Staff

On 12/6/2025 at 9:01 PM, Bobo90 said:

 i added it to compose Few attemps ago i tried with wg0.conf but docker didnt read it
 

environment:
- WIREGUARD_ENDPOINT_IP=#ip
 - WIREGUARD_ENDPOINT_PORT=#port

Hello!

This is potentially the problem, We can't be sure because for some unfathomable reason you deleted once again the endpoint address and the port. Or did you literally enter "#ip" and "#port"?

By the way, when VPN_SERVICE_PROVIDER environment variable is set to an integrated VPN such as AirVPN (as it is in your case) you can rely on more proper variables that will prevent you from entering wrong addresses and/or ports. Please set the proper environment variables, delete the quoted ones (quoted here above), and check whether the problem gets resolved. Please see here again: https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md

Kind regards
 

24 minutes ago, Archaon1 said:

I followed the steps but i've got an error at the end.
"Unable to create network adapter."

Hello!

Something is blocking the creation of the virtual network interface that WireGuard needs, so it was not an Eddie's problem. Do you run any antimalware tool that might be blocking networking operations and/or blocking software that needs to modify network configuration with administrator privileges?

Kind regards
 

4 hours ago, EMULE said:

With the AmneziaWG protocol, the obfuscation capability at the UDP layer is greatly improved, but what about at the TCP layer?
Other countries may completely block the UDP protocol, 

Hello!

Not anymore, and even less in the near future. HTTP/3 is quickly spreading. Today, HTTP/3 is used by 36.5% of all the websites, including major web sites inside countries that enforce blocks against VPN. Furthemore, blocking UDP as such is no more realistic, not even in China, where UDP has become an instrumental protocol for many companies in any sector (video streaming, video conference, VoIP, marketing, social media marketing, regime propaganda and more), for regime aligned or regime owned activities.
 

4 hours ago, EMULE said:

In China's IPv4 environment, SSH and SSL are fully recognized, rate-limited, and blocked. This means that AirVPN's TCP-level obfuscation performance is relatively poor.

In China you have a near 100% success rate and no shaping (apart from the normal shaping for anything outside China) with the current Amnezia "weak obfuscation" (no CPS) implementation, i.e. at the moment you don't even need QUIC mimicking (which is anyway available and very effective). Currently, bypassing blocks via UDP than via TCP is more efficient in China.
 

4 hours ago, EMULE said:

However, with increasing global internet censorship and the emergence of new obfuscation protocols, switching to more modern obfuscation protocols is definitely the future trend for VPN vendors

At the moment there is nothing more effective than mimicking QUIC with the signature / fingerprint of an existing web site that's not blocked, and you have this option right now. We see > 95% success rate, which is better than the success rates of SSH (not exceeding 75%), shadowsocks and XRay, V2Ray etc (but a lot faster!). The success rate is similar to any VPN protocol over HTTP/2, but, again, dramatically faster.
 

Quote

The addition of the AmneziaWG protocol is sufficient for my needs; thank you, AirVPN.

We're glad to know it. It is also very flexible. Thanks to CPS, you may mimic any transport layer protocol built on UDP, for example DNS, QUIC, SIP.

Kind regards
 

On 12/8/2025 at 10:01 AM, Archaon1 said:

E 2025.12.08 09:55:29 - WireGuard > Error: Failed to start: not running

Hello!

The problem is that WireGuard doesn't start. Please try a re-installation from the official package available here:
https://www.wireguard.com/install/

Then test WireGuard native utilities to connect, in order to discern whether the problem is Eddie specific or not. Instructions are available here:
https://airvpn.org/windows/wireguard/gui/

Kind regards
 

13 hours ago, xxnovosxx said:

After setting MTU to 1380, speeds improved to ~9 MB/s

Hello!

Please set MTU to 1280 bytes and test again. If the problem persists please test from the host, without containers, to determine whether it's a GlueTun specific problem or not. Keep MTU to 1280 bytes and increase at small steps.

Kind regards
 

9 minutes ago, alekas said:

I am just installing Eddie UI and using it. If you provide steps - I am in to test. I am currently on windows 11...
Where should I edit [Interface] section? I cannot find any file with that in AirVpn installation folder.
 

