Staff

@OpenSourcerer
@WowSuchSpeed

Hello!

The decision to block ASNs, CDN, in general IP addresses or ranges of IP addresses is (was?) up to the web site operators, through the Cloudflare firewall control panel, where you can "whitelist", "blacklist" or "challenge" whatever you like (even the entire IPv4 and IPv6 spaces, if you wish so ). Why are you discussing as if it were a Cloudflare's decision? Did something change recently and now Cloudflare blocks ASNs or anyway address ranges with no chance for the web site operators to unblock them?

Kind regards
 

Hello!
 

We're very glad to announce a special promotion on our long term Premium plans for the end of Summer or Winter, according to the hemisphere you live in.

 

You can get prices as low as 2.06 €/month with a three years plan, which is a 70% discount when compared to monthly plan price of 7 €.

 

If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day.

Please check plans special prices on https://airvpn.org and https://airvpn.org/buy

All reported discounts are computed against the 7 EUR/month plan. Promotion expires on 2025-03-30 UTC.

Kind regards & datalove
AirVPN Staff

@Valm_Valeria

Hello!
 

20 hours ago, Valm_Valeria said:

On the Configuration Generator I select "Linux", "advanced" , "separate keys", I select an alternative port usually for both openvpn or wireguard, with 3 ip entries and I select a single server.

What are the servers you selected? From various tests we do not get any problem. However, this step could be crucial:
 

20 hours ago, Valm_Valeria said:

I copy them all in the system wireguard folder (the configuration and the 3 provided keys).

This is unclear. In WireGuard the keys are always embedded in the configuration file. Just rename the configuration file you downloaded with a short name and enter the following command (with root privileges):

wg-quick up "path and name of the WireGuard configuration file here"

Do you get any error with the above command?

Kind regards
 

6 hours ago, shades228 said:

Well it appears that the issue is the gluetun servers.json is not getting the current list of airvpn servers.

Hello!

The file is relatively up to date and should suit your needs:
https://raw.githubusercontent.com/qdm12/gluetun/refs/heads/master/internal/storage/servers.json

Unfortunately it's all "hard coded" so the file must be edited manually for any update or you need to wait for a new release. For additional details please contact GlueTun author and/or community.

Kind regards
 

14 hours ago, Valm_Valeria said:

Anyone experienced such difficulties or has successfully set airvpn on clients?

Hello!

FreeBSD 14.2 is routinely used every day by AirVPN founders and this problem has not been experienced so far. Let's troubleshoot with pre-agreed exact configuration files. Please tell us the exact settings you enter on the Configuration Generator to reproduce the problem with WireGuard as well as OpenVPN. Also, please check all the ipfw rules (if in doubt, please publish them).

Thank you for your great feedback!

Kind regards
 

2 hours ago, shades228 said:

I'm using glueten and it won't connect to phoenix or LA. I've tried both wireguard and openvpn.

Hello!

Please check the proper environment variables to have GlueTun connect to the server(s) you wish, then gather the log of a connection failure. Compare it with the log of a connection attempted from the host (no containers) to understand whether the problem is GlueTun specific or your machine/network generic. If in doubt publish both logs and make sure you have read the whole GlueTun documentation. If you need support directly from AirVPN support team do not hesitate to open a ticket.

Kind regards
 

1 hour ago, rohko said:

Eddie seems to be missing one crucial rule in its IPv6 network lock. In the OUTPUT chain, there should be the same entry as in the INPUT chain: 

Hello!

Thank you. Eddie adds the 4 rules you mention only on INPUT chain when you disable Allow ping option. But, if Preferences > NetLock > Allow Ping is enabled (default setting), Eddie adds more general accept rules:

add rule ip6 filter INPUT meta l4proto ipv6-icmp counter accept
add rule ip6 filter OUTPUT meta l4proto ipv6-icmp counter accept

So, it ought to work by default.
Of course any feedback about best rules is welcome.

In general, we need rules applied always, and rules applied only if users want ICMP and ICMPv6 enabled (option above, checked by default)

Can you please enable (tick) "Allow ping" (which will actually allow ICMP and ICMPv6) on Eddie's Preferences > Network Lock window and test again?

Kind regards
 

13 hours ago, John Gow said:

stranger things have happened.

Don't forget the aliens who made a mess with genetic engineering to push hominids to mine gold according to Anunnaki (our educator monk mis-spelled it) legends. 

Kind regards
 

1 hour ago, senkoin said:

I could really use some help.

Hello!

Please avoid screenshots whenever possible. Can you please send us the complete Bluetit log taken after the problem has occurred? You can extract it with:

sudo journalctl | grep bluetit > bluetit.log

Then send us the created bluetit.log file.

If possible, please test also with AirVPN Suite 2.0.0 preview and check whether the problem persists or not:
https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available/

Kind regards
 

8 hours ago, EazyBreezy said:

Doesn't connect on Plex or https://canyouseeme.org/

Hello!

That's expected, youcanseeme.org will always fail with ports on pool 2. To understand why:
https://airvpn.org/forums/topic/63545-new-remote-port-forwarding-system-expansion-with-pools/

Please make sure that Plex binds to the VPN interface and that you test directly to the proper IP address that you can determine on your AirVPN account port panel only.

