Staff

@Pi77Bull Hello! The first start seems OK (the warning by systemd about a missing PID file is fine). Since Bluetit does not enable Network Lock and does not connect maybe the /etc/bluetit.rc /etc/airvpn/bluetit.rc file does not include the correct settings... can we see it? Checking this file may also shed some light on the critical error "Destination address required". Kind regards

Hello! A possible explanation is that this Merlin WRT edition does not support IPv6 over IPv4. We saw this problem in some DD-WRT firmware too in past years. If nothing can be done you may perhaps consider to disable IPv6 on the router. Excellent! The captchas can appear when the connection comes from VPN servers, Tor exit nodes and proxies, yes. It's a standard Cloudflare feature aimed at protection (as it happens not infrequently, connections from datacenters are considered more risky than connections from residential lines), and we're not sure whether the web site owners behind Cloudflare can disable it or not. Kind regards

@Pi77Bull Hello! Since your Linux system is based on systemd you can consider to automate the procedure with a script which systemd executes when the system wakes up. systemd looks for your scripts in /usr/lib/systemd/system-sleep when the system is suspended and un-suspended (to be verified when it resumes from a full hibernation and not from a suspension, though). A tested example in Ubuntu and Debian which works with sleep/wake-up (suspend/resume) and should work in any systemd based system: Just before the system is suspended, goldcrest orders Bluetit to disconnect. When the system is un-suspended Bluetit is re-started (so it connects since you have activated the connection at boot option in bluetit.rc). Networking is not made available until all scripts in the /usr/lib/systemd/system-sleep directory finish executing, therefore you should not have traffic leaks, provided that Bluetit is configured with networlockpersist on. Kind regards

Hello! Of course... In this case you could consider a future router with WireGuard and/or OpenVPN client support, such as AsusWRT routers and routers which can be flashed with Tomato, DD-WRT, MerlinWRT etc. firmware. Kind regards

@choonietookie Hello! We have moved your message into this thread because the problem is related to the "ZeroTier" interface for both of you. The interface is apparently causing troubles to Eddie. We'll investigate. In the meantime @firefox4dawin you can disable the interface to solve the problem, as reported by choonietookie. Can you please verify (you both) whether the same problem occurs with Eddie 2.24.x (with the ZeroTier interface enabled)? Please see here to download it. https://airvpn.org/forums/topic/57401-eddie-desktop-224-beta-released/ Kind regards

@Killaconor Hello! Your router user's manual describes VPN configuration in chapter 9. https://www.manua.ls/netgear/nighthawk-cax30/manual?p=5 As far as we can see, unfortunately the router can run OpenVPN in server mode but can not be a VPN client sharing the VPN traffic with the connected devices, which is the solution you need. You can anyway connect up to 5 devices simultaneously to AirVPN servers with your account. Kind regards P.S. We also checked whether it's possible to flash DD-WRT or some other firmware, but it is not possible with this router according to the community, we're sorry.

@Antoine_b Hello! The Surfshark network adapter is causing a critical error. Please see here for an immediate solution: https://airvpn.org/forums/topic/56643-stuck-in-a-broken-route-never-connects/?do=findComment&comment=225323 Kind regards

Hello! Please check carefully https://airvpn.org/faq/port_forwarding/ : "Network Lock" will anyway protect your from this possible configuration error by preventing any traffic leak outside the VPN tunnel. For specific problems with Plex please move to the following thread: https://airvpn.org/forums/topic/57512-make-plex-server-available-externally-forever/ All the users in that thread solved any problem although it's unclear how they solved the issues, so we also recommend that you contact Plex support or community. Kind regards

@kneelb4z0d Hello! Please move to this thread (which may also help): https://airvpn.org/forums/topic/57512-make-plex-server-available-externally-forever/ Kind regards

Hello! If you run Eddie Desktop edition you can pick a specific server from the "Servers" window, or you can let Eddie pick a server automatically. If you run Eddie Android edition you can pick a specific server on the "AIRVPN SERVER" view, or you can let Eddie pick a server automatically. If you run Goldcrest and Bluetit, you can pick a server through the proper option air-server in Goldcrest or airserver Bluetit run control file. If you run a program which reads a configuration file, for example the official WireGuard or OpenVPN software, you can generate as many configuration files as you wish from the Configuration Generator available in your AirVPN account Client Area. Generate configuration files according to your needs. The guide to getting started is available here: https://airvpn.org/forums/topic/18339-guide-to-getting-started-links-for-advanced-users/ Answers to frequently asked questions are available here: https://airvpn.org/faqs/ Kind regards

Hello! The latency tests have been improved remarkably in Eddie 2.24, please feel free to test it and report back. Since Eddie 2.24 is in public beta testing, now it's a good time to report any anomaly you find, if you haven't already done so. Eddie 2.21.x is also affected by a bug which may render the latency tests slow or even stuck for a race condition. This bug is fixed in later versions. Kind regards

@kneelb4z0d Hello! You need inbound remote port forwarding, please start from here: https://airvpn.org/faq/port_forwarding/ You may also consider to use AirVPN DDNS (included in every subscription) for more comfort, please see here: https://airvpn.org/faq/ddns/ Kind regards

