-
Content Count
11043 -
Joined
... -
Last visited
... -
Days Won
1866
Everything posted by Staff
-
@benfitita Hello! Obviously we don't comment a lot on the lists content, but just in case we remind you that you can de-select it, or you can add the exception for the CDN you mention, thanks to our flexible system. GoodbyeAds lists have been the most requested by our community in the last months, so we made them available. Kind regards
-
qBittorent doesn’t work despite ports being open.
Staff replied to ghost_of_rargb's topic in Troubleshooting and Problems
@ghost_of_rargb Hello! qBittorrent offers an option to bind to a specific network interface in "Preferences" > "Advanced" > "Network interface" combo box. Please make sure that, while your system is connected to the VPN, that box is set to the VPN network interface (tun in Linux, utun in Mac, etc.). Kind regards -
Hello! Please note that starting Saturday, June 24, all new accounts will have the ability to forward remotely a maximum of 5 inbound ports. The decision is intended to extend the time period after which we will run out of ports. The change is not retroactive: all current customers and all accounts created before Saturday, June 24 will have the usual, total ports availability. In addition, we will continue to investigate viable alternatives in anticipation of port exhaustion. Kind regards & datalove AirVPN Staff
-
Possible ways to circumvent censorship caused by port forwarding.
Staff replied to space5's topic in General & Suggestions
@space5 Hello! Various good ideas, but it's probably overkill. In our case, the overwhelming majority of reasons causing the addition of an IP address into black lists is not related in any way to remote port forwarding. Kind regards -
@colorman Hello! The error you get with the mainline version is correct. Unfortunately your distribution is based on a glibc released on February 2020. No worries though, as you can see you can run the legacy version. On the AirVPN Suite user's manual you can find how to use the option which probably you need to modify: Enter it in the Bluetit's run control file which you can edit with any text editor and root privileges, then restart Bluetit. Example to turn it on: allowuservpnprofiles on Kind regards
-
@Matoomba Hello! They couldn't. Your ISP or third party entities can monitor your torrent activity (and other specific activities) while your system is not connected to the VPN or leaking traffic outside the VPN tunnel. "Network Lock" feature, available in all of our free and open source software, prevents any possible leak outside the VPN tunnel, including leaks caused by p2p program mis-configuration and leaks caused by unexpected VPN disconnection, thanks to firewall rules, as you might know from all of our guides, welcome e-mail, answers to FAQ, discussions in the forum etc. To explain what happened, Network Lock must have been disabled, or you did not run our software. Network Lock is effective even in case our software shuts down unexpectedly (for example in the unlikely event when OpenVPN or WireGuard crash). If you don't run our software you can prevent leaks by yourself. Check our guides in the "How-To" forum and consider to bind your torrent software to the VPN virtual network interface. https://airvpn.org/forums/forum/15-how-to/ Besides, please re-check your torrent software settings against the following article, as it looks like you haven't done so according to your message. https://airvpn.org/faq/p2p/ Kind regards
-
Hello! Traffic leaks prevention exists ever since Eddie Windows edition was created. The feature is "Network Lock". Click "Activate Network Lock" button from Eddie's main window before you start a connection. Network Lock will prevent any possible traffic leak outside the VPN tunnel. You may also configure Eddie to start with Network Lock enabled by checking "Activate Network Lock at startup" in "Preferences" > "Protocols" window. Kind regards
-
@alfavpn Hello! This might be relevant or not according to how SoulSeek considers NAT-PMP, which you keep enabled, priority when a specific listening port is also entered. NAT-PMP https://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol might bypass the port you have entered and it could also push the software to bind to the physical network interface. So, even if the program listens both to the NAT-PMP picked port and the manually specified port, the program might end up listening to the physical network interface ports, in place of the virtual network interface ports (assuming that the machine running SoulSeek is also the machine connecting to the VPN). Try to disable NAT-PMP and check whether it makes any difference. Although it's not BitTorrent or eMule, the following guide is useful for some SoulSeek settings too and for a relevant note about the router: https://airvpn.org/faq/p2p/ Kind regards