If in doubt please test only through the port tester available on your AirVPN account port panel which will always pick the correct IP address. Also, please forward UDP too, currently you're forwarding only TCP but Plex will use UDP too for specific tasks.

Kind regards
 

21 hours ago, yermaw said:

here's the report log from my mac: https://eddie.website/report/fa5a4936/

 
Hello!

Please re-post the log if the problem persists, you have deleted it.

Kind regards
 

Additional article which resolved any problem for a couple of customers:
https://community.ui.com/questions/Port-Forwarding-from-VPN-Interface/7099072b-d3d6-46a6-a3f7-e403f6c00849#answer/17f3676b-c144-4beb-a1e7-9313716945c9

Kind regards
 

@sw1234

Hello!

Too bad that the system report has been cut. Why did you cut a vast portion of the report pertaining to network interfaces and routing? If you did not cut anything please warn us, otherwise consider to send us an integral system report if the following suggestions do not resolve the new problem. EDIT: never mind, we can see them from your previous system report.

Even the 2nd problem is now solved. The new (and hopefully last... ) problem is that Eddie route check fails, in spite of the successful connection claimed by OpenVPN. If you switch to WireGuard (you can do it in "Preferences" > "Protocols" window) does the problem persist? If so please make sure that no antimalware or packet filtering tool blocks UDP (including tools like Malwarebytes, Little Snitch, any third party antivirus...).

If you find nothing blocking, or anyway the problem persists after you have disabled any possible interfering software, let's  discern first whether the route check failure is a false positive by Eddie:

• from Eddie's main window select "Preferences" > "Advanced"
• uncheck "Check if the VPN tunnel works"
• click "Save"
• from Eddie's main window select "Preferences" > "DNS"
• uncheck "Check Air VPN DNS"
• click "Save"
• from Eddie's main window activate "Network Lock" and test again connections

Kind regards

 

On 3/4/2025 at 8:53 PM, supplement said:

Are there any plans to implement multi-hop?

Hello!

Multi-hopping is a client side feature. And yes, in 2012 a special "OpenVPN over Tor" mode was implemented in the Eddie AirVPN software for Desktop systems. The main "alien entity" used to multi-hop in a way that really enhances the anonymity layer strength is the Tor network as usual, as it provides a very balanced solution between usability, reliability and effectiveness.

In the near future we could implement a double-hop support inside the same AirVPN network on the AirVPN Suite for Linux. It's not the most effective method to enhance the anonymity layer (because both hops belong to AirVPN) but it could be appreciated as a small additional comfort according to the feedback we have.

DAITA is currently overkill because in real life AIs fail miserably. The high success rates comes out only when you have a limited sample of very few services, such as 10 pre-agreed web sites, and the target browses only those 10 with no other protocol complications, quite an unrealistic assumption. However, AI abilities can become relevant in the future to harm privacy and understand, with no needs to break encryption, which web sites a user visits, thus we don't rule out that we will implement specific techniques (especially on WireGuard) in due time.

Kind regards
 

18 hours ago, coltonb02 said:

Does AirVPN allow both protocols at the same time?

Hello!

Yes. You can control it from your AirVPN account port panel. Please see here:
https://airvpn.org/faq/port_forwarding/

Kind regards
 

16 hours ago, sw1234 said:

After running the command, it appears that the authentication is now failing to connect. Here is the system report for the session: 

Hello!

Correct, the previous problem is solved and now this is a new one. Try to resolve it simply by logging your account out (from Eddie's main window), then login back and try a connection.

Kind regards
 

16 hours ago, sw1234 said:

I was unable to avoid the problem via copying the app over to the Applications folder.

Hello!

The translocation has been successfully avoided. Now, to resolve the problem, please open a terminal and enter the following command while Eddie is not running:

sudo chown root /Applications/Eddie.app/Contents/MacOS/*

Important, if you get a "permission denied" error after you entered the above command please grant Full Disk Access to the Terminal App.

You can do it by selecting System Preferences > Security and Privacy > Privacy > Full Disk Access and then adding the Terminal app by pressing the "+" button and selecting it. Then open another terminal and repeat the above command

Finally re-start Eddie and test again.

Kind regards
 

5 hours ago, sw1234 said:

I continue to run into an issue where I am being constantly connected and disconnected to different servers without gaining a solid connection.

Hello!

First, please avoid translocation (Gatekeeper Path Randomization, GRP) by copying the app in the Applications folder or in any other proper place you like, exclusively through Folder utility. Then run again the app and please send us the complete log again if the problem persists, or even better please send us a system report generated by Eddie.

Kind regards
 

52 minutes ago, space5 said:

I have just taught you objective morality very quickly. Objective morality is very simple

Hello!

Yes, attempts to show that "objective morality" exist are around since the time of Plato (at least) but they have never succeeded. Securing the possibility of objective knowledge in morality has been the dream of several Giants of Philosophy throughout human history, but nobody so far succeeded. Nowadays scientific analysis tend to show the contrary, i.e. that there's no such thing as an objective morality. Then, even if objective morality existed, comes the huge problem to define it and to interpret the definition. Your definition for example is not universally accepted, therefore there are serious doubts that this "objectivity" exists indeed. And even by accepting your definition many actions remain moral for some people and immoral for other people, according to the interpretation of your definition (we will not insult your intelligence to make trivial examples).

