Staff

Hello! Be aware that 4 Mbit + 4 Mbit/s of guaranteed allocation is great for the pricing of AirVPN. Our competitors offer 0.0 (best effort, no minimum allocation guaranteed). Please consider that if residential ISPs in Europe had all of their customers connected simultaneously and requiring full bandwidth at the same time, the allocation by most of such ISPs (if performed equally for each customer) would be between 0.1 and 10 Mbit/s. The biggest ISPs in Europe (example: TIM in Italy) have an average per residential customer consumption (fixed lines: in mobility much less) of 190 GB/month, which on average means 0.58 Mbit/s throughout the month. Residential networks are normally designed and sized on the basis of these values with congestion control (traffic shaping) during peak hours or any unexpected event. Guaranteeing no overselling beyond 4 + 4 Mbit/s was and is even nowadays a significant effort by AirVPN. In practice, as you can see on the "Top User Speed" chart, users can easily beat 500 Mbit/s, there is no congestion. But if all customers connected at the same time (assuming a fair distribution on all servers) then everyone would anyway have 4 Mbit/s (4 + 4 server side). Kind regards

Hello! Try to increase MTU even further, up to 1420 bytes (you can also try 1440 bytes if you never use IPv6). The reason to lower MTU is that the frame on some network is not big enough to contain 1420 bytes of WireGuard, but if you can enlarge (your network supports larger WireGuard MTU) then do it, because performance will improve. https://lists.zx2c4.com/pipermail/wireguard/2017-December/002201.html Disabling the setting you mention about geo-routing on AirVPN DNS through your account panel can improve performance should the test you perform pass through a "geo-server", which would cause a bottleneck. These geo-servers are meant essentially to bypass geo-location based blocks and they are not suitable to perform massive speed tests. If the destination node which is instrumental for your tests is routed through one of these micro-servers you will get a remarkable bias. By disabling the feature you cancel any forced "geo" or "micro" routing. Kind regards

Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. You can do it in your account Client Area -> Your membership: Purchase and credit -> Print X-Mas after you have bought a coupon. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy --- Promotion will end on January the 8th, 2026 (UTC). AirVPN does not inspect and/or log client traffic and offers: five simultaneous connections per account (additional connection slots available if needed) inbound remote port forwarding unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 2100 Mbit/s with WireGuard flexible and customizable opt-in block lists protecting you from adware, trackers, spam and other malicious sources. You can customize answers or exceptions globally, at account level or even at single device level. powerful API IPv6 full support comfortable management of your client certificates and keys AES-GCM and ChaCha20 OpenVPN ciphers on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys internal DNS. Each server runs its own DNS server. DNS over HTTPS and DNS over TLS are also supported. free and open source software client side software support to traffic splitting on an application basis on Android and Linux and on a destination basis on Windows and macOS GPS spoofing on Android application AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Promotion due to end on 2026-02-08 (UTC). Kind regards & datalove AirVPN Staff

Hello! Jc will be capped to 10 in this beta 1 version, but this does not defeat the purpose of randomization as Jc tells the quantity of junk packets that must follow CPS, not their size. However it will be important to allow more than 10 junk packets because we have reports from you and other persons according to whom an higher Jc seems to imply a higher probability to circumvent specific blocks. As usual you can force any value by editing and importing a profile, of course. Beta 2 is anyway imminent. Kind regards

Thank you very much! Noted, Jc, S1 and S2 limits come from the documentation here https://docs.amnezia.org/documentation/amnezia-wg The allowed ranges will be fixed according to logic, new documentation and source code. The crashes are under investigation. Thank you for your tests and bug reports! Kind regards

Hello! Therefore the issue should have a different cause and this is probably not the proper thread. Please open a ticket and/or a different thread at your convenience, after you have reviewed this checklist: https://airvpn.org/forums/topic/66388-port-forwarding/?do=findComment&comment=243305 Kind regards

Hello! If you can manage to store locally the report (try to tap the diskette "Save" icon) or you can manage to send the report via mail (try to tap the triangular "Share" icon) the logcat that Eddie includes could still contain a dump/trace of the previous crash, even if you had to re-start the app. Please send it to our support team (support@airvpn.org) or publish here, as you prefer. If there's no way to do it, please try to describe accurately all the steps that you perform, as well as the settings you configured, to help us reproduce the crash that occurs while Eddie is connected to a VPN server. Kind regards

