Staff

Just downgrade to OpenVPN 2.3.13, it's the most straightforward solution. Please see here: https://airvpn.org/topic/20939-eddie-openvpn-24-issue-no-connection-could-be-made-because-the-target-machine-actively-refused-it/ Kind regards

In reality it's quite simple: a pure TLS tunnel. As long as pure TLS tunnels are allowed, no problems (but note that pure TLS tunnel traffic is shaped, even heavily - that's one of the reasons why HTTPS is frequently much slower than HTTP in China residential lines). Whether a company is big or tiny does not matter because the ways to circumvent the blocks, under a technical point of view, are simple and can be achieved even by a single person in a matter of minutes with minimal monetary involvement. And note that "such a sophisticated piece of Chinese engineering" does not exist as a single piece. It's just a set of non-uniform ISP techniques, which are not even coherent between lines and zones. For example, in many residential lines in mainland China OpenVPN is disrupted, but on mobile lines it is not (you can successfully use OpenVPN in TCP most of the time, no need of double tunneling). In Shanghai less blocks than in other areas are enforced. And so on. Kind regards

Hello! The problem is showed in the quoted log entry: your system can't resolve "localhost". Somehow your system hosts file has been wrongly modified, or corrupted. Please make sure that in your hosts file the first hosts block line is: 127.0.0.1 localhost How to edit hosts file in various Mac systems: https://www.tekrevue.com/tip/edit-hosts-file-mac-os-x/ Kind regards

Hello! We're very glad to announce a promotion on all of our Premium plans with a 20% discount. The promotion will remain active until January the 1st, 2017, 23.59 (CET). If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Kind regards & datalove AirVPN Staff

Hello! It's a bug. When the binary file exists in the Eddie directory, the custom path is ignored. Bug fixed from Eddie 2.11. You might like to upgrade to Eddie 2.11.9beta. https://airvpn.org/services/changelog.php?software=client&format=html To download latest Eddie beta version please see here: https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Hey - thanks!Ugh, I have to do this every time I want off AirVPN? There is a bug in Eddie 2.10.3 for which DNS settings are not restored properly, not even if Eddie is shut down properly. A condition to reproduce this bug is having one or both DNS servers omitted in the network interface. Therefore, if you set the interface DNS to "automatic DNS", you will just satisfy an essential condition for the bug to come out. You have two choices to get definitively rid of the issue: 1) set BOTH DNS to publicly accessible DNS servers in your network interface while Eddie is not running (do NOT set to "Automatic") 2) upgrade Eddie to version 2.11.x beta, where this bug has been fixed AND of course always shut Eddie down properly (never kill it without grace), to give it time to restore the settings. To download Eddie latest beta version please see here: https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Hello, maybe with Tomato or Synology you just hit the processing power limit of a core of their CPUs to encrypt/decrypt AES-256. A limit that's so near to the shaping cap of your ISP that can be confused with it. Kind regards

I didn't know this. Guess I was lucky that I didn't try a 3 TiB drive, I suppose. The limit is on the boot partition only, not on the drive itself. Once the kernel runs, you can handle any other partition larger than 2 TB, but (of course) according to the limits of the filesystem of each partition. You need to take additional care if you need a dual boot BIOS machine with Linux and Windows, when you want an older than Windows 7 system (or a Linux kernel older than 2.6, really archaic), or any other system not supporting GPT partitioning (in this case, even with EFI). To clarify: https://superuser.com/questions/384807/2-1tb-limit-on-bios https://unix.stackexchange.com/questions/33555/what-is-the-max-partition-supported-in-linux https://en.wikipedia.org/wiki/Comparison_of_file_systems Kind regards

Hi, please see here (and if necessary continue on that thread): https://airvpn.org/topic/20750-airvpn-not-working-with-fedora-25/ Hopefully just disabling Wayland will solve the issue. Kind regards

Hello! Can you please re-post it? That pastebin page content has been deleted. Would you like to open a ticket with logs, at your convenience, citing your message in the thread? We would like to put you in touch with some developer, directly. We have tried with multiple combinations and in different ways, but we never managed to reproduce the issue... Kind regards

chattr acts on file system flags, so if a file is flagged immutable, root user passing through OS r/w can't change it until the flag is reset. That said your report clearly shows a potential bug (minor, not critical). Do you have some procedure to reproduce it with a certain degree of regularity? Currently we can't find a way to do it in Debian 7 and 8. Kind regards

