Staff

Hello! Not exactly, since the Control Channel of OpenVPN maintains HMAC SHA1 available as digest (HMAC SHA384 is available as well, starting from some version of OpenVPN). New Data Channel ciphers will be available as well. All the changes will be fully applied after IPv6 testing is over (internal testing is over and successful, public testing on at least one server will start in the very near future). A new https://airvpn.org/specs page will clarify all the new supported modes in due time. Kind regards

Hello! You can't change the integrity message digest: in the relevant phase, with the new certificate-key pairs, it will be always SHA512, not SHA1. Cipher is 4096 bit RSA as usual. Kind regards

Hello! We're very glad to announce that a new option has been added in your account "Client Area". You will find a menu item labeled "Devices / Keys". The "Devices / Keys" tab provides you with access to a new panel to administer your client certificate/key pairs. The panel lets you use a new multi-key support from AirVPN, a comfortable and convenient feature. From now on, you will be able to have multiple keys, renew them and issue completely new keys. From each device of yours you will be free to use any key you like. Therefore you can keep all of your keys under control, administer them and also connect multiple devices to the same server and port by using a different key on each device. Eddie 2.13.6 (current stable release) already implements in the Overview window a menu which will let you choose a key before you start a connection. It will appear automagically when you create a new key from your account control panel. The Configuration Generator has been modified as well, to let you generate configuration files with the certificate/key pair you wish. Let's see in details how to use the "Devices/Keys" options. Device Name and Description: this is a free name or description that you can associate to any key for your comfort.Columns Type, Creation date, Last renew date and Last VPN connection are informative.Renew: this is an action button. When you click it, the corresponding certificate/key pair will be revoked, and new ones will be issued.Delete: this action button will revoke the corresponding certificate, without issuing a new one.Add a new key: this action button will create a totally new certificate/key pair which will be added without revoking or renewing any pre-existing key.View history will toggle with View Active to provide you with any relevant information on the history of your actions about keys and the current active list. Some caution when using these new features: if you revoke or renew a certificate/key which is being used by some connected device, that device will soon be disconnectedin Eddie, you will need to log your account out and then in again to force Eddie to pick a different key (new or old) Kind regards and datalove AirVPN Staff

Hello! That's expected and intentional. Eddie does not set "permanent" iptables rules, they will not survive a system reboot. Kind regards

Hello! iptables rules restored when you close Eddie: intended and expected. When Eddie crashes, we can't see how it can modify iptables rules or do anything else. Network Lock is a set of iptables and ip6tables rules, please feel free to clarify. Kind regards

Hello, you can also use gdebi, which resolves dependencies automatically. Or just right-click the icon of the .deb package and select "Open with" > "Software install" (or any similar item). Kind regards

Hello! Yes. Kind regards

Hello and Happy New Year to you too! IPv6 support on server side will be available regardless of the software client used to connect to our VPN servers. We can't categorically rule out that some clients might have problems. We hope not (and we will be testing as soon as our ISPs in Italy provide us with a more decent IPv6 support), but in any case (hear, hear!) we are willing to release Eddie for Android within July 2018 with a lot (if not all!) of the features you find in Eddie for desktop systems. The problem you mention is serious and we think that it might become a widespread issue for mobile users in several countries in 2019. This is the main driving force which convinced AirVPN management to speed up implementation of IPv6 support. Going back to 2014, IPv6 support was vaguely road-mapped for 2019/2020. The decision to "put the deadline 2 years back" was proposed in late 2016 and approved unanimously soon after. Kind regards

Hello! Eddie is late in development, for a combination of adverse causes which we are going to list here below. On the server side, OpenVPN has been properly patched and tested. Some parts of code have been rewritten properly to provide a real IPv6 full support (task completed successfully by berserker). @NaDre: currently micro-routing in IPv6 is not fully implemented. It will probably come later. Eddie is late mainly because: the ISP lines supporting IPv6 which are available to our developers malfunction often. IPv6 goes down frequently. Only in December, the devs reported an IPv6 black out of several days without interruption! Such events force the developers to perform any test remotely, between servers in which IPv6 works properly, and the consequence is a delay in development (one thing is testing from your office and house directly with IPv6, one thing is testing remotely via IPv4 connections controlling remotely IPv6 supporting machines in which you run any new Eddie alpha version). This is a dramatic infrastructural/ISP configuration problem in Italy which we have no control on, of course. We can't even rely on multiple ISPs because a pure IPv6 support is currently not provided by most of italian ISPs.we have had a nasty problem which causes a malfunction with usage of IPv6 (in the VPN) from an IPv4 only line. This problem is "nasty" because it occurs only on Windows 7, 8, 10, while on OS X, macOS and GNU/Linux Eddie works just fine with the very same pieces of code. As a consequence, troubleshooting this issue has been time consuming - we want to publish an Eddie version which works on all supported platforms, we don't want to leave Windows behind for obvious reasonsKind regards

Hello, Under Windows, this critical error might be caused by a possible bug in OpenVPN triggered when the log file is large, can you please check? Also compare with: https://community.openvpn.net/openvpn/ticket/454 Strange that it comes out with Eddie, though, because it is reproducible only with OpenVPN Connect usage as far as we know. Maybe this is not the real cause, but it's worth a check anyway. Kind regards