Thank you!

Please use the Configuration Generator. Turn on the "Advanced" switch. Generate a file with the Configuration Generator for WireGuard for the server or country you want to test. Download the file and edit it with any text editor. To begin with, add these parameters in the [Interface] section:
 

Jc = 20
Jmin = 50
Jmax = 1000
S1 = 0
S2 = 0
H1 = 3
H2 = 1
H3 = 4
H4 = 2 

Import the file into your PC AmneziaWG client, or use it with the AirVPN Suite component Hummingbird, and even in Eddie 4.0.0 (you can do it in the "VPN profiles" view once the file is in your Android device) and use it to test a connection in Amnezia mode.

If it fails please try a connection directly from Eddie, without profile, in Amnezia WG. If it fails too enable QUIC mimicking in "Settings" > "Advanced" > "Custom AmneziaWG directives" and test again a connection.

Keep us posted!
Kind regards


 

9 minutes ago, alekas said:

AmneziaWG  may be a good idea, but will require time.

Hello!

It's available right now if you can edit the generated file. An integration with the configuration generator will require time so we suggest that you test by editing your own file (generated by the CG for WireGuard). Integration with Eddie Android edition is already available in the 4.0.0 beta version. ~100% success at the moment comes from reports from Russia and China. It would be good to have an additional report from Uzbekistan. 😋

Kind regards
 

21 minutes ago, bananaphone69 said:

3. I added mssfix 1280 to the config file for Hercules (a problematic server) and it worked without issue. Adding the same to Libra (a non-problematic server) made no change and it still continues to function as normal. Failing all else, I can add this to all the config files and it should work but I don't understand why this has suddenly happened when I have made no change on the files on my side and about one third still work as normal without the additional mssfix line.

Are there other diagnostics or fix attempts that would help clarify the issue?

Hello! We're very glad to know that the problem is solved.

From the OpenVPN manual:
 

Quote

--mssfix args

Valid syntax: mssfix max [mtu] mssfix max [fixed] mssfix

Announce to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed max bytes.  The default value is 1492 [bytes, ndr]
 

 

Since mssfix 1280 resolved the problem, a plausible explanation that comes to mind is that before the problem started your network had frames fitting the previous MTU, and this is no more possible now So, it could be a change on your ISP side.

Kind regards
 

Hello!

Please note that the ability to connect over a generic HTTP, HTTPS, SOCKS4 and SOCKS5 proxies, especially those only supporting TCP, is an OpenVPN strong feature that's not matched by WireGuard. The flexibility and ease of OpenVPN to do it is very important for anyone connecting from behind a proxy (such a corporate proxy). This is a feature that we do no want to lose so phasing out OpenVPN in its entirety is not on the table at the moment.

Another similar, powerful feature that WireGuard can not offer is establishing an SSH tunnel, or a TLS one (by stunnel typically) and then connect OpenVPN over it.

However, a balanced approach is possible, and we are already moving toward that direction. For example, our kernel networking tuning is preferring WireGuard needs, not OpenVPN ones, although the approach is not too unbalanced. In the future we might also consider to lower the amount of concurrent OpenVPN processes we run on servers (we do it to aid balancing for the notorious problem you mention and for which a stable and easy to maintain DCO would be a solution).

Kind regards
 

8 minutes ago, alekas said:

Traveling to Uzbekistan. I cannot connect to any AirVpn server anymore. It worked fine in USA.
Any protocol available in Eddie UI do not work.
Unfortunately I paid for the whole year of AirVPN service. Looks like the XRay or something similar is the way to go...

Hello!

We have a report that makes us suspect that in Uzbekistan it's the IP addresses of various VPN servers (not only AirVPN, other VPN too), to be blocked "unconditionally". Anyway AmneziaWG is worth a test, with and without QUIC mimicking, toward all the wg ports of our servers. It has an incredibly high rate of success in Russia and China (higher than OpenVPN over SSH and shadowsocks) so it's definitely worth a test. Please keep us posted as we have literally three reports only from Uzbekistan including yours...

