Not connected, Your IP: 18.191.171.20
Online: 21657 users - 230162 Mbit/s total BW
.png.f3c947a2e9e68659251859004ed11f01.png){kind=avatar}
Staff
-
Content Count
10594 -
Joined
... -
Last visited
... -
Days Won
1759
Posts posted by Staff
-
-
@dersik
Hello!
The problem is under the attention of Eddie's developer. To start Eddie without GUI, please note the "--clie" typo. The correct option is "--cli". You might still experience problems, even without the GUI, but it's worth a test.
Do you need to connect over WireGuard or OpenVPN?
Kind regards
-
@supermanvthanos
Hello!
Set the link MTU size identical to the size set by Mullvad and then increase at little steps. 20 bytes by 20 bytes. Consider that:- Mullvad software forces the MTU size to 1280 bytes (at least some time ago, we don't know whether they changed it recently)
- Eddie 2.21.8 lets WireGuard set the MTU size and it does not offer an option to change it. If WireGuard makes a wrong choice Eddie 2.21 can't fix it
- Eddie 2.23.x sets MTU size to 1320 bytes but also lets you change it in Preferences > WireGuard window, a new feature. If you want to test it: https://airvpn.org/forums/topic/56428-eddie-desktop-223-beta-released/
- if you run native WireGuard utilities you can change MTU size by entering the directive MTU = n, where n is in bytes, in the [Interface] section of the configuration file. You can edit it with any text editor
- each time you change MTU size you must re-start the connection to apply the change. Perform the speed tests to fine tune and find the optimal MTU size for your network.
Feel free to open a ticket if you need support directly from the AirVPN support team.
QuoteI may need a refund if I can't fix this.
This is the community forum so it's not the proper place as the community can't do anything about it obviously. If you decide for a refund you will need to open a ticket (click "Contact us" on the web site or write to support@airvpn.org).
Kind regards
-
1 hour ago, xmartymcflyx said:Sometimes Eddie crashed for me and I have no way to know if my web traffic leaked or not,
Hello!
You can always know for sure that your web traffic and any other traffic did not leak, provided that you enable "Network Lock" option in Eddie. This feature is a set of firewall rules, so even if Eddie crashes you know that no leaks can occur (unless you reset the firewall rules with root privileges, of course
).
QuoteExample: You are using an australian server through wireguard, and then you can configure your browser (Brave, for example) to use the socks5 proxy of a Japanese server. That way, your entire connection goes encrypted as usual to Australia, and then only your browser's traffic is re-routed to Japan's SOCKS5 proxy, so your web traffic exits through a japanese server. If you use a browser like firefox, there's an extension called Multi-Account container (made by mozilla), where you can configure each container to use a different socks5 proxy, so you can use the same browser and use multiple containers/tabs which will be using multiple exit nodes from different countries.
Yes, it seems comfortable. Actually, you don't even need double hop and a SOCKS proxy to exit on different countries with different containers. You may connect directly each container to a different country server without double-hop and therefore you will have remarkably higher performance on each tunnel and for the whole container, so you are not limited to a single program, and you are not limited to TCP (and not even limited to WireGuard, just in case you need OpenVPN for some blocking or other reason). The limit is 5 concurrent connection slots, which should be anyway enforced to prevent "infinite account sharing" of course. On the other hand, switching proxy directly from inside Firefox is faster if you need only Firefox and the useless double hop performance hit may appear as a fair price to pay. Currently you can do it in AirVPN but with external proxies, since we have no plans to operate directly SOCKS5 proxies at the moment. The proxy will anyway see only the VPN server exit-IP address and together with end to end encryption you would be fine.
Kind regards
-
Hello!
The Kaspersky VPN interface causes a critical error to OpenVPN:
Quote. 2024.01.07 11:35:04 - Using WinTun network interface "Connexion au réseau local (Kaspersky VPN)"
...
. 2024.01.07 11:35:07 - OpenVPN > There are no TAP-Windows nor Wintun adapters on this system. You should be able to create an adapter by using tapctl.exe utility.
To solve the problem please set Eddie to ignore any alien interface:- Select from Eddie's main window Preferences > Networking,
- write eddie in the "VPN interface name" field
- click Save.
Kind regards
-
Hello!
