Staff

Hello! First things first: contrarily to what we stated above, openSUSE 15.4 Leap by default runs OpenSSL 1.1.1l and glibc 2.31. AirVPN Suite 1.2.1 legacy runs successfully (tested). Second, if you installed OpenSSL 3 (it is available only as an experimental package), you don't have to remove it. The AirVPN Suite 1.2.1 legacy version is linked against libssl 1.1 so it will run out of the box if you have that library. If you still experience any issue please make sure that you're running the legacy version and that libssl 1.1 is really available. Feel free to keep us posted. Kind regards

Hello! Note that it was a Configuration Generator bug which has been fixed after you found it. Now the CG correctly compiles the profile interface with a /32 address. Kind regards

@colorman Hello! Thank you for your tests. Unfortunately openSUSE 15.4 offers libssl 3 but an older C library, a combination unsupported by the Suite 1.2.1 RC 1, either legacy or not. If possible install libssl 1.1 and run Suite 1.2.1 RC 1 legacy version. In the meantime we will ponder the issue. Kind regards

@cheapsheep Hello! The authorization access is decided by the AirVPN infrastructure and not by the Suite. Thank you for the head up, we will look into the potential issue you mention. Also keep in mind that when you connect via UDP and your router crashes (or reboots), none of the clients will be able to notify the respective servers that they are leaving the VPN. Therefore, even with OpenVPN, you will experience much longer time for connection slots release (normally a maximum of 2 minutes). This is already implemented and it's the expected networklockpersist (but not networlock!) behavior. Bluetit will not "lift" a persistent network lock if the (re)connection attempt fails, and not even when it is disconnected and waiting for commands. Note how the behavior of networklockpersist is different from that of networklock . Should you notice that network lock firewall rules are unexpectedly no more in place when you suffer an AUTH_FAILED error and netwokrlockpersist is enabled, please report at your earliest convenience. Kind regards

Hello! UPDATE: AirVPN Suite 1.2.1 has been released. https://airvpn.org/forums/topic/55264-linux-airvpn-suite-121-available/ We're very glad to inform you that AirVPN Suite version 1.2.1 Release Candidate 1 is now available. This is a quick fix release. The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.2.1 Packages are available both for OpenSSL 3 and OpenSSL 1.1.x (legacy). Pick one according to the version you have in your system. If in doubt, run openssl version command from a terminal. bluetit.rc new directive forbidquickhomecountry to allow or forbid quick connections to home country servers Goldcrest bluetit-status option now shows the status of network lock and connection update of all support libraries, including OpenVPN-AirVPN bug fix: invalid user key label issue. Now, in case an invalid user key label is provided, the proper error is returned Please check the changelog included, as usual, in the packages for detailed information. Some notes: for Raspberry OS pick the ARM 64 bit legacy package, because Raspberry OS is based on Debian 11 and uses OpenSSL 1.1.x by default. for old Raspbian operating system and other 32 bit ARM systems pick the ARM 32 bit legacy package for Ubuntu 22 for Raspberry, pick ARM 64 bit mainline package (not legacy) if you run some i686 Linux let us know. You can still run AirVPN Suite 1.10 but if we have requests we can prepare a package for abandoned systems. Link to AirVPN Suite 1.1.0 for i686: https://eddie.website/repository/AirVPN-Suite/1.1/AirVPN-Suite-i686-1.1.0.tar.gz sha256 checksum: 6454cafc860ccc89da5da933c5bed279b1e1534a750f4423e6937e4fb84779e1 Thank you very much for your tests and please report any bug, glitch, malfunction etc. in this thread! Packages Please note that the Suite is no more built for i686 systems (32 bit architecture). If you need the Suite for such systems please run 1.1.0 release in the meantime and contact us in this thread or through a ticket. Linux x86-64: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-x86_64-1.2.1.tar.gz $ sha256sum AirVPN-Suite-x86_64-1.2.1-RC-1.tar.gz b0ed16882279376e413c316594d215c230632301a5281f12260b0e765366a251 AirVPN-Suite-x86_64-1.2.1-RC-1.tar.gz *** Linux x86-64 legacy: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz $ sha256sum AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz 172e5a8436ded9a201e11722245bd399d04749d8448eddaf5ae4832de681e37d AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz *** Linux ARM 64 bit: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-aarch64-1.2.1-RC-1.tar.gz $ sha256sum AirVPN-Suite-aarch64-1.2.1-RC-1.tar.gz c1a31310376eb7c58a8c17d3daf7389cf00ca654a19b941b61907ecd17caa159 AirVPN-Suite-aarch64-1.2.1-RC-1.tar.gz *** Linux ARM 64 bit legacy https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-aarch64-legacy-1.2.1-RC-1.tar.gz $ sha256sum AirVPN-Suite-aarch64-legacy-1.2.1-RC-1.tar.gz 18da433c1a073efcabef5cc00f17a6a75abdd4ed9b9efc0e66caa09070bcfac7 AirVPN-Suite-aarch64-legacy-1.2.1-RC-1.tar.gz *** Linux ARM 32 bit legacy: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-armv7l-legacy-1.2.1-RC-1.tar.gz $ sha256sum AirVPN-Suite-armv7l-legacy-1.2.1-RC-1.tar.gz 323d8ef34ae6a53e3e64a39dff1df05eb91ee8f011ab416cb4c2fb5724ce4c4a AirVPN-Suite-armv7l-legacy-1.2.1-RC-1.tar.gz User's manual (1.2.0): https://airvpn.org/suite/readme/ Bluetit developer's reference manual (1.2.0): https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf Kind regards and datalove AirVPN Staff

