Staff

Hello! Please make sure that you're running Eddie 2.16.3 or higher version (check by selecting "About" menu item). Then, please log your account out and in again (through Eddie main window). A new combo box allowing you to pick any of the current certificate/key pairs should appear just under the credentials fields. Kind regards

Hello! From your description Eddie just started. Since you say that you had launched Eddie an hour before, a possible chain of events is: Eddie started, Eddie crashed, Eddie re-started. Maybe the whole OpenVPN library was brought down, maybe not (in the first case traffic leaks would have been unavoidable). Do you have the option to take a logcat? If so, please send it to us in private (open a ticket) to protect your privacy. We have edited the log you posted for the same purpose. https://developer.android.com/studio/command-line/logcat Kind regards

Hello! If OpenVPN can not maintain the connection and needs to quit, Eddie must lock communications before OpenVPN quits. Eddie features the most effective, best effort leak prevention currently available in any OpenVPN 3 based application running in an un-rooted Android system. The leak prevention system has been thoroughly tested in months of heavy usage by several hundreds of beta testers, but if you find any missed lock do not hesitate to report. Kind regards

213 servers support IPv6, 10 servers do not. The post with the list has been linked previously by giganerd. If you find any issue with IPv6 in any of the 213 servers supporting IPv6, please inform us at your convenience. Kind regards

You might've disabled the geolocation feature in your browser. Unsure about Lich. If Staff said there are issues with it which are out of their control then wait a few days and see if it gets resolved then. AFAIK the only server definitely without an IPv6 prefix is Kitalpha in Switzerland. Staff posted in another thread a list of all servers not supporting IPv6. Lich is not one of them. Hello! We inform you that Lich did have IPv6 support, but it does not have it anymore. We are waiting for more info from the datacenter to understand why their infrastructure suddenly stopped working with IPv6 and act accordingly. Lich has quite a good connectivity so we might keep it even if IPv6 is not restored in a reasonable time. Kind regards

Hello! The name can not be resolved: please check the DNS settings. Also keep in mind that VPN DNS can be accessed only from inside the VPN. Kind regards

Hello! Error 111 means "connection refused" and you get that error when packets from the Internet through our VPN server reach your node properly and are actively refused. The most common cause is a firewall dropping packets. Kind regards

Hello! Please try the following settings: - from Eddie main window select "Preferences" > "Networking" - set the "IPv6 layer" combo box to "Blocked" - click "Save" Alternative solution: upgrade to OpenVPN 2.4 or higher version. Explanation: OpenVPN versions older than 2.4 do not handle IPv6 properly. So our servers do not push IPv6 routes and related directives when they detect older versions, in order to not break retro-compatibility. However Eddie (for a bug in 2.16.3, fixed in 2.17.2beta) tries anyway to check the IPv6 route in the tunnel and it obviously fails. Kind regards

Hello! Yes, of course. Therefore, you can reach IPv6 services as well. The only servers currently not supporting IPv6 are: Baten Porrima Scheat Algedi Bellatrix Miaplacidus Rasalas Metallah Kitalpha Also, please keep in mind that you need OpenVPN 2.4 or higher versions. Let's see the system report (Logs -> Life Belt icon -> copy all -> paste into your message). Can you browse ipv6.google.com? What is the output of "ping6 ipv6.google.com" command (from a terminal emulator, when the system is connected to the VPN)? Kind regards

Hello! Please use "screen" for your purpose: https://www.rackaid.com/blog/linux-screen-tutorial-and-how-to/ The problem you experience is due to the fact that, with the procedure you follow in your description, you put the process in background, but the stdin, stdout and stderr are still connected to your terminal. So, when you end the SSH session, you destroy the terminal emulator with anything connected to it. screen is just perfect for what you need. It provides much more flexibility and features than nohup + disown Read here (first answer) for a more detailed analysis: https://superuser.com/questions/178587/how-do-i-detach-a-process-from-terminal-entirely Kind regards

Hello! Unfortunately this is a known bug affecting all Sony Bravia systems and documented here: https://github.com/CiNcH83/sony_atv/issues/11 If there is a change in the networking state of the system while being connected to a VPN server via VpnService, a severe system crash happens. An app is never supposed to crash the system, only itself. This might be a severe security threat. A change in the networking state can for example be provoked by turning off/on the TV. So VPN needs to be disconnected before turning off the TV or else there will be a crash when turning the TV on again. After years, Sony has not yet fixed it. Kind regards

I'll install Debian Siduction and try to find out what's going wrong. @kah0922&M3AtAirvpn&greerd: There is an issue with Airvpn auto-download at the moment, the new implementation had some hardcoded parameters that are simply not flexible enough (unfortunately I only have one account to test with). Thanks for letting me know & expect an update very soon! Hello! Please open a ticket and ask for some additional test account and other info, our support team will be glad to help. Kind regards