@Stack of computer parts Hello! You can define a white list of servers, so that Eddie will consider only servers in the white list. You may also consider to disable latency tests when you have determined the best servers for your node. Kind regards

Hello! A possible cause is related to MTU. Please try to import a WireGuard configuration file with the following directive in the [Interface] section: MTU = 1280 The Configuration Generator already adds an "MTU = 1320" line, but maybe this value is too large for your network. You can edit the file with any text editor. Kind regards

@lowdrag Hello! It is an expected behavior when the system is connected to the VPN. The logic behind this is that computing round trip times from a VPN server would be detrimental for a correct server choice. However, if the system is disconnected from the VPN then this is an unexpected behavior: please test Eddie 2.24.x and check whether the same issue persists or not. Kind regards

Hello! The Kaspersky VPN adapter is causing a critical error. Please see here for a very quick solution: https://airvpn.org/forums/topic/56643-stuck-in-a-broken-route-never-connects/?do=findComment&comment=225323 Kind regards

@KingBletsoe Hello! A preliminary checklist: please make sure that the listening program is really running and listening to the correct port, and that it is started only after the VPN connection has been established if a bind option is available in the listening program settings please make sure that the program binds to the VPN interface and not to the physical network interface please make sure that no firewall rule blocks incoming packets to the listening program. You need to check while the system is connected to the VPN as some firewall tools change rule set according to the network type the system is connected to Kind regards

Hello! Please see here: https://airvpn.org/forums/topic/57025-dns-leak-when-wireguard-configuration-in-gluetun-with-qbittorrent-truenas-scale/?do=findComment&comment=227861 Kind regards

@555VPN Hello! The ca.crt expires in 2121. You can use the Configuration Generator to download and import any certificate. Your user.crt expires in 2033. Maybe you're watching some old certificate. Kind regards

Hello! It can mean that the port is "disabled", although the linked device is connected to some VPN server. The new switch "Enable" (on/off), available on each forwarded port in the AirVPN account panel, has been added recently and offers more flexibility. If you get "No ports open", instead, it means that the device linked to the port is not connected to any VPN server. Kind regards

Hello! Normally the changes are applied in a matter of minutes and they do not require re-connections, the forward rules are "hot swapped". However, your description hints at an undue delay, we will investigate. In order to speed up the change, if a similar problem re-surfaces, please disconnect and re-connect your system to the VPN server(s). Provided that your forwarded port(s) are enabled for all the "devices" of your account, that the forward rules are applied for all the various VPN interfaces, and that you know which exit-IP address your service is reachable on, the multi VPN configuration is not a problem. If you find that port forwarding works with a "single VPN" configuration, but stops working with a multi-VPN setup, you need to check the above again. No, this is not a cause for concern. Just keep in mind that without VPN DNS you can't use the AirVPN DNS based blocking system and the geo-routing system. Kind regards

We see you managed to solve the problem, welcome back! Kind regards

Hello! Excellent. The Configuration Generator puts the following directive in the wg .conf file: MTU = 1320 while Eddie 2.21.8 doesn't (Eddie 2.23 and higher versions do). It's possible that 1320 bytes is a better MTU for your network. You can now tweak this value in small increments (e.g. 1330, 1340...) to find the optimum MTU for performance. Each time you edit the wg.conf file (using any text editor), remember to stop and restart WireGuard for the change to take effect. Kind regards

Hello! Very glad to know it. Eddie 2.23 and older versions "Automatic" mode is OpenVPN in UDP, always. Eddie 2.24 and newer versions select what the manifest tells (currently WireGuard). WireGuard offers higher performance and efficiency, and a few privacy issues which are mitigated in our system. Please see here for an overview: https://airvpn.org/faq/wireguard/ Kind regards

@FriedTofu527 Hello and welcome aboard! Yes, as you can also see from the top users "speed" 700 Mbit/s is not unusual in AirVPN, but mainly with WireGuard and not OpenVPN. The best performance so far obtained in the infrastructure is around 1.1 Gbit/s on ideal conditions (no traffic shaping by ISP, good peering, at least 2.2 Gbit/s free on the server), with WireGuard and its interface MTU varying from 1320 to 1420 bytes. Perhaps you are comparing WireGuard with OpenVPN. Please switch to WireGuard to make a comparison on a level playing field. We share a lot of common providers and similar hardware, but not all, so please make sure that you test various servers in various locations in order to maximize the likelihood of good peering between your ISP transit provider and ours. For a more specific support please specify your Operating System name and version. If you run Eddie Desktop edition you can switch to WireGuard in the following way: from Eddie's main window select "Preferences" > "Protocols" uncheck "Automatic" select a line with WireGuard, for example WireGuard port 51820. The line will be highlighted click "Save" and restart the connection to apply the change Unfortunately Eddie 2.21.8 does not support MTU change for WireGuard, while this parameter is frequently crucial. If you don't get satisfactory performance you can try different MTU sizes with Eddie 2.24.x. Please see here to download it: https://airvpn.org/forums/topic/57401-eddie-desktop-224-beta-released/ With Eddie 2.24.x you can change MTU in the Preferences > WireGuard window. Kind regards