Staff

@VPNwarp Hello! Thanks for your choice. From the tiny log section we can see the problem is related to IPv6. Possible solutions: Make sure that IPv6 is enabled at system level and on the TAP-Windows network interface Alternatively. from Eddie main window select "Preferences" > "Networking", set the "IPv6 layer" combo box to "Block" and click "Save" If nothing of the above resolves the issue and you get no solutions from the community please open a ticket for professional support. This is a community forum where Staff reads and writes now and then, while the support team offers assistance 24h/24. Also make sure to publish a system report ("Logs" > LIFE BELT icon" > "Copy" icon > paste into your message) which is much more useful to techies than a screenshot. Kind regards

Hello! We're glad to inform you that replacement has been completed. Now Meissa, Phact and Schedir are new, more powerful machines, in a different datacenter (again In Riga), connected to 1 Gbit/s lines. Kind regards

@tammo Hello! The required syntax in some nft versions was different and the command issued by Eddie is incorrect for your version, hence the syntax error. A fix under this respect has been implemented in Eddie 2.21 beta, can you please test Eddie latest 2.21.3 beta version? Please see here to download it: https://airvpn.org/forums/topic/49638-eddie-desktop-221-beta-released/ We are looking forward to hearing from you. Kind regards

Hello! Currently not, we're sorry. At the moment Windows 7 users should run native WireGuard programs with a configuration file generated by our Configuration Generator. Kind regards

Hello! We have moved the discussion here because it was too off-topic in the beta testing thread and it polluted it. That thread is reserved to WireGuard testing in AirVPN and is aimed at finding bugs, malfunctions and so on, if any. Kind regards

Hello! We inform you that the following servers in Latvia: Meissa Phact Schedir Shaula have become suddenly nonoperational because the upstream of our provider blocked all traffic. They should come back online within a couple of days, due to new deals with a new transit provider. However, all IP addresses will change. We have decided that this is a good moment to switch to new lines and servers: we are changing the previous 100 Mbit/s lines with 1 Gbit/s lines and ports, and replacing the hardware with more powerful CPU. The four 100 Mbit/s servers will be replaced by three 1 Gbit/s servers. Location will not change, the new servers will be in Riga. We should be able to announce the new servers in the next days. EDIT 2022/02/02: replacement has been completed. Kind regards and datalove AirVPN Staff

Hello! Since no reports came in here or in tickets in the last 10 days we consider the problem as resolved, thank you very much! Kind regards

@Pwbkkee Hello! Thanks for the detailed report and the suggested solution. Unfortunately we could not reproduce the issue. Can you please tell us your exact distribution name, version and (if any) customization, to let us start from a common testing ground? Kind regards

@organicchocolate Hello! Thank you very much for the good feedback, we're glad to hear it. About Network Lock, the status is reported by the padlock on the main window. If it's closed, Network Lock is enabled. A connection must be possible even with Network Lock disable,d so the green token you mention is appropriate. Maybe you'd prefer to have Network Lock on by default. You can configure Eddie to enable Network Lock when the app starts. AirVPN Suite enables Network Lock by default. Kind regards

Hello! You are definitely right. Historically, this is a consequence of the fact the our bootstrap servers were not given by the respective datacenters IPv6 support and we did not insist on that. We will ask our providers to add IPv6 support to the bootstrap servers if possible, and then adapt our software accordingly when IPv6 layer is preferred over IPv4. Kind regards P.S. You applied a smart workaround!

@TheHellSite Hello! A dedicated forum might be excessive, but dedicated threads are surely appropriate. The official thread followed by staff members can be found in the "News" forum, which is not a community forum. Any other thread can be created by the community in the proper community forum ("Troubleshooting" is fine) and followed by the community as usual. Kind regards

@hartfieldsbane Hello! Can you please check the content of directory /etc/airvpn and post here? sudo ls /etc/airvpn A plausible explanation of the wrong behavior is that the lock file doesn't exist in /etc/airvpn, while some backup file related to firewall rules or DNS settings does. EDIT: bug confirmed, we will work to fix it. You can resolve immediately the problem by deleting the whole directory content, but first please publish its content to let us check and reproduce the issue, thank you! A bug causing a similar problem was already detected by @misam in this thread in late 2020. It was fixed in your version 1.1.2, but maybe something is still wrong. Please post text and not screenshots when possible. sudo rm /etc/airvpn/* Kind regards

@Asmodeus Hello! This was a 2020 thread, the page layout has changed in the meantime. Go here: https://airvpn.org/macos/eddie/ Click "Other versions" then select the version you want. You will be brought back to the download page, pointing this time to the version you selected. Pick the correct package for your macOS and download and install as usual. Kind regards