Anyway, all of your considerations don't change the observation that your statement according to which privacy would be "a form of luxury" for financially wealthy people is false, perhaps even according to your own definition of morality!
 

52 minutes ago, space5 said:

I quit porn, game, entertainment, social media, fast foods, exciting music, and all other forms of easy dopamine triggers. I am a modern monk who doesn't need a monastery to stay disciplined.

This can be an honorable and moral behavior indeed, but we don't see how this personal choice should support the idea that privacy is the luxury of wealthy people.

Kind regards
 

32 minutes ago, c69c7kfrv48fuJ8Re44C said:

Still weird, 172.16.0.0/12 and 192.168.0.0/16 are well known private network ranges, why does one have to specify it even after ticking "allow local"?

Hello!

We will consult with Eddie's developer but at a first glance it's (perhaps) because the "Allow local" option acts on the Network Lock rules only, while by adding addresses you also force Eddie to modify the routing table. This is necessary with WireGuard as its userland utilities (necessary because there is no WireGuard library or kernel module in macOS) are launched by Eddie through a profile that makes all the IP address space 0.0.0.0/0 fall into the VPN tunnel.

Kind regards
 

Hello!

To discern whether your problems are GlueTun related or not, and qBittorrent related or not, please connect directly the host and test again. Also test, with and without GlueTun, performance with different protocols (not torrent).

Kind regards
 

3 hours ago, space5 said:

Privacy is basically a form of luxury

Privacy is a fundamental human right enshrined in any charter of fundamental rights, including the United Nations Universal Declaration of Human Rights and the Charter of Fundamental Rights of the European Union, and a series of amendments in the US constitution (including but not limited to the 4th Amendment).

The right to privacy has been equated to the right to life (for example by the India Supreme Court) and privacy (in the form of anonymity) has been recognized as an essential requisite to freedom of expression, according to a landmark & paramount decision of the US Supreme Court in 1994.
 

3 hours ago, space5 said:

if you don't have financial security, privacy doesn't matter at all.

It is exactly the opposite in many documented cases. The right to privacy is often perceived as a privilege for the wealthy but it is actually more crucial for financially poor individuals, as you can easily verify through the sources and reports by the UN and by many human rights advocate organizations. As far as it pertains to additional protection of privacy on the Internet through more effective data protection and a layer of anonymity, we contribute also by aiding, technically or financially, networks that are free for everyone, such as Tor, making privacy protection enhancement (small or big) affordable for more persons.
 

Quote

While I like privacy, we should care about morality more than privacy.  ... Moral educators sacrifice their privacy ... don't consume porn or store porn on your computer. don't do stupid things that you will regret later

While privacy is very precisely defined universally (and coded in law as one of the most important human rights in many countries), morality poses problems even with its definition. Codes of conduct endorsed by a society or a group (such as a religion), or accepted by an individual for her own behavior, are multiple, and many of them are mutually incompatible.

Large groups of people endorse a "supreme, universal" morality that's totally refused by other groups. Some groups define "morality" as something that it's not even defined as "morality" by another group. Some groups claim that "morality" is something defined by some external, powerful entity, given to us through revelation and the interpretation of this revelation by selected persons, while other groups do not even agree about the existence of such external entity.

That's why many of the most famous "educators" you mention, in the course of history have been incensed as heroes of their times by some groups, while other groups have defined them, at the same time or later in history, as bloodthirsty monsters, crazy lunatics or anyway people against morality. Even your invitation to avoid a perfectly legal action in all Western countries shows that your "morality" is incompatible with the "morality" of many other individuals and groups.

Kind regards
 

19 hours ago, ruthbard said:

I want to try to lock the connection, as it sounds a more simple solution to my problem. How can I do it

Hello!

With Eddie Android & Desktop edition, and with the AirVPN Suite, you can define a white list of a single VPN server. When a white list is defined, the software will consider only servers inside that list. With a third party software, you can generate a configuration file for a single server from the Configuration Generator.

Kind regards
 

7 hours ago, evlon said:

everytime i try to open eddievpn it loads but then it js doesnt open the app on my pc

Hello!

Please check this and let us know:
https://airvpn.org/forums/topic/68044-using-windows-10-home-eddie-is-invisible/?do=findComment&comment=245874

Kind regards
 

1 hour ago, ruthbard said:

Hello, I have a problem, not sure if it's the proper sub-board.

AirVPN exit IP address changes while I'm port forwarding, pretty frequently (once in a day or so). Isn't there a way to ensure that my exit IP address remains the same? I use it for other people to connect to my server, but when exit IP address changes, it breaks the connection.

Hello!

You can consider taking advantage of AirVPN DDNS (it is included in every plan) or lock the connection always to the same VPN server (not a good solution if that server goes down). Please see here:
https://airvpn.org/faq/ddns/

Kind regards