Staff

@dshbfjdsaauj Hello! Something is not working properly, can we see Eddie's system report generated while the system is connected to the VPN? https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-–-heres-what-to-do/ Kind regards

Hello! Try to see how Gluetun can know and reach your local DNS. Also check the following thread: https://airvpn.org/forums/topic/56915-very-rarely-getting-rogue-dns-servers-when-checking-for-dns-leaks/?tab=comments#comment-227164 You might also like to contact Gluetun community and support. Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Chicago, IL (USA) is available: Praecipua. The AirVPN client will show automatically the new server. If you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts OpenVPN connections on ports 53, 80, 443, 1194, 2018 UDP and TCP, and WireGuard connections on ports 1637, 47107 and 51820. Just like every other Air server, Praecipua supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Praecipua Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Miami, FL (USA) is available: Minelauva. The AirVPN client will show automatically the new server. If you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts OpenVPN connections on ports 53, 80, 443, 1194, 2018 UDP and TCP, and WireGuard connections on ports 1637, 47107 and 51820. Just like every other Air server, Minelauva supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Minelauva Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

@Koalaman Hello! Very well! Now you can perform an additional, slight fine tuning, by modifying little by little (e.g. 5 bytes steps) the MTU size and checking for each value. Kind regards

Hello! For the readers: the problem was caused by OpenVPN 2.5 configuration files used on OpenVPN 2.3. Remember that OpenVPN 2.5 profiles broke backward compatibility with the addition of new directives and other modifications. If you need a file for OpenVPN 2.3 and 2.4 you must tell the Configuration Generator to generate a profile for OpenVPN 2.4 by setting "OpenVPN Type" comb box to the proper version. In case of OpenVPN 2.3 you must also take care to connect to entry-IP address 1 (ONE) because OpenVPN 2.3 supports only tls-auth, which is NOT offered on entry-IP addresses 3 and 4. If you have the chance to do so, anyway, please consider to drop obsolete OpenVPN versions and upgrade. Kind regards

Hello! Correct, we can't know it. @Rodent The problem would perhaps arise only if the client is still connected and it was constantly and still is the only one connected to a VPN server (which is nearly impossible). Kind regards

Hello! Probably no mistakes, it's just that your listening program listens to IPv4 address and not IPv6. Some programs do so by default, some programs can be configured to listen either to v4 or v6 IP addresses. Listening to IPv4 is normally preferred because most services and nodes still stick to IPv4, and those which use IPv6 can use IPv4 too, while some don't support IPv6 at all. Kind regards

Hello! If we understand the problem correctly, it's because WireGuard tries to tunnel the whole IP address space, including the private subnets, in your current configuration (see line "AllowedIPs"). The following message explains the matter more thoroughly and shows how to solve it: https://airvpn.org/forums/topic/55801-wireguard-access-local-network/?do=findComment&comment=217458 Kind regards

Hello! Please move here: https://airvpn.org/forums/topic/56980-japan-and-singapore-servers-mostly-blocked-by-reddit/?do=findComment&comment=227674 Kind regards

Hello! Please click "Contact us" button while your account is logged in to the web site, or write to support@airvpn.org (specify your username in this latter case). Kind regards

@p9974839 Google Search should never be used, but if you really want it, why not just use https://startpage.com ? Kind regards

Hello! Please set a small MTU size as a first test. Try for example 1320 bytes. To do so add the following line in the WireGuard configuration [Interface] section: MTU = 1320 Also make sure that uTP is disabled in the torrent program settings, as it will shape traffic, and check your torrent program settings against the following guide: https://airvpn.org/faq/p2p/ Connection and torrent program must both be re-started in order to apply the changes. If the problem persists please try a direct connection from another device, just to rule out that the bottleneck is in the pfSense box and to make a comparison. Do you see packet errors in the OpenVPN log, when connected over UDP? Last but not least, please remember to open a ticket (if you haven't already done so) for AirVPN support (here you will get community support, so you might like to get both professional and community support). Kind regards

@mazenahmed Hello! We see two problems. Please find first problem explanation and quick solution here: https://airvpn.org/forums/topic/56657-cant-connect-to-anything/?do=findComment&comment=225418 The 2nd problem might be a direct consequence of the first, let's see whether it gets resolved simply by fixing the DCO issue. If the 2nd problem persists please send again a system report (created with the new settings). Kind regards

@Miracles Hello! Watch out, the mentioned data are not stored in the VPN system, but they are stored in PayPal servers and can be accessed by the account holders while entering the account. In this way it's still possible to verify through the transaction ID and deliver a refund, for example. Account holders can not delete such data and PayPal must preserve them for several years according to the legal frameworks concerning banks, payment processors, financial entities in general, anti money-laundering rules, of the countries PayPal operates in. With that said, we confirm that it's impossible, even for the data processor, to correlate any account with any VPN usage, not even with which server the account has been used for connections and we also confirm the validity of the ToS and the Privacy Notice. Kind regards