21 hours ago, n8chavez said:I know a lot of people who won't use AirVPN because it lacks this feature. I understand that. It means we have no killswitch, or means of ensuring that data is only sent through the vpn. This would solve that.
Effective "Kill switches" are available in Merlin WRT (set Block routed clients if tunnel goes down option to Yes), Tomato and DD-WRT (check Killswitch box). On older OpenWRT versions and other routers supporting OpenVPN or WireGuard you can implement a "kill switch" via specific rules once and for all.
The additional SOCKS proxy connection you mention based on SOCKS proxy available inside the VPN does not solve the leaks hazard. It may prevent leaks only for those applications which are explicitly and manually configured to connect to the proxy inside the VPN. Any other application and especially any system process will not have such protection. It is advisable that you enable a proper method of preventing leaks, which will take just a few seconds and is explicitly implemented in any modern router firmware, instead of this somehow flimsy and partial "solution" which is not and should not be advertised as a general traffic leaks prevention method and which provides a false and therefore dangerous sense of security, as your own message hints to.
Furthermore, Mullvad introduced this complication in order to be able to guarantee that you always appear on the Internet with the same IP address when you connect to the same VPN server and when an app will "proxy" the traffic. That's not necessary in AirVPN where you already and always have the same public IP address when you connect to the same VPN server.
Kind regards
-
Hello!
Can you publish or send through a private ticket a system report generated by Eddie (the Air software client) just after the problem has occurred? Please see here to do so:
Kind regards -
Hello!
Latest Eddie 2.23.2 has been tested publicly for such a long time that we would say that you can safely run it. If you prefer to stay with 2.21.8 then you can consider to disable systemd-resolved which is the cause of the leaks you mention when it works in on-link mode bypassing resolv.conf file. While Eddie 2.23 and the AirVPN Suite for Linux offer full support with proper DNS management for every systemd-resolved working mode, Eddie 2.21 doesn't.
Kind regards
-
On 1/3/2024 at 6:11 PM, IdrisAdams said:Hi,
I have just installed the Eddie UI, but when I try to launch it the window simply doesn't show up. Despite this the Eddie UI is still shown to be running in processes. This is happening despite uninstalling and reinstalling the program. The UI worked fine a couple of days ago, and I haven't changed anything on my PC since.
Hello!
Quick preliminary check, just in case: https://airvpn.org/forums/topic/56912-black-friday-ad-stops-connection/?do=findComment&comment=227088
Kind regards
-
20 hours ago, sigmund933 said:Hello Staff! Wanted to check if there are any plans of spinning up a 10 Gbit server with Tier 1 providers near Florida/Georgia. Thanks again.
Hello,
we're glad to inform you that we will be launching a 3 Gbit/s full duplex guaranteed (on a 10 Gbit/s port, burstable) server in North Carolina around mid-January, please stay tuned. Additional expansions in Florida and Georgia will be under discussion later on, as usual according to bandwidth demand. Meanwhile, expansion on the other side of the USA (California) is ongoing: after the recent 10 Gbit/s addition in Los Angeles, two more 3 Gbit/s servers (burstable to 10 Gbit/s) are expected in San Jose for mid-January. They will replace the current three 1 Gbit/s servers in California marked with "Imminent withdrawal".
Kind regards
-
@foDkc4UySz
Hello!
WireGuard is the default choice in Eddie Android edition and it will be in the next AirVPN Suite for Linux (you can see the AirVPN Suite 2.0.0 preview version which is already supporting WireGuard fine). On Eddie Desktop edition the matter will be thoroughly discussed. On one hand you have the poor performance on networks shaping WireGuard, the complete WireGuard block in countries which are not irrelevant for AirVPN, together with the privacy problems posed by WireGuard. On the other hand you have the superior performance of WireGuard in agnostic networks and the fact that the privacy problems are mitigated by our setup and can be resolved by your behavior (key renewals). Plus, it must be taken into consideration the fact that if UDP is de-prioritized, then even the default OpenVPN on UDP of Eddie Desktop edition will suffer just like WireGuard.
Kind regards
-
11 hours ago, kbps said:Looking like the servers are back to normal now.
m247 London - Normal
@Staff Not sure if you have done anything behind the scenes, but thanks for looking into the issue. If you do find out what the problem was, could you update us. I am always interested in the technical aspects.
Hello!