Hello! Check the following thread and see whether it helps: https://www.reddit.com/r/WireGuard/comments/ejxkm3/wireguard_as_both_client_and_server/ Kind regards

Hello! You describe some actions which do not give birth to a system notification. No system notification implies no sound. If you see an Android notification without a sound in spite of your settings please warn us. Kind regards

Hello! Correct, you will need to side load as Google doesn't want it for Android TV (new investigation on the reasons will start for the nth time very soon).. Amazon Appstore doesn't have such a problem. Download the APK from our web site, enable in your device external installation, and install the APK through any good file manager. Kind regards

@zsam288 Understood now, thanks! Kind regards

Hello! Thanks. Isn't the big central button on the "Quick connection" view already what you want? You can always reach it with a single tap from any app section except "Settings" which requires two taps. Kind regards

Hello! We're very glad and proud to inform you that Eddie Android edition 3.0 has been released, a breakthrough from version 2.5. The new release achieves full compatibility with Android 13 and maintains it down to Android 5.1. Various app sections have been extensively rewritten. Now Eddie Android supports WireGuard with swift integration with AirVPN infrastructure. A dark theme has been added for additional comfort together with new, improved connection logic and management. A sharp WireGuard networking management has been implemented: no more "forever dead wg client" haunting users running the Android WireGuard client in mobility. Profile generation have been improved: external export option has been added, and WireGuard profiles can be generated too according to the user selection. Profile generation now provides for a quick alternative to the web site Configuration Generator. Eddie Android edition is free and open source software released under GPLv3. We invite you to check from independent 3rd parties lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie You can download Eddie Android 3.0 APK directly from our repository: or from the Google Play Store, please see here: https://airvpn.org/android/eddie/ Soon it will be available on the Amazon Appstore too. Source code (and of course changelog) is available in GitLab: https://gitlab.com/AirVPN/EddieAndroid/ Direct link to the changelog: https://gitlab.com/AirVPN/EddieAndroid/-/blob/master/ChangeLog.txt What's new Complete WireGuard support with full integration with AirVPN infrastructure WireGuard networking management to allow quick re-connections even when WireGuard would remain stuck after a failure. No more "forever stuck wg client" haunting users running the Android WireGuard client. Linked against the new OpenVPN-AirVPN 3.8.2 library Dark theme support and option to switch to dark, light or system default theme Improved VPN profile management Full compatibility with Android 5.1 up to 13 Extensive architectural revision and improvements VPN profile export both to internal database and external file or app Get faster support and more easily: send the app log and the device logcat to AirVPN support team with a tap and provide the team with just the link the app will give you back. No more adb or any other external tool and device connection required to generate the logcat. IMPORTANT: due to Google policy the local data encryption cipher has been changed from AES-256-CBC into AES-256-GCM. Therefore, before upgrading, we strongly recommend that you decrypt local data first if you had them encrypted by a Master Password. To do so simply disable the Master Password and then upgrade, so you will not lose your local data (not a big deal, but even so...). (*) (*) We could not even implement a failover AES-CBC recovery because the "smart" (???) automated Google review rejects the app as soon as it sees AES-CBC somewhere for local storage. Main features: The only official AirVPN Android client designed, developed and programmed by AirVPN team Full WireGuard support and integration with AirVPN Linked against "OpenVPN 3.8.2 AirVPN" (free and open source software library by AirVPN) ChaCha20-Poly1305, AES-CBC and AES-GCM support on both OpenVPN Control and Data channel Battery-conscious application Low RAM footprint Ergonomic and friendly interface Ability to start and connect the application at device