-
@Maggie144 Hello! Hummingbird's Network Lock is disabled when Eddie runs Hummingbird, because it would conflict with Eddie's Network Lock. Eddie keeps the control both of Network Lock and DNS management when it runs Hummingbird. Since Hummingbird enables its own Network Lock by default, Eddie must tell it explicitly not to do so with the proper option. You can see that Eddie's Network Lock is enabled: ! 2023.06.12 20:34:57 - Activation of Network Lock - macOS - PF while HB's Network Lock is disabled: W 2023.06.12 20:35:13 - Hummingbird > WARNING: Network filter and lock are disabled. Mode setting is ignored Kind regards
-
@Maggie144 Hello! Yes, the mentioned directive can not be accepted by OpenVPN3-AirVPN (except when pushed by the server). To solve the last problem you reported: from Eddie's main window select "Preferences" > "OpenVPN Directives" in the "Custom directives" box add the following line: -ping-exit 32 Please note the "-" sign in front of the line, telling Eddie to delete this directive from its list click "Save" and start a new connection Kind regards
-
@OpenSourcerer Hello! I mean hummingbird. Sure, we meant Hummingbird too. In other words, btcommon.h is needed to verify whether Bluetit is running or not and it is in the "includes", as Hummingbird is part of the Suite. We understand that a separate repository for Hummingbird alone causes this confusion, so we'll give green light to delete it (to be honest, the developer already asked for its deletion repeatedly, time to comply we guess ). Kind regards
-
@OpenSourcerer Great! It looks good... Hummingbird is part of the AirVPN Suite. btcommon.h is needed to verify whether Bluetit is running or not and it is in the "includes" as far as we can see. Kind regards
-
ANSWERED Local ports for forwarded ports are ignored.
Staff replied to space5's topic in Troubleshooting and Problems
Hello! Confirmed. For the readers: the problem is that the system supports hot change (on the fly change) for port deletion, protocol change and port addition. However, the system does not support hot local port change, we're sorry. Quick solution: you will need to disconnect and re-connect when you need to change local port, as long as this feature is unimplemented. Luckily, local port change is, probably, quite a rare occurrence. Kind regards -
@Maggie144 Hello! Hummingbird can not connect over SSH or stunnel at the moment due to an OpenVPN3 bug which has been brought in to OpenVPN3-AirVPN as well. We will be soon working to resolve this bug too. In the meantime, if you need OpenVPN over SSH, please use OpenVPN 2.x series. Thank you, you disclosed the bug. The error OpenSSLContext: SSL_CTX_use_certificate failed: error:0A00018E:SSL routines::ca md too weak is still under investigation. We have not found any SHA1-signed certificate for your account, which would explain the error message by OpenSSL. Also, the fact that Hummingbird alone does not throw the error makes the matter quite puzzling. If, from Eddie's main window, you uncheck "Remember me", log your account out, and log your account in again, does this error persist? Kind regards
-
@OpenSourcerer Hello! Your build fails because the file wireguard.h is not found. Note how it is delimited by double quotes, and not angular brackets, meaning that it is a local inclusion file. You can find it here: https://git.zx2c4.com/wireguard-tools/tree/contrib/embeddable-wg-library Kind regards
-
ANSWERED Local ports for forwarded ports are ignored.
Staff replied to space5's topic in Troubleshooting and Problems
Hello! In this case please open a ticket, we want to check directly from inside a VPN server while your account is connected to verify the "forward rules". Kind regards -
How to get the cryptos to pay with crypto?
Staff replied to vOsgZC7's topic in General & Suggestions
Hello! Our first suggestion is accepting BTC for your service or goods, in the small amount needed to buy an AirVPN plan, or according to your preferences, with your "own wallet" (i.e. you, and no third party entity, have the keys of your coins). Then you can buy an AirVPN plan. Since payments are accepted directly without any intermediary, you will bypass all the useless layers you mention. Kind regards -
ANSWERED Local ports for forwarded ports are ignored.