Hello! Yes, not PiedPiper but Richard himself only, when he stepped down as CEO of PiedPiper, although his vision was even greater because he thought about a mesh network between cell phones with a p2p-like layer not necessarily over any TCP/IP stack. Of course he had his revolutionary lossless compression algorithm, that we don't have in our universe. On the other hand, other observers have noted that the series producers might have had in mind something like a blockchain-based distributed storage network. Kind regards

Hello! Understood. This is typical with dynamic blocking by GFW and other blocking tools. Remember that GFW (and other blocking tools) behavior is not deterministic, as clearly disclosed and proved at the USENIX Security Symposium 2025. We have already put in place methods capable to defeat the GFW in most circumstances (probably 85% success rate), as you have noticed, and when you are blocked by some heuristic decision of the GFW you necessarily need some trial and error. We are working to increase the success rate even more, stay tuned in the near future. No, this is not the case. OpenVPN eats resources but not in a critical way, and it will require less and less resources while more and more clients switch to WireGuard or AmneziaWG. According to your description, to the lack of any warning by our monitoring system, and the fact the we have no similar complaints from Western countries, we feel comfortable to say that this is not a server side problem. Kind regards

Hello! It could. Feel free to try it. Let us double check in order to ascertain that the problem is not on the server side: can you please send us the names of the servers you experience this problem on? Kind regards

Hello! This is a problem caused by blocks though, not a server problem. Kind regards

Hello! With WireGuard it's a very good choice as the DNS server IP address (10.128.0.1) is also the VPN gateway address, on every and each server since the WireGuard network is one. With OpenVPN, you have different subnet on every server though and you can't rely on a fixed address. 10.4.0.1 is available on every server for DNS queries but does not respond to ping. You could consider to extract the gateway from the tun interface settings at each connection and ping that gateway. Kind regards

Hello! Nothing wrong, it's possible that the third party service is malfunctioning. Are you able to reach your listening service from the Internet? Kind regards

Hello! This is potentially the problem, We can't be sure because for some unfathomable reason you deleted once again the endpoint address and the port. Or did you literally enter "#ip" and "#port"? By the way, when VPN_SERVICE_PROVIDER environment variable is set to an integrated VPN such as AirVPN (as it is in your case) you can rely on more proper variables that will prevent you from entering wrong addresses and/or ports. Please set the proper environment variables, delete the quoted ones (quoted here above), and check whether the problem gets resolved. Please see here again: https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md Kind regards

Hello! Something is blocking the creation of the virtual network interface that WireGuard needs, so it was not an Eddie's problem. Do you run any antimalware tool that might be blocking networking operations and/or blocking software that needs to modify network configuration with administrator privileges? Kind regards

Hello! Not anymore, and even less in the near future. HTTP/3 is quickly spreading. Today, HTTP/3 is used by 36.5% of all the websites, including major web sites inside countries that enforce blocks against VPN. Furthemore, blocking UDP as such is no more realistic, not even in China, where UDP has become an instrumental protocol for many companies in any sector (video streaming, video conference, VoIP, marketing, social media marketing, regime propaganda and more), for regime aligned or regime owned activities. In China you have a near 100% success rate and no shaping (apart from the normal shaping for anything outside China) with the current Amnezia "weak obfuscation" (no CPS) implementation, i.e. at the moment you don't even need QUIC mimicking (which is anyway available and very effective). Currently, bypassing blocks via UDP than via TCP is more efficient in China. At the moment there is nothing more effective than mimicking QUIC with the signature / fingerprint of an existing web site that's not blocked, and you have this option right now. We see > 95% success rate, which is better than the success rates of SSH (not exceeding 75%), shadowsocks and XRay, V2Ray etc (but a lot faster!). The success rate is similar to any VPN protocol over HTTP/2, but, again, dramatically faster. We're glad to know it. It is also very flexible. Thanks to CPS, you may mimic any transport layer protocol built on UDP, for example DNS, QUIC, SIP. Kind regards

Hello! The problem is that WireGuard doesn't start. Please try a re-installation from the official package available here: https://www.wireguard.com/install/ Then test WireGuard native utilities to connect, in order to discern whether the problem is Eddie specific or not. Instructions are available here: https://airvpn.org/windows/wireguard/gui/ Kind regards