boot Option to define which apps must have traffic inside or outside the VPN tunnel through white and black list Localization in simplified and traditional Chinese, Danish, English, French, German, Italian, Portuguese, Russian, Spanish, Turkish Full integration with AirVPN Enhanced security thanks to locally stored encrypted data through optional master password Quick one-tap connection and smart, fully automated server selection Smart server selection with custom settings Manual server selection Ability to start and connect during device startup according to a priority list which includes automatic choice, your defined country and your defined AirVPN server Smart attempts to bypass OpenVPN blocks featuring protocol and server fail-over Full Android TV compatibility including D-Pad support. Mouse emulation is not required. Enhancements aimed at increasing accessibility and comfort to visually impaired persons AirVPN servers sorting options Customizable "Default", "Favorite" and "Forbidden" servers and countries OpenVPN mimetype support to import profiles from external applications Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profiles Support for custom bootstrap servers Support for favorite and forbidden countries AirVPN broadcast messages support User's subscription expiration date is shown in login/connection information The app is aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resources Optional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devices Localization override. User can choose the default language and localization from one of the available ones Favorite and forbidden lists can be emptied with a single tap Ability to directly select an AirVPN area (country, continent, planet) to connect to VPN re connection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled) VPN concurrency management Full integration with VPN traffic leaks prevention by system in Android 7 or higher version Full compatibility with Android versions from 5.1 up to 13. User can generate or save an OpenVPN profile for any AirVPN server or country and save it in the internal OpenVPN profile manager or export it On the fly language change allowing to switch language without re-starting application Exclusive optional VPN lock in case the device cannot take advantage of Android's VPN direct management (Android 5 and 6) Server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connection Network name and extra information are shown along with network type Device network status management Fully compatible with Android TV 5.1 and higher versions Complete changelog: https://gitlab.com/AirVPN/EddieAndroid/-/blob/master/ChangeLog.txt Kind regards & datalove AirVPN Staff

Hello! We're sorry to hear that, but we see that the support team sent you two courtesy e-mail and two replies on the ticket. Maybe you don't receive our e-mail and you don't consult your ticket in the website account panel... anyway, we paste here the reply by the support: Kind regards

Hello! Yes, you can test AirVPN Suite 1.2.1 RC1 linked against libssl 3 right now. It's a quick fix release, while all the major new options will be implemented in the next version, whose development started. You can download Release Candidate 1 for x86-64 at the moment, The internal beta testing ended successfully and any known bug has been fixed. Inside the tarball you also find the changelog. As soon as all the other packages (for ARM) are ready, we will announce everything on a new thread, but feel free to start using it right now of course. Find the changelog inside the tarball. Download link: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-x86_64-1.2.1-RC-1.tar.gz Checksum to verify: # sha256sum AirVPN-Suite-x86_64-1.2.1-RC-1.tar.gz d50682222c6f3294de2eacdb833966c91c9d27fb931e043f0d063a19c1d1a7e4 AirVPN-Suite-x86_64-1.2.1-RC-1.tar.g If you need the legacy version (linked against libssl 1.1) the download link is: https://eddie.website/repository/AirVPN-Suite/1.2.1-RC1/AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz # sha256sum AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz a1aa78c2508bbd8fe3e1a5d02d475d32d48e40a35adf59a6535d15c93af7efcc AirVPN-Suite-x86_64-legacy-1.2.1-RC-1.tar.gz Kind regards

To moderators: please don't unlock. Account korgen subjected to pre-moderation for abusive behavior (obscene language, flames, insults) in order to protect community forum composure.