THIS THREAD IS NOW OBSOLETE - PLEASE JUMP HERE: https://airvpn.org/topic/25148-ipv6-support-experimental-phase/ Hello! We regret to inform you that IPv6 full support has been delayed. Here is the current, new roadmap for IPv6 support deployment in our infrastructure: Within 15.Jan.18: - at least one public VPN server supporting IPv6 - release of new Eddie version which fully supports IPv6 routing and any other necessary function If no problems arise, or when unexpected problems are resolved, deployment of IPv6 on all the other VPN servers which are in an IPv6 capable network (i.e. the overwhelming majority in our infrastructure - only 2% of the servers will not support IPv6 due to technical limitations of the datacenter they are in). Such a wide scale deployment will be very fast (a matter of a day or two a few days). We apologize for the inconvenience. We are well aware that full IPv6 support for the end of December 2017 had been planned since 2016 and we'll do our best to minimize the delay. Kind regards and datalove AirVPN Staff

The whole range of IP addresses of the dc where GB2 is in is already blocked. We operate in 4 additional datacenters in the UK and we tested other IP ranges in additional datacenters, we don't even remember anymore how many. All of such ranges are blocked. It is more efficient for BBC (or Netflix or anybody else interested in discriminatory accesses) to just black list those IP addresses which stream concurrently more than x streams (the value can be accurately calculated to not affect customers behind a NAT of a residential ISP) while a white list of IPv4 addresses assigned to UK (or any other country) is compiled, which is another very effective solution for all the happy scullions of the copyright industry (except when they wonder how it's possible that file sharing increases instead of going down during time with the new streaming services) or just to contribute to build walled gardens for the fools. It's not the main purpose of our service, but just a nice side effect, which will probably work less and less in the future. It would be very risky to hope to cover the expenses of our infrastructure with a geo-restriction bypass service, and we never really counted on it. In 2014 or 2013 we advertised this side-effect for a few days in the home page, and we quickly stopped because we saw it as a mistake with no future (it looks like we were right, unfortunately). However, as you could read before in this answer, this does not mean that we don't care about you: we have employed time and resources to make BBC accessible. Kind regards

Hello, in our infrastructure America is meant as the continent including all the lands of the Americas. We have servers in Canada and the USA. Maybe your node is connected to some server in Canada. Kind regards

Hi, some examples? Kind regards

Hello! This is very important and you must NOT ignore such warnings. A very plausible explanation, and indeed the most frequently correct one, is that you are querying poisoned DNS. In particular, the posted screenshot reminds us of the warnings about wild and dangerous traffic hi-jacking performed by ISP in the United Arab Emirates. In any case, regardless of the country you live in and the entity which is hijacking your traffic, stop immediately and do not provide any data when you get similar warnings from your browser. Kind regards

We are 28 december, no news ? New Eddie version release has been postponed to the first half of January, we're sorry. Kind regards

Hello! We're very glad to announce a promotion on all of our Premium plans with a 20% discount. The promotion will remain active until January the 1st, 2018, 23.59 (CET). If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Kind regards & datalove AirVPN Staff

Hello! Please click "Deactivate Network Lock" button in the main Eddie window. Kind regards

Hello, if you are writing about the maximum amount of simultaneous connections from different machines (virtual or real) with the same account, that's five. https://airvpn.org/topic/24261-how-many-simultaneous-connections-from-one-account/ Kind regards

Hello! We see that the tickets queue is only 3 hours behind. Please re-check, your tickets (as far as we can see) have been ALL replied, including the last one. Kind regards

That's caused by higher rating of Canada servers than USA servers. However: That's unexpected. We can't reproduce the issue. Maybe you have ticked "Show all" in the "Servers" window, or you have a white list for servers too (in this case, servers white list takes precedence over country white list). Can you check? Kind regards

We do what?! Check your facts please. Are you trolling or what? What does this have to do with "ownership rights on a work of mind" (your words, whatever they mean - since it's plainly not possible to own a work of mind)? You pay to enter and use our service, if you are not eligible for a free access. To say it all, please be informed: there is no copyright (just in case you meant "copyright" with "ownership rights", looking back at your previous messages) not even in our software, which is released under GPLv3, or on the VPN servers, which run tools and script, written by us or not, under GPLv2, GPLv3, BSD licenses, and everything runs in some free and open source OS. What's more, Eddie developers are constantly improving usability of Eddie (the Air client software) with other VPN services. Kind regards

Hello! We can confirm that a new version of Eddie which addresses the issue is going to be released in the near future during December (before the 25th). Kind regards

Hello! We add here the answer to your ticket: it might be of general interest. Hello! Since some VPN servers provide you with good throughput, we are not sure that traffic shaping is enforced against your OpenVPN usage. In general, here's a robust proof to show traffic shaping against OpenVPN or UDP, assuming that you have ruled out (and can prove the exclusion of) any possible QoS / packet filtering tool in your local network (including the router) of course. Test a direct OpenVPN connection with UDP protocol to port 443. Perform various speed tests. Then, test an "OpenVPN over SSL" connection to port 443 to the very same VPN server(s) you tested in the previous run. leaving any other setting absolutely identical. Also, anything related to networking in your system and router must remain unaltered. Perform the very same speed tests (your purpose is doing different measurements when the only variable in the tests is the connection mode - even the time of the day should be as similar as possible). "OpenVPN over SSL" encrypts the OpenVPN tunnel inside the SSL tunnel, so that DPI can't detect anymore OpenVPN usage. Now, OpenVPN over SSL in an agnostic network must be slower. The reasons: - you add a remarkable overhead with the additional tunnel - you force OpenVPN to work in TCP, which is less efficient than UDP due to how OpenVPN works Therefore, if you get a throughput that's higher than or equal to the throughput you got with direct UDP, when all the conditions we mentioned are respected, you obtain a proof that your ISP "throttles" either UDP or OpenVPN. Kind regards AirVPN Support Team

That's interesting, where can we see a map/report of the periods of Comcast network congestion, segment by segment (according to reports, infrastructure of Comcast is - as expected - different in different areas: in some areas congestions are rare, in other ones they are frequent)? Out of curiosity, how did you infer the time zone of the customer from those log? Kind regards