Staff

@OpenSourcerer Hello! I mean hummingbird. Sure, we meant Hummingbird too. In other words, btcommon.h is needed to verify whether Bluetit is running or not and it is in the "includes", as Hummingbird is part of the Suite. We understand that a separate repository for Hummingbird alone causes this confusion, so we'll give green light to delete it (to be honest, the developer already asked for its deletion repeatedly, time to comply we guess ). Kind regards

@OpenSourcerer Great! It looks good... Hummingbird is part of the AirVPN Suite. btcommon.h is needed to verify whether Bluetit is running or not and it is in the "includes" as far as we can see. Kind regards

Hello! Confirmed. For the readers: the problem is that the system supports hot change (on the fly change) for port deletion, protocol change and port addition. However, the system does not support hot local port change, we're sorry. Quick solution: you will need to disconnect and re-connect when you need to change local port, as long as this feature is unimplemented. Luckily, local port change is, probably, quite a rare occurrence. Kind regards

@Maggie144 Hello! Hummingbird can not connect over SSH or stunnel at the moment due to an OpenVPN3 bug which has been brought in to OpenVPN3-AirVPN as well. We will be soon working to resolve this bug too. In the meantime, if you need OpenVPN over SSH, please use OpenVPN 2.x series. Thank you, you disclosed the bug. The error OpenSSLContext: SSL_CTX_use_certificate failed: error:0A00018E:SSL routines::ca md too weak is still under investigation. We have not found any SHA1-signed certificate for your account, which would explain the error message by OpenSSL. Also, the fact that Hummingbird alone does not throw the error makes the matter quite puzzling. If, from Eddie's main window, you uncheck "Remember me", log your account out, and log your account in again, does this error persist? Kind regards

@OpenSourcerer Hello! Your build fails because the file wireguard.h is not found. Note how it is delimited by double quotes, and not angular brackets, meaning that it is a local inclusion file. You can find it here: https://git.zx2c4.com/wireguard-tools/tree/contrib/embeddable-wg-library Kind regards

Hello! In this case please open a ticket, we want to check directly from inside a VPN server while your account is connected to verify the "forward rules". Kind regards

Hello! Our first suggestion is accepting BTC for your service or goods, in the small amount needed to buy an AirVPN plan, or according to your preferences, with your "own wallet" (i.e. you, and no third party entity, have the keys of your coins). Then you can buy an AirVPN plan. Since payments are accepted directly without any intermediary, you will bypass all the useless layers you mention. Kind regards

@space5 Hello! We have checked random ports of random users and the port "re-mapping" (let's call it in this way) works. The proper pre-routing rules for the DNAT are applied. We have checked the port control panel and we could not see any anomalous behavior. Of your forwarded ports, you have chosen not to "re-map" any of them. What happens if you try to do so, by changing the "local port" field on your AirVPN account port panel? Yes, it can. Kind regards

Hello! DCO must enter a phase where radical changes will not be applied. After that, it must reach a stable release. We will inform you about a new deployment plan which depends on when DCO becomes stable. Check also https://github.com/OpenVPN/ovpn-dco/issues and when the important note on https://github.com/OpenVPN/ovpn-dco is lifted ** NOTE ** ovpn-dco is currently under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time. Kind regards

@space5 Hello! Everything is fine, your service is reachable on the proper port. You have split port forwarding into two different "devices" (keys) therefore only the ports linked to a specific device will be forwarded when that device is connected. There, your listening program is reachable and replies (just checked). The other port will be forwarded when connections from the other device (key) are established. If you want unconditional port forwarding (classic system) to all devices, just set "All devices" on the "Device" combo box available for each port in your AirVPN account port panel. Please read the answer to the following FAQ: https://airvpn.org/contents/faq_port_forwarding/ Kind regards

@Venhedish Hello! Apparently UDP is blocked. Please make sure that no packet filtering tool, either on the router or system, blocks UDP. Also check any QoS (Quality of Service, traffic management) tool on your system, router and network interface device driver (lately some drivers have a QoS tool built-in) and disable it. Last but not least make sure that no antimalware tool blocks OpenVPN traffic. After all of the above, if the problem persists switch to a TCP connection: from Eddie's main window select "Preferences" > "Protocols" uncheck "Automatic" select the line with OpenVPN, protocol TCP, port 443, entry-IP address 3. The line will be highlighted click "Save" and test again connections to various servers Kind regards AirVPN Support Team

Hello! The following virtual network adapter: is causing a critical error to OpenVPN: To resolve the problem please tell Eddie to use exclusively a virtual network interface created by itself and ignore other "alien" interfaces: from Eddie's main window select Preferences > Networking in the "VPN interface name" field type eddie (or any other very short name you like) click "Save" Switching to WireGuard will also resolve the problem. You can switch to WireGuard and change connection mode in Eddie's Preferences > Protocols window. Besides, Speedify is a VPN: make sure that its software doesn't run while you run Eddie in order to avoid potential conflicts. Kind regards