@korgen Hello! 1. Access to Primevideo occurs on an account identity basis tied to home country (the country the customer declares to live in, even temporarily). It can be changed in the "Preferences" of Primevideo accounts. Countries of access and residence must match. It is not duty of AirVPN staff member in a community forum courtesy reply to know and/or teach you how to use a third party service. 2. Eddie Android edition is not restricted to AirVPN. It is free and open source software which can be configured to connect to any other VPN supporting WireGuard or OpenVPN. Thanks to its flexibility, it can be run even with smart DNS services during a VPN connection. 3. The answer by a staff member you mention in the thread you link in your post clearly focuses exclusively on the compatibility of our software with various devices you mentioned. It does not claim anything else. We have now locked both threads and hard copied them in order to preserve them because the relevant staff member and AirVPN might decide to sue you if you insist with your insults. Any other reader can decide by him/herself who lacks good faith here. Regards

Hello! The bug was addressed 5-6 weeks ago in Eddie 2.22.2. Please test and report back in the thread at your convenience: https://airvpn.org/forums/topic/50561-eddie-desktop-edition-2216-released/?do=findComment&comment=203120 [bugfix] [linux/macos] Race condition in ping-request (thx to @cmaves) Kind regards

Hello! We have no plans to operate VPN servers in France (and in Italy) for the mandatory data retention framework still enforced in disdain of three different legally binding decisions of the CJEU (see below). France is in breach and Italy is too, but the Commission hesitates to open infraction procedures. Since the decisions pertain to the the preservation of a fundamental human right enshrined in the EU Charter of Fundamental Rights and in the European Convention on Human Rights, it does not seem inappropriate to consider that both France and Italy are committing one of the worst breaches a EU Member State can be guilty of. We might challenge with a casus belli the (il)legal framework in France, but we are already committed in other EU countries and we can't open potentially multiple legal battle fronts. The Court of Justice declares the Data Retention Directive to be invalid https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-04/cp140054en.pdf The Members States may not impose a general obligation to retain data on providers of electronic communications services https://curia.europa.eu/jcms/upload/docs/application/pdf/2016-12/cp160145en.pdf The Court of Justice confirms that EU law precludes national legislation requiring a provider of electronic communications services to carry out the general and indiscriminate transmission or retention of traffic data and location data for the purpose of combating crime in general or of safeguarding national security https://curia.europa.eu/jcms/upload/docs/application/pdf/2020-10/cp200123en.pdf Kind regards

@postergus Hello! Yes, reconnect is not bugged in the Suite, but the OpenVPN3-AirVPN library may mess up in the conditions of network down and up while a connection is ongoing. Same thing happens with OpenVPN 2.x, we see. Now we understand why you chose to shut down the daemon completely. Preferably disconnect first with "goldcrest --disconnect" and then send some goldcrest connect command: as far as we can see this procedure resolves the problem - and you will always have network lock enabled. Define your goldcrest.rc run control file to avoid keyboard interaction with Goldcrest: https://airvpn.org/suite/readme/#goldcrest-configuration goldcrest.rc directives and options will be overridden by bluetit.rc system directives (in general, those directives which are not air string prefixed). If Goldcrest options or directives conflict with bluetit.rc non-air prefixed directives, Bluetit ones are enforced. For example if you tell Goldcrest to disable Network Lock when networklockpersist on is declared in bluetit.rc, Goldcrest will send the command to Bluetit, but the daemon will refuse to comply. The logic is that all users, according to root decisions, in airvpn group have privileges to change network and settings, except those system settings which must be exclusive competence of root. You must specify in goldcrest.rc all the relevant for you connection related options (username and password for example are mandatory). Kind regards

