs prefer to have all the 2.18 bug reports in a single thread. Kind regards -
Version 2.18.4 (Wed, 02 Oct 2019 18:20:00 +0000) [bugfix] OpenVPN > Error: Not supported OpenVPN config [bugfix] Linux - Crash "Unexpected crash of elevated helper:Elevated communication closed" during IPv6 block, if IPv6 not available [bugfix] macOS - Autorestart service if upgraded, avoid error "unknown command" [bugfix] Enforce Elevated compatibility check [change] macOS - KeepAlive in launchd [change] Minor changes [new] New deploy/build scripts MacOS users: if, when launched, it throws "Unable to obtain elevated privileges (required): Unexpected elevated version mismatch" open a terminal and launch the following commands: sudo launchctl unload /Library/LaunchDaemons/org.airvpn.eddie.ui.elevated.plist sudo rm /Library/LaunchDaemons/org.airvpn.eddie.ui.elevated.plist After that, re-enable launchd daemon service in Preferences if you want. This issue is related ONLY to a previous bug, it will not happen anymore.
-
Hello! The connection mode with the highest success rate (virtually 100%) according to our reports from China is toward port 443 (destination port not blocked by ISPs in China) of entry-IP address 3 (to have tsl-crypt and therefore full encryption of the Control Channel) in TCP (to bypass UDP blocks). DNS leaks are of course not a problem at all with our software. Kind regards
-
Hello! Yes, the Sales department is looking into the issue. No payment has been ever received for account "dshadow83", at the moment: please follow your ticket for news and recommendations. Kind regards
-
Hello! If you run systemd-resolved try to stop it and check again. sudo systemctl stop systemd-resolved If that's the source of the issue, you need to understand how systemd-resolved works to find a compatibility between it and Eddie (or just keep it disabled): https://wiki.archlinux.org/index.php/Systemd-resolved#Automatically Kind regards
-
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
Hello! Correct, because your whole data file is encrypted by your Master Password itself. You can anyway have Eddie run and connect automatically at boot through profiles. Consider carefully that in this way your profiles will be in clear text, exposing your client certificate and key (but not your AirVPN username and password). Eddie can even generate a profile by an AirVPN server (long-tap a server name from the VPN SERVER view). We're very glad to know that longer battery life is noted, it was one of our purposes when Eddie Android edition was designed. Should you use CHACHA20-POLY1305 cipher with our experimental servers, you should see an even longer battery life: feel free to keep us posted. Kind regards -
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
Hello! You should have the identical behavior if you disable "VPN Lock" in Eddie (you can do that in the "Settings" view). Note that in such a case you will have traffic leaks outside the tunnel just like you have with any other OpenVPN based app (VPN lock is an exclusive Eddie feature). Android 8 and 9 implement new systems settings which will make "VPN Lock" superfluous. If you run Android 8 or 9 you can consider to prevent leaks with system settings and keep VPN lock disabled. Kind regards -
Version 2.18.3 (Fri, 27 Sep 2019 11:07:42 +0000) [change] Switched 'ping' method in Linux and macOS [change] Code cleanup [change] macOS - Direct invocation with AuthorizationExecuteWithPrivileges for superuser privileges [change] Linux - "Minimize to tray" false by default [change] Linux - Mono, Portable and AppImage editions [change] Minor UI improvements [change] Better log of issues [change] Better log of dns flush actions [bugfix] Linux - Icon and Window glitch in KDE [bugfix] macOS - SSH connection [bugfix] macOS - Show/Hide Main Window issues [bugfix] OS Keyring conflicts with multiple profiles [bugfix] Linux - Raspberry, ARMHF build, fixed issue 'file_getasroot' [bugfix] Linux - Fixed a fatal crash with some UI tray icon issues [bugfix] Linux - Detect and use iptables-legacy (nft transition) [bugfix] Linux - Fixed a SSL connection issue (related to error 'Cannot create pid file') [bugfix] Parser of OpenVPN version [new] Linux - WM_CLASS registration [new] Linux - New IPv6 block [new] Latency test only about servers in whitelist [deprecated] Option "Remove Default Gateway" (routes.remove_default) removed [deprecated] Windows - Option "Switch DHCP to Static" (windows.dhcp_disable) removed
-
Hello! What is your exact distribution name and version? Do you run systemd-resolved? Can you check whether your /etc/resolv.conf file is a symbolic link or not, both when Eddie is connected and when Eddie is not running? What Eddie version are you running? Kind regards
-
Help with Pfsense 2.4.4_3 and Stunnel.crt
Staff replied to courteousorbit's topic in Troubleshooting and Problems
Hello, once again: we wish (in our setup, we mean) that stunnel accepts any connection to bypass restrictions, even when it will have certificate replacement and therefore it is subjected to MITM exploits. The integrity and data security layer is ensured by the underlying OpenVPN tunnel. stunnel is not there to add anything to security when you use OpenVPN over SSL, it is there to try to punch a hole in the filters through which OpenVPN can establish its tunnel. In other words, the stunnel configuration is intentionally "insecure", as in our case stunnel must "punch a hole" and nothing else, while all the packets security, integrity, authentication etc. is up to the underlying ("inside" stunnel) OpenVPN tunnel. Kind regards -
Hello! We're very glad to inform you that a new 1 Gbit/s server located in Singapore (SG) is available: Struve. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Struve supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Struve Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
-
Eddie Android Edition 2.4 released - ChaCha20 support
Staff replied to Staff's topic in News and Announcement
Hello! Username and password are encrypted, and not simply obfuscated, before they leave your system in Eddie desktop editions as well. However this thread is reserved to Eddie Android edition: please report your evidence on the threads dedicated to Eddie desktop edition at your convenience for thorough investigations. Kind regards