@Maggie144 Hello! So: Eddie 2.22.2 + HB 1.3.0 in TCP or UDP -> failure with "OpenVPN3 CONNECT ERROR: SSL_CA_MD_TOO_WEAK: OpenSSLContext: SSL_CTX_use_certificate failed: error:0A00018E:SSL routines::ca md too weak" HB 1.3.0 in TCP or UDP -> success HB over SSH or stunnel, with or without Eddie -> failure in any case Is the above summary correct? Kind regards

Hello and thank you! We do not have an ETA for a *BSD version, we're very sorry. A first preview of AirVPN Suite version 2 is loosely planned for the end of June, but don't take it for granted. Kind regards

@Maggie144 Hello! That's fine, Eddie will not run with root privileges programs not owned by root, it's a small security system. Are you trying to connect Hummingbird over SSH? If so, can you try a direct connection (without the SSH additional tunnel)? Can you also run Hummingbird on its own (with a configuration file generated by the Configuration Generator) and check whether you get the following error or not? Kind regards

Hello! This forum is for the community by the community, so we read just a few messages in suggestions, troubleshooting and reviews. In the last weeks we have tried to focus more on the community forum but it's not possible that we follow everything. Moderators exist, they are from the community itself, they operate for passion and they have no ties or remuneration from AirVPN. If a moderator acts in a way that's considered wrong, any user can contact us. This happened two or maybe three times in 13 years, showing how good the moderators are. Being paid to lie about a VPN is common business in our sector and we have also received ransom requests: pay this or I will write bad things about AirVPN. Or even, pay this and I will delete this negative comment about your VPN and/or I will write a positive one. Needless to say we never pay these parasites and we never paid any review. Bans against IP addresses are only a consequence of a perimeter defense against various attacks (example: an IP address fails dozens of login attempts in a very short time) and anyway they are automatic and temporary. Yes, in so many years we have seen a couple of blatant lies on Reddit about this but they were fabricated, anyway they seem (if we're not wrong) just a couple out of the million customers we have had in 13+ years. Some hidden, or not so hidden, agenda, we guess, maybe just to try and collect a couple of bucks. By the way after 13+ years we're still here, alive and kicking, in spite of their vile lies. Another possible source of ban is when your computer is infected by spamware. In this case your account will post without your knowledge the typical porn, pharma, lottery links and nonsense. In such cases it may happen that the account is prevented from writing on the forum as it's not discernible from the horde of spambots around. A simple ticket or an e-mail will re-enable the account, after the computer has been cleaned. Anyway, don't take this forum as a tool for freedom of expression in general. We offer different tools to express your freedom of expression (we support Mastodon, PeerTube, Tor, XNet, WikiLeaks, we run Tor nodes and so on). Each community forum must not go off-topic after all and flames are not allowed. But we have an "Off Topic" forum which is suitable for many different topics, yes. Exactly, another clue showing that the cited claims are ridiculous. If we really were totally crazy and wanted to act as per the defamatory claims you cite, we would not allow writing by non-customers. Or maybe we would not have created a forum for the community by the community, in the first place! Kind regards

Hello! Please determine first and foremost whether the problem is caused by some NAS bottleneck or not. Connect a computer directly and compare the throughput both with OpenVPN and WireGuard on a level playing field (same protocols, same servers...). Please make sure you test different servers (both on NAS and computer) in various locations, not only CZ and CH. Kind regards

Hello! Very strange. For our knowledge base, what are your system OS, your hardware and your browser? Anyway be patient, the birthday promotion will end soon. In the meantime you can point directly to one of the inner pages since only the home page features the animation. Kind regards

Hello! Please try to delete Eddie's configuration file default.profile while Eddie is not running and check whether the problem is resolved at the next launch. To locate the configuration file please see here: https://eddie.website/support/data-path/ Kind regards

@farquaad Hello! It will work. TLS auth and crypt keys and CA certificate are the same on each server. Kind regards

@happysatan13 Hello! The following virtual network adapter: is causing a critical error to OpenVPN: To resolve the problem please tell Eddie to use exclusively a virtual network interface created by itself and ignore other "alien" interfaces: from Eddie's main window select Preferences > Networking in the "VPN interface name" field type eddie (or any other very short name you like) click "Save" Switching to WireGuard will also resolve the problem. You can switch to WireGuard and change connection mode in Eddie's Preferences > Protocols window. Kind regards