If you need some parameters to test check here:
https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/?do=findComment&comment=258644

and here:
https://airvpn.org/forums/topic/59479-block-vpn-in-russia/?do=findComment&comment=237288

If you need some suggestions for the parameters I_n in order to mimic QUIC connection to some specific web site known to be not blocked in countries controlled by VPN hostile regimes, please contact our support team in private by opening a ticket.

Kind regards


 

11 hours ago, bananaphone69 said:

I can reproduce the error in ipleak.net and airvpn.org which naturally shouldn't be hostile to AirVPN servers. ... can also confirm these servers are working okay on systems where I am not using this ufw/network-manager/ovpn config file method.

Hello!

Please note that the TLS handshake and anything else is performed by and between your system and the final web (or other service) servers. The VPN server is not a part of this process. Of course airvpn.org and ipleak.net do not block AirVPN servers. We would rather suspect some MTU related problem. Try to add in your OpenVPN configuration the following directive:

mssfix 1280

Can you also test, in the problematic system, a connection by running OpenVPN directly and not relying on the network-manager-ovpn plugin? In the past it caused several different problems and it was deprecated. If the problem persists please test with ufw completely disabled.
 

Quote

I can also confirm these servers are working okay on systems where I am not using this ufw/network-manager/ovpn config file method.

Do you mean that the problem doesn't appear at all on different systems using the same OpenVPN connection mode (entry-IP address, port and protocol)?

Kind regards
 

22 hours ago, Tech Jedi Alex said:

Do you bother changing kernel network settings like congestion control on the servers?

Hello!

Yes, as the default settings are not adequate for high load and high throughput servers.

Kind regards
 

4 hours ago, Bobo90 said:

read topic from your link and nothing change, same error.

Hello!

Reading it is not sufficient, then you have to change your configuration accordingly. How did you add the end point (destination VPN server)?

Kind regards
 

@Bobo90

Hello!

Your compose file lacks the proper setting of the FIREWALL_VPN_INPUT_PORTS environment variable. If you set it on the command line options fine, but if not you must add it and set it properly. The FIREWALL_VPN_INPUT_PORTS environment variable in Gluetun specifies a comma-separated list of ports that must be allowed through the firewall. Without it, packets forwarded by the VPN server will be dropped by GlueTun firewall.

About this error:
"ERROR [vpn] finding a VPN server: target IP address not found: in 250 filtered connections".

you should be able to resolve it by reading the documentation specific for AirVPN:
https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md

Kind regards

 

21 minutes ago, bubbba said:

Why such a difference?

Hello,

there's at least one Usenet provider that caps traffic of any VPN competitor to boost its own offer. This is an anti-competitive practice. Thank you for not advertising. 

With that said please open a ticket to investigate, especially if you get poor performance when you access any other service while connected to the VPN.

Kind regards
 

2 hours ago, Kreuldavid77 said:

Hello. Now that the black Friday sale ad no longer pops up, I am able to connect to a server with no issues. Thanks. 

Hello!

Can you tell us your OS name and version and which Eddie version you're running?

Kind regards

 

@airvpn12345

Hello!

It's not an authorization problem, but WireGuard traffic is blocked. Can you please check any antimalware tool on your system, as well as the Windows Defender firewall, and make sure that they do not interfere with UDP and WireGuard traffic? Please check also your router and disable, if active, any traffic management tool.

Kind regards
 

8 hours ago, Nasheayahu said:

I have no session running on my systems and I keep getting active session automatically appearing in the Client Area, that is running up my allowed connection.

Hello!

Please make sure that Eddie is not configured to connect automatically at startup on "Preferences" > "General" window.

If the problem persists and you do not recognize the session(s) it is necessary to keep into consideration a possible unauthorized use of your account. Please change your AirVPN user password (pick a strong password you do not use anywhere else) and renew your keys to cut out any potential fraudulent user, please see here: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/

Kind regards
 

1 hour ago, htpc said:

Hello!

When launching Eddie (macOS latest version) the device list doesn't reflect the devices I can see in my Client Area -> Devices. In Eddie I can see devices that are not listed anymore on the webpage and new devices are not shown. I tried renewing keys, restarting Eddie and everything else I could think of. But so far I couldn't get the list to update. 

Thanks in advance for any pointers on how to resolve the issue!