@eburom Thank you very much! The problem you found and kindly reported has been fixed and you'll see the fix in the next, imminent version. From the developer: you can't build the Suite now because OpenVPN3 has recently changed ClientAPI::Config definition. They replaced member ipv6 with allowUnusedAddrFamilies which is basically used for the very same purpose. The change has been already imported into OpenVPN3-AirVPN 3.7.1 fork and Bluetit/Hummingbird code has been updated accordingly in the development branch which is to be released very soon, along with some other minor fixes and changes [including the aforementioned one}. Kind regards

@r34lity23 Hello! Please make sure to accept packets to and from the bootstrap servers. You can find their IP addresses in /etc/airvpn/bluetit.rc file - bootserver directives. Kind regards

@spinmaster Hello! Our testing systems have 8 MB buffer as well. We are still struggling to reproduce the problem. In the meantime, please test with a 32 MB buffer, for example: sudo sysctl -w kern.ipc.maxsockbuf=33554432 Kind regards

Hello! No news, we're sorry, but let's evaluate whether the default buffer size of the UDP/IP stack is insufficient for OpenVPN3-AirVPN needs. Can you please give us the output (from a terminal) of the command: sysctl kern.ipc.maxsockbuf It will show the buffer size in bytes. We would like to compare it with our systems (Big Sur and Catalina, M1 and x86-64) where the problem doesn't occur, and check whether increasing the buffer mitigates it. Kind regards

@Xuebit Hello! We tried to reproduce the problem you reported but we failed. After we activated "cryptojacking" block list and entered getmonero.org among the allowed exceptions, we could determine that it was resolved correctly. Please try again, maybe your system and/or system browser cached DNS. You can debug with dig getmonero.org We rarely edit a list; "curated by us" doesn't necessarily imply that we edit a list, but that we select and propose it or a merge of different lists, aiming at covering all the most requested categories. Therefore you might like to ask the original compiler the reason why getmonero.org was included. We see that also bitcoin.com is included in the same block list. That said, we can of course edit those "curated by us" lists: while a regular review of each list by us is not realistic at all, we keep this option open for your and other users observations. Kind regards

@mrbert Hello! Unfortunately we don't understand the issue, therefore we recommend you open a ticket. About your last question, the DNS query should be tunneled so it should not go straight to Google, but anyway make sure that Network Lock is enabled. Anyway, you should not pick Google DNS in any case. Good DNS which respect your privacy are OpenNIC https://www.opennic.org and Quad9 (9.9.9.9). Kind regards

@Xuebit Hello! Thank you very much for the head up. The fact that the exception you entered doesn't work is unexpected, we will start an investigation because it might be a bug. The potential error about getmonero.org will be investigated as well. Kind regards

Hello everybody, can you please re-perform all of your tests and report back? We have found a bug which potentially might have caused the reported names resolution failures under rare circumstances on a few servers. We have fixed the code. Please let us know whether the problems keeps occurring or not, as our automated DNS testing sentinels deployed on the reported flag servers have stopped reporting resolution failures since when the fix was deployed. A couple of hours ago the fix has been deployed. Kind regards

@mrbert Hello! 10.4.0.1 answers only to DNS queries, nothing else, not even ICMP packets. Kind regards

Hello! We confirm that it's not possible for Eddie to start during the bootstrap of any un-rooted device running Android TV 10, 11 and 12, and this is not an Eddie-specific limitation, simply because "Always on VPN" has become mandatory for the purpose, but at the same time Android TV has always had this feature removed. Should we find a solution to circumvent this deliberate limitation on un-rooted devices, we will be willing to implement it, but at the moment we are not aware of any solution. OpenVPN connect, OpenVPN for Android and other apps undergo the very same limitation. Kind regards

@rubicon789 Hello! From the Android settings pertaining to apps, please review your OpenVPN app permission and make sure that access to storage is granted (do the same with WireGuard app if necessary). Also consider that when you run Eddie Android edition you are not forced to generate and import ovpn files to connect to our service (ovpn files remain optional). https://airvpn.org/forums/topic/29660-using-airvpn-with-eddie-client-for-android/ Kind regards

@PortlyNinja @tgiby3 Hello! Each time you renew your client key and certificate in your account "Devices" panel you need to log your account out and in again from Eddie main window, as you might have read in the instructions. In this way you force Eddie to download the new pairs. If Eddie sends an expired certificate you will get AUTH_FAILED from the VPN server, and not from the infrastructure, so no message is visible in the Client Area, in spite of the wrong suggestion by Eddie, we're sorry. The TAP driver is the driver which handles the virtual network interface used by OpenVPN. Only administrators, according to system default settings and ordinary practice in the last decades, can install system drivers. Windows lacks any such driver so it needs this additional installation of some third-party tun/tap driver for the tun/tap interfaces .The wintun driver, which is supported by OpenVPN 2.5 and higher versions, and by Eddie, is a more modern driver to drive the tun/tap interfaces. If you have issues caused by the TAP driver, including poor performance, try the wintun driver. You can activate it from Eddie's "Preferences" > "Advanced" window: check "Use wintun driver", click "Save" and re-start Eddie. Kind regards