@183aTr78f9o Hello! We apologize, it's a problem in the developer's build process affecting the legacy packages we have been given for production. You can expect fixed packages today. EDIT: if you urgently need a legacy package not affected by the "building bug", you can get it from GitLab https://gitlab.com/AirVPN/AirVPN-Suite/-/tree/master/binary EDIT 2023-06-07: new packages have been uploaded, problem fixed. Kind regards

Hello! We're very glad to inform you that we have just released Hummingbird 1.3.0 for macOS (High Sierra or higher version required). Hummingbird is available natively both for Intel and M1 based Mac computers. Hummingbird is free and open source released under GPLv3: https://gitlab.com/AirVPN/AirVPN-Suite Main features Lightweight and stand alone binary No heavy framework required, no GUI Small RAM footprint Lightning fast Up to 100% higher throughput than OpenVPN 2.5 (on 1 Gbit/s lines) Based on OpenVPN 3 library fork by AirVPN Robust leaks prevention through Network Lock based on pf Proper handling of DNS push by VPN servers What's new linked against the OpenVPN3-AirVPN 3.8.4 library bugs inherited from OpenVPN3 main branch breaking the parser in various circumstances, such as presence of more than one pull-filter directive, have been fixed in OpenVPN3-AirVPN bugs inherited from OpenVPN3 main branch causing explosions when MTU related directive is specified have been fixed in OpenVPN3-AirVPN all libraries and dependencies have been updated Important note for high speed line users Because of some architectural specifications and implementation in macOS, in particular in case of high speed traffic Hummingbird may warn the user about shortage of buffer space, specifically when connected with the UDP. This condition is signaled by Hummingbird with the below messages in the log: UDP send exception: send: No buffer space available ERROR: NETWORK_SEND_ERROR The error is caused by the maximum network sockets size set in macOS, a value usually small and unsuited for modern high speed networks. The solution consists in increasing the maximum allowed size for socket buffers and, in case the problem persists, the number of mbuf clusters. The procedure is simple, please find out all the details in the manual. Open the README.md file with any viewer and search for "SEND_ERROR", or consult the online manual. Download the software here: https://airvpn.org/macos/hummingbird/ Kind regards & datalove AirVPN Staff

@cheapsheep Hello! Can you please test AirVPN Suite 1.3.0? https://airvpn.org/forums/topic/56375-linux-airvpn-suite-130-available/ Kind regards

Hello! We're very glad to inform you that AirVPN Suite version 1.3.0 is now available. This release prepares the road to AirVPN Suite 2, where brand new features are being implemented. 1.3.0 addresses and fixes many regressions inherited from the OpenVPN3 library main branch causing critical errors with various directives and breaking the parser. The Network Lock has been extensively rewritten to solve some minor problems related to nft. Other bugs have been fixed. Please see the changelog for a complete list of changes. The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.3.0 Packages are available both for OpenSSL 3 and OpenSSL 1.1.x (legacy). Pick one according to the version you have in your system. If in doubt, run openssl version command from a terminal to see whether you have 1.x or 3.x version to solve problems specifically related to name resolutions, domain names included in OpenVPN profile "remote" directives are resolved before submitting them to OpenVPN3-AirVPN AirVPN server provided by the client is now properly checked against country's white and black lists Bluetit's run control directive allowuservpnprofiles has been added to let root user control whether external profiles must be allowed or rejected different implementations preparing for WireGuard support planned in version 2 NetFilter class has been re-designed to offer a faster and more robust persistent Network Lock when needed added connection statistics to the system log when raising "event_disconnected" Please check the changelog or detailed information. AirVPN Suite is free and open source software released under GPLv3. Source code is available here: https://gitlab.com/AirVPN/AirVPN-Suite Download page: https://airvpn.org/linux/suite/ User's manual: https://airvpn.org/suite/readme/ Bluetit Developer's reference manual: https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf Some notes: for Raspberry Pi OS 64 bit pick the ARM 64 bit legacy package, because Raspberry Pi OS 64 bit is based on Debian 11 and uses OpenSSL 1.1.x by default. for Raspbian operating system and other 32 bit ARM systems, including Raspberry Pi OS 32 bit, pick the ARM 32 bit legacy package for Ubuntu 22 for Raspberry, pick ARM 64 bit mainline package (not legacy) if you run some i686 Linux let us know. You can still run AirVPN Suite 1.10 but if we have requests we can prepare a package for abandoned systems. Link to AirVPN Suite 1.1.0 for i686: https://eddie.website/repository/AirVPN-Suite/1.1/AirVPN-Suite-i686-1.1.0.tar.gz sha256 checksum: 6454cafc860ccc89da5da933c5bed279b1e1534a750f4423e6937e4fb84779e1 Kind regards & Datalove AirVPN Staff