Hello!

You need to log your account out and in again. When "Remember me" is active, Eddie Desktop edition stores locally all the information. The idea is that when you're in a network that prevents bootstrap servers access, you can count on a reliable local copy to get the vital connection information. In order to force Eddie to update this copy, it is necessary to log the account out and then log it in again (from Eddie's main window). This is not necessary in Eddie Android edition which keeps a local copy but tries anyway to update it whenever possible.

Kind regards
 

2 minutes ago, Kreuldavid77 said:

When I close out of the message, it doesn't give me options to choose a VPN and I am not able to access any settings. When I try to access Eddie after this, it tells me there is already an instance of eddie running

Yes that was clear. Now, is there Eddie's tray icon or not in the system tray after you have closed the promotional window?

Kind regards
 

23 hours ago, willowvpn said:

Looking at the server list I wonder
Has AirVPN owned or leased servers? If it's a mix, how do I know which servers are owned/leased?
Which provider is used for each server?

Yes, it's a mix. We could consider to publish this data actually. To be honest an owned server offers negligible security bonus over a leased one, unfortunately.

Globally we work with 18 different dacenter owners / providers with servers in 33 different towns (physically, not with address re-location) and with transit served by, or direct peering with, all the "14 giant" tier 1 networks except Telxius/Telephonica and Sparkle, as well as a few important tier 2 providers.
 

15 hours ago, Tech Jedi Alex said:

It's mostly M247 with some others sprinkled all around, like Netrouting, Leaseweb, etc.

In the VPN infrastructure M247 has a 3% presence in America, 36% presence in Europe (but 14% in terms of total available bandwidth), 95% in Asia, 0% in Oceania.
Leaseweb has 0% presence anywhere, there's not even a single VPN server from Leaseweb in the VPN infrastructure.

Kind regards


 

8 hours ago, ASiC666 said:

Is any load balancing between the users taking place?
What I mean is if, for example, I open hundreds of connections to usenet, will I ruin the day for the rest of the airvpn users on that server?

Hello!

Yes. The kernel already does a wonderful job to distribute fairly bandwidth, aided by the excellent ability to scale of WireGuard. OpenVPN is a little more problematic but we force a round robin distribution of peers on different instances to balance core load. Where a limit must be enforced artificially is in the amount of concurrent connections INSIDE the tunnel. Normally we allow the maximum amount supported by a powerful home router, i.e. 20000 concurrent connections per node. This limit is usually not even noticed by the users as it is well beyond the usage of virtually all of our user base.

Kind regards
 

5 hours ago, flugbein said:

tested the forwarded port on the AirVPN - Website but when doing so, I get a „connection timed out (110)“ message, for example for port 55056. (on Desktop!)
On mobile (through the website) I just get „no port open“ (when testing the just opened port).

Hello!

"Connection timed out" sounds expected and correct, just like it was with the OP, since you don't run any listening program according to your description. The only difference here is that "no port open" message means that the device the port is linked to is not connected to the VPN, or no device at all is connected, if the port is linked to "All devices".

Kind regards
 

1 hour ago, Kreuldavid77 said:

Hello,

When I try to start Eddie the black Friday sale ad pops up. When I try to close the window or just click OK, the window disappears but Eddie doesn't start up. When I try to restart Eddie it says Eddie is already running. It shows as running in Processes, but it won't give me the option to select a vpn. I have turned off Eddie in task manager, uninstalled and reinstalled, and restarted my computer but nothing works. 

Hello!

Maybe the app is minimized: can you please check your system's tray icon? Eddie's tray icon is a small cloud in a circle. If you find it, by double clicking it (or clicking and selecting "Show Main Window") you should be able to bring up Eddie's main window. Please make sure that you can see hidden tray icons too.

Kind regards
 

@zimbabwe
@AG999
@Upre1943
@Stalinium
@Nonsense
@H12345h12345

Hello!

Eddie Android edition 4.0.0 preview implements full AmneziaWG support:
https://airvpn.org/forums/topic/77633-eddie-android-edition-400-preview-available/

Feel free to test and report back (bug, glitches...)!

Kind regards & datalove
AirVPN Staff