Staff

Did it happen when (if) you upgraded to Eddie 2.11.x beta? Is your system GNU/LInux based? If so: the ping method has changed in Eddie 2.11.5beta for Linux. Just consider, at the moment, the round trip times as relative values. Nothing changes operationally for you in the choice of the "best" server. Kind regards

We have no idea about how such utter nonsense could become your "knowledge". We just recommend that you read the previous posts before writing anything else. There's nothing to fix on Eddie for the reported behavior. The investigation should focus on why your system loses communications with your router (random examples which are very common: router crashes and reboots; WiFi signal is very low; Ethernet cable has problems; connection to ISP is re-spawned and a new IP address is assigned; computer network interface driver is buggy/outdated). Kind regards

That's obvious because it has nothing to do with Eddie. The "huge upload" you cite is detected (and expected in various circumstances) because you first lose connection with the uplink of your system. It's not that you lose connection because you have a "huge upload". You have reversed the cause with the effect. Kind regards

Hello! We're sorry but this is NOT an issue and we are NOT trying to resolve something that does not exist. This is has nothing to do with Eddie or with Windows or with any other system, it's simply broadcasting (and other local traffic) which is perfectly normal when a connection with an uplink is null-routed, for example. Kind regards

Hello! A DNS leak is not defined on a destination DNS server basis, but on the fact that the query is not tunneled. A DNS leak is a DNS query which is not tunneled. If the DNS query goes inside the tunnel, it is not a DNS leak, regardless of the final destination. This is what happens in any system with a proper DNS implementation which obviously includes a global DNS. In such systems DNS leaks can't exist. The "DNS leaks" problem has become relevant because the most used desktop Operating System (Windows) has always lacked (and still lacks) a proper DNS implementation. Not only you don't have a global DNS in the system, but system processes, by default, can query sequentially all the DNS servers specified in ALL the network interfaces. Kind regards

Hello! This happens because you can't access a service behind some Air VPN server from a machine connected to that same server. That does not seem an issue. Simply, "your_name:8096" can't be a valid name. Maybe you mean with that ":8096" to specify some port? If so, you forget that ping uses ICMP requests (ICMP is not at transport layer, and is not at application layer): there is no concept (and no room in the datagram) of specific processes/applications end-points like ports. Kind regards

Hello, the behavior you describe resembles Eddie 2.10.3, not 2.11.5beta, can you please check? Try Eddie 2.11.5beta, installing version. https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Hello, your local proxy is refusing connections or it is not running: Kind regards

Hello! Please check the real time servers monitor (if you don't run Eddie or don't use our domain names for countries) because we have 2 servers in the Netherlands down. Maybe you were trying to connect to those two. Anyway, just a speculation, because in this thread we unfortunately see a total lack of logs in spite of repeated requests of them by some of the community members... remember that without logs, in most cases it's not possible to provide any support. Real time servers monitor is accessible by clicking "Status" in our web site top menu. Kind regards

Eddie can use any OpenVPN configuration file, even of course pertaining to servers from our competitors. The UI is not yet enabled by default, use Preferences -> Advanced -> Multi-provider support. Note that AirVPN account or subscription is not required: AirVPN can even be totally removed as VPN provider. Remember: The features 'Pick port/protocol', SSH/SSL tunnels, 'Check Tunnel' and 'Check DNS' are AirVPN servers specific, so they will not be performed on other .ovpn files. Please report in this forum your experience with Eddie and other VPN providers, even if it works perfectly, thanks. The full conversion of Eddie to a generic OpenVPN wrapper is still under development, currently it's an hybrid (for example Settings contains AirVPN specific options that will be moved in the future). This is a subforum related only to Eddie. For discussion about other VPN providers, please use this subforum

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Switzerland is available: Achird. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Achird supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Romania is available: Alamak. The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Alamak supports OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that four new 1 Gbit/s servers located in the United Kingdom are available: Alshain, Asterion, Asterope and Chow. The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The new servers accept connections on ports 53, 80, 443, 2018 UDP and TCP. Just like every other Air server, Alshain, Asterion, Asterope and Chow support OpenVPN over SSL and OpenVPN over SSH. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello, from your message it looks like separation of entry and exit-IP addresses should be a countermeasure to the cited threat model, but it isn't. Even if both IP addresses were in separate /24 subnets, the linked investigation could have been successful anyway. Given the threat model you provided, the countermeasures should be different. You should assume an even less favorable scenario: such an adversary can actively wiretap, with competent authorization obtained in a short time (or even illegally: the threat model for a powerful criminal organization is probably similar) any server in any datacenter in some country (in your case, especially USA and Canada). In any case, when actions in our infrastructure infringe our Terms of Service, and in particular when they infringe human rights, we reserve the right to do anything in our power to put an end to such actions and track down the infringer. Kind regards