Hello! Thread has been updated to reflect new options for Android. Kind regards

Hello! A possible explanation is related to the DNS settings of the device behind the pfSense box. Keep in mind that in order to access Netflix USA the device must query Air VPN DNS. Any device will not necessarily query the DNS set in pfSense, obviously. On top of that, some devices such as the Roku 3 have hard coded DNS (an old version of Roku queries Google DNS for example). In such cases you need to pre-route (re-direct) any DNS query from any device to AirVPN DNS through the tun interface (you can't reach VPN DNS from outside the tunnel). Kind regards

Hello! Thank you! An account is not bound to a specific devices set and can be used to connect any device, without limits but 5 simultaneous connections. Therefore, you don't need any peculiar procedure. If in doubt, please open a ticket at your earliest convenience. Kind regards

Hello! On Amazon Fire TV Stick (1st and 2nd generation) and Fire TV Cube, as well as other Amazon devices running Android 5.1 or higher versions, you can run Eddie Android edition, which is also available on the Amazon appstore. No side load is necessary now. Kind regards

Hello! We are considering to implement an opt-out for the lock in version 2.1, which is currently under internal testing. However, when you disable the lock, you WILL have sooner or later traffic leaks outside the VPN tunnel, just like you have them with OpenVPN for Android. We will provide in-app clear warnings, if we decide to insert such an unsafe option. You are explicitly asking for a feature which will crumble your anonymity layer in various circumstances, so use it at your own risk. When OpenVPN enters an unrecoverable error state and quits (for example when communications with the VPN server are lost) OpenVPN for Android will just try to re-connect as soon as possible, causing traffic leaks. On the contrary, Eddie will enter a network "lock state" which blocks any communication indefinitely. In this way you can first shut down applications whose traffic must not leak outside the VPN tunnel, and only then remove the lock and re-connect the device to the VPN. Yes, we're glad to inform you that this is also planned for version 2.1. Kind regards

Hello! Unless you connect through imported ovpn files, please make sure you set "Quick connection mode" to "Use custom settings" in the "Settings" view in order to tell Eddie to use exclusively the protocol, port and TLS mode you selected, even when you pick "Quick connect" or a specific server from the list. Kind regards

Hello! Can you please make sure that "Persistent notification" and "Persistent tunnel" options, in the "Settings" view, are both enabled? Kind regards

Hello! If you compare with "OpenVPN for Android" and "openvpn-connect", on equal terms, you should see that Eddie is more battery conscious: you should experience 15% longer battery life, approximately. CPU performs an intensive encryption/decryption job when you connect to a VPN. That's why it's important that Eddie is the most efficient OpenVPN application ensuring the longest battery life you can have, between all the OpenVPN based applications we are aware of. Kind regards

Hello! Unless you connect through imported ovpn files, please make sure you set "Quick connection mode" to "Use custom settings" in the "Settings" view in order to tell Eddie to use exclusively the protocol, port and TLS mode you selected, even when you pick "Quick connect" or a specific server from the list. Kind regards

Hello! Also keep in mind that even when Eddie disappears, OpenVPN might be running fine anyway. So if you had Network Lock enabled and you saw traffic flowing, the most plausible explanation is that OpenVPN was still running and Network Lock was on. Of course it is possible that some other program running with administrator privileges modifies the firewall rules and "cancels" the Network Lock, but such an event can be prevented only by the system owner. Kind regards

It's definitely working properly on our side. We even checked explicitly on your VPN IP address while you were connected. Something is wrong in your configuration, and it's not necessarily the prerouting or forward rules. Feel free to open a ticket. See here: # iptables-save | grep 10.19.50.97 -A PREROUTING -d 213.1x2.1xx.5/32 -p tcp -m tcp --dport 2x379 -j DNAT --to-destination 10.19.50.97:2x379 -A PREROUTING -d 213.1x2.1xx.5/32 -p udp -m udp --dport 2x379 -j DNAT --to-destination 10.19.50.97:2x379 That's directly from inside the server you are connected to (some octet digits and the forwarded port have been edited for your privacy, while 10.19.50.97 is your IP address in the VPN). As you can see everything is fine. Kind regards

Hello! Eddie does not disable anything, however "Network Lock" feature flushes any iptables rule and writes new rules to prevent traffic leaks outside the VPN tunnel. The previous rules are saved and restored when Network Lock is disabled or Eddie exits normally. Should OpenVPN or Eddie crash, Network Lock rules will of course remain enforced preventing traffic leaks. In such a case, in order to restore the older system rules, you will need to re-run Eddie and close it properly. Kind regards

Hello! iptables is available for *BSD but you don't really need it, just use pf instead. We went ahead and since your account was connected to some server we tested directly from inside that server. We can confirm that remote port forwarding works perfectly and packets were forwarded to your node properly, on the correct port. Kind regards