Jump to content
Not connected, Your IP: 18.226.93.22

Staff

Staff
  • Content Count

    11042
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    1866

Everything posted by Staff

  1. Hello! Let's verify whether the route check failure is a false positive or not: from Eddie's main window select "Preferences" > "Advanced" uncheck "Check if the VPN tunnel works" click "Save" enable Network Lock from Eddie's main window select "Preferences" > "DNS" uncheck "Check Air VPN DNS" click "Save" test again connections with WireGuard and OpenVPN. This time the connection should be fine from the log, but you must verify manually that you can perform your normal Internet activity. Network Lock will prevent anyway any traffic leak and make the route check superfluous Kind regards
  2. Hello! Why do you mention the router again? The router would not enter into play in this case of port forwarding because you wrote that the connection is established from a computer behind the router, not by the router. Can you confirm this? Kind regards
  3. Hello! Error 111 (connection refused) imply an active connection reset. Therefore the packets correctly reached the system connected to the VPN but they were actively refused. This event may occur when a packet filtering tool is configured to reject packets (and not dropping them silently) either globally or on a specific port, or when the operating system is configured to reset incoming connection without an end-point (in other words, when no process is "listening" to the destination port). Therefore, assuming that the Synology device is connected directly to the VPN, please check your packet filtering tool rules and check the configuration of the listening Download Station: it must be running, listening to the correct port (check your AirVPN account port panel) and binding (if a bind option is available) either to all interfaces or to the virtual network interface used by the VPN program. However, if it's your router the one connecting to the VPN and then sharing the connection with all the devices behind, then you must take care to forward the router port to the final destination, in this case the proper port of the LAN IP address of the Synology device. Kind regards
  4. @julienth Hello! If the problem persists please post or attach to a ticket a system report generated by Eddie after the problem has occurred. Please see here to do so: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-–-heres-what-to-do/ If the problem has been resolved in the meantime, please spend a minute to post the solution for all the community readers. Kind regards
  5. Hello! Does the same problem persist if you try a connection via WireGuard? In order to switch to WireGuard: from Eddie's main window please select "Preferences" > "Protocols" uncheck "Automatic" select any line with WireGuard. The line will be highlighted. click "Save" and re-start a connection to apply the change please make sure to test a few servers in different locations around your node Kind regards
  6. Hello! A new release is planned during April 2024. Stay tuned! Kind regards
  7. Thank you for the head up! Problem fixed. Kind regards
  8. Hello! This solution should work for you too: https://airvpn.org/forums/topic/56643-stuck-in-a-broken-route-never-connects/?tab=comments#comment-225323 Kind regards
  9. Hello! It is possible, please see here: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/ Kind regards
  10. Hello! Before trying anything else, can you please make sure that your father's PC is really connected to the VPN? Please verify by browsing https://ipleak.net : the web site should show that the system is connected to some AirVPN servers and it should mention which server it is. For these preliminary tests please make sure to connect each device to a different VPN server: multiple connections to the same server with the same key may cause conflicts. In the future you can resolve the above problem (if you need to connect multiple devices to the same VPN server from the same account) by using unique key on each device, as AirVPN allows a thorough and flexible management of your account keys, please see here: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/ Kind regards
  11. Hello! The CPU of 10 Gbit/s servers does not have high load on average and the 10 Gbit/s servers have repeatedly reached more than 12 Gbit/s peak performance (6 up + 6 down). They also have quite a remarkable average, for example Haedus on weekends keeps an impressive 8 Gbit/s averaged on the 48 hours! OpenVPN surely loads the CPU, that's unavoidable, but we're topping CPU capacity only when the total amount of connected clients exceed 300, which normally should not happen: Eddie will not recommend connection to servers with approaching to limit connected clients and our areas FQDN will not resolve to those servers' IP addresses. As a side note, consider that the 10 Gbit/s servers marked with "6000 Mbit/s" maximum bandwidth are connected to a 10 Gbit/s port but with our plan the provider guarantees 3 Gbit/s full duplex 24/7, while they are "best effort" burstable to 10 Gbit/s. Kind regards
  12. Hello! Please check your setup against the following guide: https://airvpn.org/faq/p2p/ On top of that, we have noticed a malfunction in some qBittorrent version (for example 4.5.5) in FreeBSD and Linux related to binding. If you set Tools > Preferences > Advanced > Optional IP addresses to bind to into All addresses, qBittorrent will reply only to IPv6 packets. If that's your case too, set that combo box to All IPv4 addresses. For additional safety you can also set the Network interface combo box (available in the same advanced menu) to your VPN interface. Always run qBittorrent only after a VPN connection has been successfully established. Kind regards
  13. @shortfacedbear Hello! While Eddie Windows edition does not feature traffic splitting on an application basis (i.e. the feature you would need) WireSock for Windows has emerged in the last months as a practical and efficient solution even for your needs. https://www.wiresock.net/ On Windows, WireSock allows per app traffic splitting, per app reverse traffic splitting, per IP address destination traffic splitting, and hybrid traffic splitting with an extremely simple configuration file. According to the new reports we received from some of our Windows customers, it is probably a good solution which will save you from virtualization and from any solution requiring a fairly decent system and networking competence. According to those same reports, WireSock is fully compatible with AirVPN but unfortunately it is not open source software as far as we can see. Kind regards