We could not reproduce the problem in any time period of the day in the last 4 days, when this thread started, thus we could not and did not do anything. Glad to know that it's back to normal for you, we'll keep an eye on it.
Kind regards
-
48 minutes ago, mazurka7 said:Would appreciate a follow up to this, specifically on the reliability issues of the servers in recent months.
Hello!
In Singapore complaints against the servers are sometimes treated blindly without giving us enough time to reply and therefore IP addresses are null routed. When this happens the unblocking procedure may take time. Additional problems have included IPv6 network and line problems. Such problems may occur now and then even in any good datacenter. If the servers keep failing the expectations, as your complaints suggest, we will dismiss them and search for an alternative. It's not so easy in Singapore for the high volume traffic we require, so the matter is not trivial. Anyway, we already operate both on Leaseweb and M247 datacenters in Singapore, so we already offer redundancy.
Kind regards
-
11 hours ago, darckhart said:Will the replacement servers maintain (or is it even possible) to have the same IPs as those? Some services I use have whitelisted those IPs after a tedious back and forth which I'd love to avoid doing again.
Hello!
We're sorry, the new servers will not keep the same IP addresses.
Kind regards
-
22 hours ago, 0tt0_partes said:Maybe I've answered my own question.
Upon further review, it looks like the panel reflects the last VPN connection I've made, while I was thinking it documents my last login to this account.
Hello!
The "Client Area" session(s) panel shows the current connection slots, while the web site "Account Settings" > "Recently used devices" panel shows a part of the account's browser user agent transmitted to the web site when you log in to it.
Kind regards
-
Hello!
Please try to delete Eddie's configuration file while Eddie is not running and test whether the problem gets solved. Please see the following linked page in order to find the location of the configuration file:
https://eddie.website/support/data-path/
Kind regards
-
12 hours ago, kbps said:Is all I can think is M247 are limiting the traffic in some way at peak times.
Hello!
While this idea came to our mind too, although it's not anywhere in the contractual agreement, we probably have to rule it out as well, because in peak times you still have more than 600 Mbit/s in upload, which for the server means receiving 600 Mbit/s and sending out (virtually at the same time) 600 Mbit/s, so neither the incoming nor the outgoing bandwidth suffers congestion. However when you download you have very poor speed. although for the server the operation is "symmetric" to the previous one, it requires exactly the same bandwidth both in and out. So we have thought about a congestion in your network, but that's also to be ruled out otherwise you would have poor performance on the NL servers too. The only remaining and realistic option on congestion considerations we can think of is that some transit node in between you and M247 is congested on peak times and only on one direction. We will perform additional tests in an attempt to understand the possible cause of the problem.
Kind regards
-
8 minutes ago, 0tt0_partes said:I guess what I'm wondering is: how reliable is the "Recently Used Devices" panel. I'll go ahead and change my password, but I'm still curious.
Hello!
It's an Invision feature which could be useful sometimes, so we have not disabled it. It is as reliable as the user agent of your browser, which you can change easily. Actually, if look carefully, you might even find probably impossible combinations, such as Safari on Android and so on. Maybe you use a user agent changer plug-in in your browser which rotates user agents. As a side note to harden login security, you may also consider to enable 2FA.
Kind regards
-
Hello!
Very odd that you both have normal download speed on the Netherlands servers and very poor on UK servers. All the VPN servers share the same configuration and the load in UK and NL is highly similar. We would rule out a peering problem, otherwise you would see bad upload speed too on the UK servers. Can you also provide additional information such as your Operating System name and version, how you connect to the servers (WireGuard, OpenVPN UDP, OpenVPN TCP...) and (in private if you prefer so) your ISP?
Kind regards
-
16 hours ago, nlnl86 said:I've always been using Tunnelblick (MacOS), assumimg that since it has a much larger userbase outside of AirVPN and maintained by a larger community, it would be better security-wise and performance-wise than AirVPN's in-house client Eddie.
But using Tunnelblick, I've always suffered from connections hanging after a while, needing to change locations, disconnecting, etc.
Hello!
It's an interesting issue we would like to investigate. Tunnelblick and Eddie by default run different OpenVPN versions built by the Tunnelblick developers and Eddie developers respectively. Eddie may also run Hummingbird, based on OpenVPN3-AirVPN library, which is remarkably faster than OpenVPN 2 on Mac (WireGuard is even faster). Did you configure Eddie to connect over OpenVPN 2, Hummingbird or WireGuard?