Hello! Please set MTU to 1280 bytes and test again. If the problem persists please test from the host, without containers, to determine whether it's a GlueTun specific problem or not. Keep MTU to 1280 bytes and increase at small steps. Kind regards

Thank you! Please use the Configuration Generator. Turn on the "Advanced" switch. Generate a file with the Configuration Generator for WireGuard for the server or country you want to test. Download the file and edit it with any text editor. To begin with, add these parameters in the [Interface] section: Jc = 20 Jmin = 50 Jmax = 1000 S1 = 0 S2 = 0 H1 = 3 H2 = 1 H3 = 4 H4 = 2 Import the file into your PC AmneziaWG client, or use it with the AirVPN Suite component Hummingbird, and even in Eddie 4.0.0 (you can do it in the "VPN profiles" view once the file is in your Android device) and use it to test a connection in Amnezia mode. If it fails please try a connection directly from Eddie, without profile, in Amnezia WG. If it fails too enable QUIC mimicking in "Settings" > "Advanced" > "Custom AmneziaWG directives" and test again a connection. Keep us posted! Kind regards

Hello! It's available right now if you can edit the generated file. An integration with the configuration generator will require time so we suggest that you test by editing your own file (generated by the CG for WireGuard). Integration with Eddie Android edition is already available in the 4.0.0 beta version. ~100% success at the moment comes from reports from Russia and China. It would be good to have an additional report from Uzbekistan. 😋 Kind regards

Hello! We're very glad to know that the problem is solved. From the OpenVPN manual: Since mssfix 1280 resolved the problem, a plausible explanation that comes to mind is that before the problem started your network had frames fitting the previous MTU, and this is no more possible now So, it could be a change on your ISP side. Kind regards

Hello! Please note that the ability to connect over a generic HTTP, HTTPS, SOCKS4 and SOCKS5 proxies, especially those only supporting TCP, is an OpenVPN strong feature that's not matched by WireGuard. The flexibility and ease of OpenVPN to do it is very important for anyone connecting from behind a proxy (such a corporate proxy). This is a feature that we do no want to lose so phasing out OpenVPN in its entirety is not on the table at the moment. Another similar, powerful feature that WireGuard can not offer is establishing an SSH tunnel, or a TLS one (by stunnel typically) and then connect OpenVPN over it. However, a balanced approach is possible, and we are already moving toward that direction. For example, our kernel networking tuning is preferring WireGuard needs, not OpenVPN ones, although the approach is not too unbalanced. In the future we might also consider to lower the amount of concurrent OpenVPN processes we run on servers (we do it to aid balancing for the notorious problem you mention and for which a stable and easy to maintain DCO would be a solution). Kind regards

Hello! We have a report that makes us suspect that in Uzbekistan it's the IP addresses of various VPN servers (not only AirVPN, other VPN too), to be blocked "unconditionally". Anyway AmneziaWG is worth a test, with and without QUIC mimicking, toward all the wg ports of our servers. It has an incredibly high rate of success in Russia and China (higher than OpenVPN over SSH and shadowsocks) so it's definitely worth a test. Please keep us posted as we have literally three reports only from Uzbekistan including yours... If you need some parameters to test check here: https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/?do=findComment&comment=258644 and here: https://airvpn.org/forums/topic/59479-block-vpn-in-russia/?do=findComment&comment=237288 If you need some suggestions for the parameters In in order to mimic QUIC connection to some specific web site known to be not blocked in countries controlled by VPN hostile regimes, please contact our support team in private by opening a ticket. Kind regards

Hello! Please note that the TLS handshake and anything else is performed by and between your system and the final web (or other service) servers. The VPN server is not a part of this process. Of course airvpn.org and ipleak.net do not block AirVPN servers. We would rather suspect some MTU related problem. Try to add in your OpenVPN configuration the following directive: mssfix 1280 Can you also test, in the problematic system, a connection by running OpenVPN directly and not relying on the network-manager-ovpn plugin? In the past it caused several different problems and it was deprecated. If the problem persists please test with ufw completely disabled. Do you mean that the problem doesn't appear at all on different systems using the same OpenVPN connection mode (entry-IP address, port and protocol)? Kind regards

Hello! Yes, as the default settings are not adequate for high load and high throughput servers. Kind regards