Prevention of all those correlation attacks which would cause two clients connected to the same VPN server to exchange data in the clear. The reason for which this can happen in every OpenVPN service where entry and exit-IP addresses are the same will be obvious if you study the routing table of an OpenVPN "client". Doing so will also suggest various techniques to "cause" an OpenVPN client to send data in the clear to another OpenVPN client. There are some other nice side effects, but when we planned this "system" we were thinking almost exclusively of the above. Kind regards

That's normal. Just re-run Eddie and this time shut it down properly. Kind regards

if we understand it correctly, this is irrelevant (out of the scope of "IP separation"). Entry and exit-IP addresses are different to prevent some specific correlation attacks. They are doomed to fail (as long as the attacker does not control both your line and our servers lines, of course), regardless of the fact that the attacker knows or not all the IP addresses of our servers. Kind regards

None of the Swiss servers performs splendidly from various USA providers, and that's all in all acceptable. We would like to receive feedback from users in Europe. In North America we have created a huge bandwidth redundancy both in USA and Canada with widely diversified transit providers to satisfy performance requirements from our customers in North America. From North America, customers willing to connect in Europe should rather look at our servers in the Netherlands directly connected to AMS-IX: https://airvpn.org/topic/19014-servers-re-location-netherlands/ and https://airvpn.org/topic/17799-five-new-1-gbits-servers-available-nl/ Kind regards

Is AirVPN going to do anything about it? i mean i would like a server that can deliver a bit more than 2mbits per second. At least 20mbits has been the minimum requirement for me to use it. Kitalpha can do it, but it dips well down into the 12-14 mbit range too long to maintain a 4k video. Please continue publishing your feedback with Arneb if you wish so. We are keeping an eye on it. As you know, we have been operating this server for three months before publishing it, and we did it only when some problems we detected were resolved. Now, if the peering of this server is bad for a significant majority of customers, we can withdraw it. Note that the internal tests we performed just a few days ago were fine. We have been already searching for a more valid replacement and perhaps we are on the right track. Kind regards

Hello! We're glad to inform you that starting from Friday October 21st 2016 @ 23:59h CEST to Saturday October 22nd 2016 @ 04:00h CEST the Netherlands servers listed below will be relocated in a new cage. The expected downtime is four hours from the beginning of the relocation of each server. Alchiba Alcyone Alshat Alterf Atik Celaeno Diphda Elnath Gianfar Hassaleh Hyadum Kajam Merga Nash Salm Situla Skat Talitha Tarazed Zibal This will allow to add AMS-IX and Telia direct connectivity as well as some extra peering to all of the aforementioned servers. After the re-location, therefore, we will have all the 44 servers in the Netherlands with direct AMS-IX and Telia connectivity. Additionally, the uplink capacity to each public switch will be increased to 40 Gbit/s (currently it is 20 Gbit/s per switch). Kind regards AirVPN Staff

Various reports confirm what we experience in our testing machines: it works correctly. Can you make sure that you're running Eddie 2.11.5beta? Kind regards

Hello! Your OpenVPN client correctly aborts the connection because our certificate is not valid in 1969. Kind regards

Confirmed: entry and exit-IP addresses have been different since 2011. They matched in some early beta version of the service, but at that time the service was limited to internal personnel - it was not public. Kind regards

If Network Lock was on the case deserves investigation. Theoretically, if you look at the pf rules set by "Network Lock", it just can't happen. Could you publish the complete pf rules while Network Lock is on and the problem occurs? Kind regards

Thanks for your input, I found this also in german legislation. Though it's paradox since circumventing copy protection is forbidden by §95 UrhG, and §69 UrhG allows this for interoperability. The latter also seems to be a direct copy of the EU text. Probably it's the transposition (implementation of the Directive in national laws). A word-by-word transposition is generally very good. Commissioners and Directors of the DGs have often underlined the issue of imprecise transpositions (which can happen even NOT in good faith). Changing even a few words in the transposition can cause significant differences for national courts and law interpretation (we know something about it very well in Italy, sadly). Copy protection circumvention prohibition is inapplicable in so many cases, for example when it prevents the effective exercise of some constitutional right of a citizen as well as human rights, of course. The case of interoperability of software is probably a gray area, because right to interoperability, in several cases, could be very hard to be proved as a part of a constitutional right of any kind, and that could have been the reason for which an explicit authorization by law was felt as necessary. Kind regards