Kind regards
-
On 12/26/2023 at 4:52 PM, pronto89 said:Wouldn't it be possible to have two "classes" of servers? One with such restrictions that would avoid blacklisting that can be used to surf with a little bit of ease, and others that have no restrictions at all? So depending on what one needs to do can connect to one class or the other...
Hello!
It's indeed a dubious solution which we can bet wouldn't work. The other class of servers should monitor and log the traffic to promptly ban users (and report them to police, if strictly necessary under specific circumstances) at each complaint, and keep IP addresses "clean" . This is exactly what your ISP already does, so in this case why should anyone rely on a VPN instead of his/her own ISP or some other VPN service which already logs and monitors traffic? Furthermore, there are indeed black lists aimed at exclusively blocking VPN, Tor and anonymous proxy addresses. Logging and monitoring would not resolve the problem you report at all in all those cases (and they are many) for which a service wants to block VPN and Tor unconditionally, no matter how "clean" an IP address is.
1 hour ago, kutusow said:Stating that a solution is against a "mission statement" is unhelpful.
Why? With a clear a mission and terms of service we think that the whole service is more transparent and honest, so that anyone can make an informed decision. A real problem would be the opposite, i.e. stating a mission and a contractual agreement and then surreptitiously or not break them.
Kind regards
Tubular and CocoaJackson reacted to this -
On 11/18/2023 at 1:16 PM, sylane said:Hello,
It seems more and more websites are blocked. [...]
For example, https://www.auchan.fr/.
So, my simple question, why?
Thanks for advance!
Hello!
auchan.fr is an e-commerce web site. The reason usually brought on by e-commerce web sites to justify VPN / Tor / etc. blocking is that frauds are less likely from ISP residential lines. If you ask directly they might provide their own reasons.
Kind regards
-
9 hours ago, Snowsuit8087 said:Just to add what Staff has said, there's very little reason to not use WireGuard on a Mac assuming that UDP traffic isn't being tampered with. I highly encourage using the stock wg client and importing configurations. Even without kernel extensions, it is still quite performant.
Hello!
Remember that you lose the Network Lock feature in this case. Hummingbird 2.0.0 preview for macOS is almost ready and it will let you run WireGuard through wg userspace tool in macOS with Network Lock, if you need it. Stay tuned on the "News" forum.
Kind regards
Snowsuit8087 reacted to this -
16 hours ago, ms2738 said:I appreciate the reply, but I was talking about torrent over SOCKS5, not torrent over Tor...
Hello!
We too. Same thing, the linked article is correct.
16 hours ago, ms2738 said:Do you know of a traffic splitting software for macOS?
Talking about per app traffic splitting we don't, but maybe the community does. You can also consider virtualization or emulation, for example with UTM which runs well in Apple Silicon (it is a QEMU wrapper). https://mac.getutm.app/
QuoteIs that something you might include in Eddie?
Yes, it will be considered for Eddie Desktop edition.
Kind regards
-
15 hours ago, ms2738 said:For clarification, when you say "we do not support the feature", do you mean that you've blocked/prevented it, or that you simply will not assist ("support") anyone in doing so? I would think it would actually be beneficial to you as it would reduce server load especially considering the single threaded nature?
Hello!
We mean that the VPN servers do not run any OpenVPN process offering connections to clients without encryption (see also https://airvpn.org/specs ).
QuoteThank you for the explanation, I have wondered why you seem to be very OpenVPN focused when most other VPN providers seem to be all in on Wireguard.
You're welcome. AirVPN infrastructure is based on OpenVPN and WireGuard and in all of AirVPN software you're free to pick either WireGuard or OpenVPN to connect (or you can run any other program which lets you drive either WireGuard or OpenVPN). Choose the one which can provide you with the best performance.
Kind regards
ANSWERED "Best" is determined by absolute or relative usage?
in General & Suggestions
Posted ...
Hello!
For the purpose of domain name resolutions, VPN server scores are computed on the following variables: average ping (between VPN servers themselves); average load; average users; known issues; ISP reliability. In the case of Xuange, currently it does not achieve the "best" score in Europe or in Switzerland because the amount of connected users is sufficiently high to outweigh the amount of free bandwidth.
Kind regards