@grammarye Hello! Thanks for the thorough report. The first failure is expected. By default, Bluetit refuses to connect to the same country you declare you are in (the old "golden rule") in "quick" mode. We will implement in the next Suite version an option (which is currently missing) to force Bluetit to accept "quick" connections from a country to the same country. In the meantime you can have a quick but dirty circumvention by setting a fake country (other than GB) in "country". directive Given that you have a precise white list, in this specific case the solution is fine. The second behavior (successful connection) contradicts the above logic pertaining to the "golden rule", and it might be considered a bug. We will review the whole logic in a future quick fix release and we will see whether it's more rigorous this last behavior or a different one. However, please note that Eddie complies with the white list: when you white list both servers and countries, Bluetit (just like Eddie Android edition does) computes the union of all the sets you specified in order to build the final white list. This is logically correct in the design, in our opinion, because the logical operation to perform on multiple white sets is their union, not their intersection. Kind regards

Hello! The critical error is here: 2022-11-22T10:51:11 Warning openvpn Cannot load private key file /var/etc/openvpn/client1.key Please make sure that the file exists, that it can be accessed by openvpn (check ownership and permissions) and that it's indeed your AirVPN client key. In the Configuration Generator. if you have split the configuration from certificates and keys, the client key is user.key As far as we see from the screenshots, you will also have to delete your username and password from the OpenVPN configuration panel, since Air VPN servers don't authenticate clients via username and password. Kind regards

@postergus Hello! The log shows that when the session network lock is disabled the persistent network lock is always enabled. When you shut down Bluetit, the persistent network lock is disabled as expected and intended. That's why we suggested as best solution that you do NOT shut down Bluetit. In your case, that's not only unnecessary, but even against what you want, we guess. Consider to manage Bluetit through Goldcrest for a proper usage for and a solution to your case. Please see also our previous message. Kind regards

Hello! The problem might be caused by Eddie, as you're running a very old version. We suggest that before you try anything else you upgrade to the latest stable release. You can download Eddie for macOS in the usual, dedicated download page here: https://airvpn.org/macos If you still experience any issue after you have completed the upgrade please do not hesitate to open a ticket to allow our support personnel to provide you with proper assistance. Kind regards

Hello! The "sleep 1" is unnecessary, you can delete it, as systemctl is synchronous. You can also order a restart to save time. Anyway you will still have a fraction of a second during which the ordinary, previous firewall rules are restored and Network Lock rules are not in place. At a first sight we see two alternative, possible solutions: don't stop Bluetit but interact with it through Goldcrest. Apparently there's no reason whatsoever to restart Bluetit in your case: Bluetit re-reads network configuration at each session start, as you may notice from the log. You can have a goldcrest.rc runfile too, therefore you can configure Goldcrest to avoid any keyboard interaction. Make sure you have networklockpersist enabled in /etc/airvpn/bluetit.rc, so that the Network Lock rules will remain in place while Bluetit is not connected keep blocking firewall rules in your system so no traffic will flow when Bluetit is not running: when Bluetit exits, it restores the blocking firewall rules. When it runs with networklockpersist, it enforces Network Lock. This second solution maintains the conceptual error to perform an unnecessary operation (restarting Bluetit) and requires total block rules by system default. Kind regards

Hello! We're very glad to inform you that the Black Friday week has started earlier this year in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership and it was never sold out to data harvesting or malware specialized companies as it regrettably happened to most competitors. Since 2010 AirVPN has been faithful to its mission. AirVPN does not inspect and/or log client traffic, and offers: five simultaneous connections per account WireGuard support on all servers flexible and customizable opt-in block lists protecting you from adware, trackers, spam and other malicious sources. You can customize answers or exceptions globally, at account level or even at single device level. powerful API IPv6 full support comfortable access to your client certificates and keys management AES-GCM and ChaCha20 OpenVPN ciphers on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard internal DNS. Each server runs its own DNS server. DNS over HTTPS and DNS over TLS are also supported. AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 158 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Kind regards & datalove AirVPN Staff

@Yammy75 Hello! "Better" or "resolved"? If not resolved, please do not hesitate to describe the behavior in detail. Kind regards