  14. Hello! Please force Eddie to refresh immediately the server list by clicking the refresh icon on the "Servers" window. If that doesn't work, from the main window uncheck "Remember me", log your account out, then log your account in again. On the iPhone, can you tell us which VPN server(s) you're trying to connect to? Also compare the servers with the current status https://airvpn.org/status Kind regards
  15. Hello! It was a momentary problem which should have been solved. Can you please try again and report back? Kind regards
  16. Hello! If DCO becomes stable and maintains the performance claimed in the OpenVPN Hackathon 2019 yes, we do, as DCO would outperform WireGuard (in real life we don't see much difference though, but we must keep into account that DCO is still highly experimental). On top of multi-threading support, it could be used over TCP too, which would be significant. On the server side it resolves also WireGuard limitation regarding the automatic IP address assignment in place of the moronic static, hard coded and on file key<->address bijection needed by WireGuard. On the other hand, on the Linux universe, we don't foresee DCO included in the mainline kernel, while WireGuard is already there. We'll see. It's a worthwhile test and we're thinking about it. Kind regards
  17. Hello! You have entered the TLS Crypt key for the correct entry-IP address (213.152.162.86 is an entry-IP address "three", where you have support for tls-crypt). Thus the problem is somewhere else. On some firmware, the "static key" field is not the "TLS key" field. If that's the case you need to put the tls-auth.key content in the TLS field, while the static key field must be left empty (it's for an OpenVPN working mode without PFS which we do not support). Also you should make sure that there's no block against UDP in the firewall rules. Kind regards
  18. You could certainly ADD a Wireguard only server, without taking away an OpenVPN server. Hello! The matter for future servers might be different of course. Kind regards
  19. @marcos.machado Hello! Assuming that there is indeed no block at all against OpenVPN or UDP in the network, a possible cause of the problem is a mismatched TLS key. For entry-IP address 1 you need tls-auth key while for entry-IP address 3 you need TLS Crypt key. You deleted the IP address of the server so we can't tell which key you need. Since tls-auth and tls-crypt are mutually incompatible and OpenVPN server can start either in tls-auth or in tls-crypt mode we have been forced to make this distinction on different entry-IP addresses. Your OpenVPN version is also quite old, so consider an upgrade if possible. The Configuration Generator generates the proper key according to the connection mode you have picked. If you need split files (i.e. certificates and keys not embedded in the ovpn file) you can enable "Advanced" mode and then check "Separate certs/keys from ovpn files" option. In this case, the CG names the tls-auth and tls-crypt keys respectively ta.key and tls-crypt.key. You will also need to select "2.4" in the "OpenVPN profile" combo box, because OpenVPN 2.5 and newer versions support directives which are unknown to OpenVPN 2.4. Kind regards
  20. Hello! Yes, it's strictly mandatory to support OpenVPN on every and each existing server, otherwise we would break compatibility with a relevant portion of customers who rely on OpenVPN support for their devices (or even because WireGuard is blocked in their network) on specific server(s). Stopping OpenVPN on existing server(s) would be a huge and serious problem, even without considering the contractual breaches. Kind regards
  21. Hello! So, you turn off the computer without shutting down Eddie first, and when you turn the computer on again Eddie fails to start. At that point you reboot the system and at the next attempt Eddie starts properly. If the above description is correct, it sounds like the typical problem caused by fast startup to many programs. Is "Fast startup" option in Windows enabled? If so, can you please try again with that option disabled? Should the above solve the problem, a concise explanation is due: when fast startup is enabled and you turn off the computer, in reality the computer kills some apps but not some processes and then hibernates. When you turn it on, the system recovers from the hibernation file, it does not perform a startup at all and some processes are woken up while other apps were killed. This will cause problems of all sorts to most programs working on networking from the userspace and more (not to mention the apocalyptic mess it caused with some system updates). When you reboot the system, the system performs a proper shut down and a proper bootstrap, resolving the problems. Kind regards
  22. Hello! Please try again now. Kind regards
  23. Hello! It might be a known Eddie Android edition bug (whose fix is planned on the next release): if your access credentials include the % character the credentials will not be processed properly and you will get an error message (however, the error message you report comes from Eddie Desktop edition, but basically that's the same meaning). Might it be the case? Kind regards
  24. @ms2738 @ScanFarer Hello! DCO would resolve any problem and would not require this relevant waste of resources with the infrastructure split into "WireGuard only" and "all the rest" servers. As the "kernel acceleration module" which then became "DCO" project was announced in 2019 we thought the split you suggest would have been unnecessary. Five years have passed since that announcement and DCO is still "under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time." so we might review our plans. Let's see anyway whether this first quarter of 2024 brings news on DCO development. Kind regards
  25. Hello! OpenVPN directive "data-ciphers" is supported in OpenVPN 2.5 and newer versions while OpenVPN 2.4 does not support it. You may either upgrade OpenVPN (recommended: 2.4 is becoming too old) in your system or force the Configuration Generator to generate configuration files compatible with OpenVPN 2.4. To do so, in the CG web page enable "Advanced" mode and then set the "OpenVPN configuration" combo box to "2.4". Finally generate and download as usual. Kind regards
×
×
  • Create New...