Hello! We inform you that due to datacenter needs, Aquila VPN server (Fremont, California) has been assigned new IP addresses. If you use Aquila-specific configuration files please re-generate them. If you run Eddie (any edition), no specific action is required, Eddie will update data automatically. Kind regards AirVPN Staff

Hello! This forum is specifically dedicated to reviews of AirVPN, please browse the various threads. Kind regards

Hello! We don't deem those tests reliable at all. Why are they performed against servers in Malaysia (Kuala Lumpur and Puchong)? That's a questionable choice for our servers in New Zealand, Japan and Singapore. Try with comparison servers and VPN servers in the same country. The only correct choice was Sydney when you were not connected to the VPN. Trying OpenVPN makes sense in case WireGuard and/or UDP are shaped. In this latter case please make sure to test OpenVPN over TCP. Kind regards

@ScanFarer Hello! Your analysis is correct. The maximum amount of bandwidth this month which Haedus could give was 7 Gbit/s: One of the main reasons is that the load on the CPU increases more than linearly as the number of OpenVPN connected clients increases. Other reasons include routing, since the maximum throughput one can get is the maximum throughput that the slowest hop in the route can provide. While more and more users switch to WireGuard, the servers will be able to deliver more bandwidth, because WireGuard scales excellently. Consider that each OpenVPN process runs in a single thread of a single core (when OpenVPN's DCO is stable things will change), forcing us to run multiple processes, while we only need to run one WireGuard process which distributes load evenly on all cores. Furthermore, WireGuard doesn't copy data from kernel to userspace and vice-versa, while OpenVPN does (again, OpenVPN's DCO running in the kernel space will do the same). Actually, Haedus can provide almost 4 Gbit/s (8 Gbit/s on the server, in practice) when the connection is performed by a single client. Increasing MTU size might also improve performance further, only provided that there's room in the frames. From Android devices, almost everyone runs WireGuard, because Eddie Android edition is set to WireGuard by default. From desktop devices, Eddie's default is OpenVPN at the moment, so many users start with that default setting and stick to it. What to offer by default is a matter of analysis on desktop systems: WireGuard poses privacy issues and can be easily blocked, while OpenVPN is definitely and sometimes significantly slower even on most AES-NI supporting devices but offers dynamic address assignment and the invaluable abilities to connect over stunnel, SSH, SOCKS proxies, Tor (working in TCP). Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Tokyo (JP) is available: Ainalrami. The AirVPN client will show automatically the new server. If you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts OpenVPN connections on ports 53, 80, 443, 1194, 2018 UDP and TCP, and WireGuard connections on ports 1637, 47107 and 51820. Just like every other Air server, Ainalrami supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Ainalrami Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! Both conditions are not expected. Now that the previous problem is resolved at least in download (yes, the upload seems even worse now, puzzling!), try to enlarge at small steps the MTU size. Start with 1340 bytes. If the performance improves, keep going up at small steps of 20 bytes maximum (1360, 1380...). As soon as performance decreases, go back to the previous step for optimum performance. Another factor to consider is packet errors caused by the physical layer, if the device is connected via WiFi. Unfortunately WireGuard's puny log does not help in this case, so try anyway to change channel and get a stronger WiFi signal (ignore if the Pi is already connected via Ethernet): https://www.metageek.com/training/resources/why-channels-1-6-11/ How is the upload band measured? Kind regards

Hello! Thank you for your suggestion. In the meantime you can reliably install the APK that you can download from our official repository, for maximum safety. We are the first to recommend NOT to download any APK from unknown sources of course. Kind regards

Hello! We do not detect any malfunction in remote port forwarding system, which has been thoroughly tested in the last 13 years after all, so please open a ticket at your earliest convenience. You will be asked for more information. The current description does not allow a proper assistance, unfortunately. Side note: our port test is performed only over TCP. Kind regards

Hello! This looks like a relatively new Reddit policy, not specifically aimed at VPN, but at any IP address not assigned to residential ISPs. In this case access is granted but only after you have logged in. Just tested from all Japan servers, including Taphao, and we could access. After the login all Reddit is accessible, as far as we see. To maintain a robust anonymity layer in Reddit you need an anonymous e-mail address created with the protection of AirVPN and/or Tor, of course. Follow the instructions you have published in your screenshots to login (the login page does not block access from Tor or VPN or datacenters). Two years ago Reddit started to prevent users to post more than a comment every 10 minutes if the connection came from a datacenter IP address ("if you are accessing from an hosting provider" hints to any non-residential IP address). The behavior you report seems quite new and we confirm that it happens even from dedicated servers completely unrelated from our VPN activities. However the system is still coughing because, on the other hand, as @mazurka7 correctly wrote, some VPN servers are not subjected to this filter. Kind regards

@benfitita Hello! You might check what happens with WireGuard when you have multiple addresses for a single host in the hosts file. gethostbyname or getaddrinfo will return all the addresses, same identical effect as multiple A records in DNS for a qualified domain name. So if you think that DNS resolution can be good for this use case, then you don't need DNS and FQDN, but you can just edit the hosts file. It remains to be seen which address WireGuard picks when the resolution returns an array or a linked list of addresses. Kind regards