Staff replied to space5's topic in Troubleshooting and Problems
@space5 Hello! We have checked random ports of random users and the port "re-mapping" (let's call it in this way) works. The proper pre-routing rules for the DNAT are applied. We have checked the port control panel and we could not see any anomalous behavior. Of your forwarded ports, you have chosen not to "re-map" any of them. What happens if you try to do so, by changing the "local port" field on your AirVPN account port panel? Yes, it can. Kind regards -
Hello! DCO must enter a phase where radical changes will not be applied. After that, it must reach a stable release. We will inform you about a new deployment plan which depends on when DCO becomes stable. Check also https://github.com/OpenVPN/ovpn-dco/issues and when the important note on https://github.com/OpenVPN/ovpn-dco is lifted ** NOTE ** ovpn-dco is currently under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time. Kind regards
-
ANSWERED Local ports for forwarded ports are ignored.
Staff replied to space5's topic in Troubleshooting and Problems
@space5 Hello! Everything is fine, your service is reachable on the proper port. You have split port forwarding into two different "devices" (keys) therefore only the ports linked to a specific device will be forwarded when that device is connected. There, your listening program is reachable and replies (just checked). The other port will be forwarded when connections from the other device (key) are established. If you want unconditional port forwarding (classic system) to all devices, just set "All devices" on the "Device" combo box available for each port in your AirVPN account port panel. Please read the answer to the following FAQ: https://airvpn.org/contents/faq_port_forwarding/ Kind regards -
Eddie fails to connect to any server
Staff replied to Venhedish's topic in Troubleshooting and Problems
@Venhedish Hello! Apparently UDP is blocked. Please make sure that no packet filtering tool, either on the router or system, blocks UDP. Also check any QoS (Quality of Service, traffic management) tool on your system, router and network interface device driver (lately some drivers have a QoS tool built-in) and disable it. Last but not least make sure that no antimalware tool blocks OpenVPN traffic. After all of the above, if the problem persists switch to a TCP connection: from Eddie's main window select "Preferences" > "Protocols" uncheck "Automatic" select the line with OpenVPN, protocol TCP, port 443, entry-IP address 3. The line will be highlighted click "Save" and test again connections to various servers Kind regards AirVPN Support Team -
Hello! The following virtual network adapter: is causing a critical error to OpenVPN: To resolve the problem please tell Eddie to use exclusively a virtual network interface created by itself and ignore other "alien" interfaces: from Eddie's main window select Preferences > Networking in the "VPN interface name" field type eddie (or any other very short name you like) click "Save" Switching to WireGuard will also resolve the problem. You can switch to WireGuard and change connection mode in Eddie's Preferences > Protocols window. Besides, Speedify is a VPN: make sure that its software doesn't run while you run Eddie in order to avoid potential conflicts. Kind regards
-
@Maggie144 Hello! So: Eddie 2.22.2 + HB 1.3.0 in TCP or UDP -> failure with "OpenVPN3 CONNECT ERROR: SSL_CA_MD_TOO_WEAK: OpenSSLContext: SSL_CTX_use_certificate failed: error:0A00018E:SSL routines::ca md too weak" HB 1.3.0 in TCP or UDP -> success HB over SSH or stunnel, with or without Eddie -> failure in any case Is the above summary correct? Kind regards
-
Hello and thank you! We do not have an ETA for a *BSD version, we're very sorry. A first preview of AirVPN Suite version 2 is loosely planned for the end of June, but don't take it for granted. Kind regards
-
@Maggie144 Hello! That's fine, Eddie will not run with root privileges programs not owned by root, it's a small security system. Are you trying to connect Hummingbird over SSH? If so, can you try a direct connection (without the SSH additional tunnel)? Can you also run Hummingbird on its own (with a configuration file generated by the Configuration Generator) and check whether you get the following error or not? Kind regards