Hello! There are no DNS leaks on Linux. What Eddie version are you running ("AirVPN" > "About") and which ArchLinux version? In Eddie 2.11.1 Mono caused in some Fedora systems to cache the resolv.conf file for a couple of minutes, so new DNS were queried only after that time. However, this issue had been fixed. Probably the best course of action is that you open a ticket so that we put in you touch directly with the developers. In the ticket, please include a system report taken WHILE the problem is occurring, and a system report after the problem has ceased. To send us a system report click "Logs" tab, click the safe belt icon and paste into your message. Kind regards

That's correct and expected: Network Lock is a set of iptables and ip6tables rules enforced when Eddie starts. Such rules are not permanent and on top of that Eddie will explicitly restore previous ip*tables rules when you shut it down. The easiest way is to set proper iptables rules at the very beginning of your init. See also https://airvpn.org/topic/12175-network-lock/ Kind regards

LZO should be enabled. The reason is that on some DD-WRT firmware interfaces (as well as in some network-manager-openvpn versions for Linux, we suspect), setting LZO to "Disabled" will not originate "comp-lzo no" directive. The comp-lzo directive could be totally omitted. This will cause connection failure when our servers push "comp-lzo no". You need "comp-lzo yes" or "comp-lzo no" (it doesn't matter which, it will be overridden by VPN server) to be fully compatible with our service. Kind regards

Eddie for Windows 7 can run with .NET framework 2, while Eddie for Windows 8/10 needs .NET framework 4. Which Eddie version are you running? Note that the inactivity timeouts occur on the OpenVPN flow, not on Eddie's. We see at least two important problems in those logs, on top of something interfering with UDP anbd/or OpenVPN packets (or just line instability): routes and outdated tun/tap driver (manual installation? you disabled auto-update in Eddie options?). Please feel free to open a ticket, this thread is probably not appropriate (because troubleshooting does not seem to involve Eddie beta bugs). Kind regards

That's impossible. Even if you insert a third-party nameserver in the resolv.conf file, the DNS query will be tunneled. If the local router is also a DNS server and forwards DNS queries in the clear, then again this is not a DNS leak by Linux (Linux has just sent some traffic inside the local network, traffic which is, must be and is compelled to stay outside the tunnel). A DNS leak occurs when a DNS query to some DNS server on the Internet is NOT tunneled in spite of the routing table. This can't happen on Linux, unless explicitly configured to do so. However, DNS leaks can happen in Windows, because there is no DNS implementation there (there is something that emulates a DNS implementation in some circumstance but in reality it's something very different, and very alien). We can't support you to solve a problem that does not exist.. If you open a ticket you'll get full support, but of course on the problem that you really have, not on the problem that you think you have. Don't worry, the support tickets are handled without this joking spirit. Kind regards

Currently not reproducible, we're sorry. As long as it's not reproducible, it does not exist for us: if you want to help us reproduce the problem (which is probably on your system for the current knowledge we have) please open a ticket. Kind regards

There are no DNS leaks on Linux.

With which .NET framework? It's hard to provide exact numbers, but on our (few) Windows 7 x64 testing machines the user interface is roughly 100% faster, which is a remarkable improvement (up to 2 times faster in most user interface operations). Kind regards

Hello, the problem must be in how you and your friends try to access the service. How do you do it? We did it without problems, as we told you, at .airdns.org: You should have seen two unauthorized access attempts from user "airvpnwashere" in your service logs. Kind regards

Hello! We can reach your service (well, we did not pass the authentication, but that's not important ). Everything seems configured correctly: we reached it even using your *.airdns.org name. Notes: probably useless to say that your forwarded port is not 12345, but just in case... check the listening port (when you try to access the service from the outside). Also remember that you can't access a service behind some VPN server from any device connected to that same VPN server. Kind regards

Hello, an unexpected behavior can derive from two firewalls running at the same time: two softwares with the same privileges modifying the OS filtering table together... Network Lock in Eddie 2.10 sets Windows Firewall rules, so the outcome when it runs in competition with Bitdefender is unpredictable and can lead to all sorts of problems, including security problems. Eddie 2.11.xbeta uses Windows Filtering Platform, so you might be able to use concurrently even a third-party firewall with Network Lock, as long as this firewall does not manipulate WFP rules and does not set incompatible rules evaluated after the WFP rules. Kind regards

Hello, can you please check whether your /etc/resolv.conf file has the "immutable" flag set? If so, nothing can change it with ordinary r/w operations (not even root) until you clear the flag with chattr. Kind regards

IMPORTANT NOTE: point 2 is optional, point 3 is MANDATORY. Actually point 2 can be ignored. Point 1 is included in point 3. Kind regards

It does exactly as you say (of course you need to re-run it to give it chance to fix the situation). However it does not do that when one or both DNS servers were missing (in the original settings of the physical network interface). This is the bug which has been fixed in 2.11. Kind regards