Staff

Hello! We're very glad to inform you that the Black Friday week has just begun in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership, it was never sold out to data harvesting or malware specialized companies as it regrettably happened to most competitors. AirVPN does not inspect and/or log client traffic, and offers: five simultaneous connections per account IPv6 full support AES-GCM and ChaCha20 OpenVPN ciphers on all servers WireGuard support on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard even more, exclusive features, such as DNS customizable and flexible block lists to neutralize sources of ads, spam, trackers etc. AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 113 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Kind regards & datalove AirVPN Staff

Hello! It doesn't sound right but from your description it might be some cached page. Hummingbird enables Network Lock by default so everything should be fine (provided you did not disable Network Lock manually) but to stay on the safe side please open a ticket for a cross-check (it's off topic here). Kind regards

Hello! You are correct. Furthermore, OpenVPN runs in a single thread of a single core, so we need to run multiple instances (one per virtual CPU) to get more performance at server level (of course a client remains connected to the same instance during the whole session life), while WireGuard scales well. We will not publish at the moment meaningful statistics, unfortunately, because our servers run at the same time multiple OpenVPN instances and WireGuard, and clients connect in a wide mixture of modes. Any data set would not have relevance or reliability. Kind regards

We don't see how any assessment of any kind would make any difference when NSA has inner access to Google infrastructure, as we all know since 2013 when the PRISM program, revealed by the documents leaked by Snowden, provided proof of that. On top, of course, of all the ties between Google, the CIA and the State Department disclosed by Wikileaks (check also Julian Assange's "When Google met Wikileaks" and the excerpt https://wikileaks.org/google-is-not-what-it-seems/). Kind regards

@Zebby Warning points are not there. Other than that, usual netiquette applies. Kind regards

Hello! We're glad to inform you that OISD full and extra lists are now available. Kind regards

@postergus Hello! Thank you for your great feedback! Goldcrest offers the option to drive Bluetit with a fine grained access control (typically to any user in the group airvpn), instead of having to gain root privileges. It's a paramount security enhancement which is not underestimated by any serious UNIX administrator. About the competition for DNS settings between Bluetit, systemd-resolved and Network Manager, there is no easy solution to implement in Bluetit, as each of the hundreds Linux distributions may work differently. Furthermore it would be probably dangerous (if possible at all) that Bluetit tried to block DNS operations by root processes or other daemons. Just to say, systemd-resolved alone has several working modes: modes which bypass resolv.conf file and modes which don't. It's plausible that the best course of action is that each system administrator, according to her or his needs as well as system status, performs a fine-tuning. Kind regards

Hello! A message from the dev: in the next Eddie release a command line flag "-nosplash" will be added to skip the splash window. Kind regards

@XV-8774 Hello! We have detected the same problem on a few Samsung devices running Android 10 and 11. Although the cause of the lack of "traffic-through" is currently unknown, (and we don't know why only certain Samsung devices are affected) we verified that Eddie 2.5 alpha 3 resolves the problem. Please see here to download the apk (you need to uninstall Eddie 2.4 first, and then side-load Eddie 2.5 alpha 3): https://airvpn.org/forums/topic/49705-eddie-android-edition-25-alpha-is-available/ Eddie 2.5 beta 1 public availability is imminent, currently we are testing it internally. Please let us know whether Eddie 2.5 resolves the problem for you too. Kind regards

Hello! To help us troubleshooting DNS block list issues with WireGuard, please activate at your convenience the DNS List "Air ADV", and try from terminal (Linux and macOS) # dig ad-delivery.net @10.128.0.1 or in Windows # nslookup ad-delivery.net 10.128.0.1 Then publish the output. Kind regards

Indeed! Express is a filthy enemy of AirVPN mission and a threat to its own customers. https://english.almayadeen.net/articles/analysis/exclusive:-expressvpn-insider-tells-all-on-companys-israelua https://twitter.com/Snowden/status/1438291654239215619 Kind regards

Hello! The issue is unexpected and not deliberate, we will investigate. In the meantime, please do not attach files, just copy and paste text into your message. In particular, do not send screenshots which in many cases are useless and cause only a waste of time for obvious reasons. Should attaching screenshots be absolutely unavoidable, attach them to an e-mail to support@airvpn.org Kind regards

Thank you, we're very glad to know it. We have not changed anything on our side so the cause of the problem remains unknown. If it wasn't on your side, the problem might re-appear. Open a ticket if it does to let us investigate more properly. Kind regards

@autone Hello! Can you confirm that remote inbound port forwarding works as expected even in WireGuard subnets? Kind regards

@C205Veltro Hello! Probably it's not a connectivity issue because you could connect to the VPN, but a DNS problem. Please check your DNS settings and make sure that publicly available DNS server addresses are set. Good choices we recommend are OpenNIC https://www.opennic.org and Quad 9 (9.9.9.9). Instructions if necessary to change DNS in macOS: https://serverguy.com/kb/change-dns-server-settings-mac-os/ Kind regards

@Zebby Hello! The forum for the community is moderated and moderators can warn an account with points for posts infringing community forum policy. Kind regards

Hello! We're glad to inform you that Eddie 2.5 Alpha 3 is now available. It includes the ability to start and connect during bootstrap (if Master Password is disabled) according to a priority list which includes automatic choice, your defined country and your defined server, on top of the usual ability to start and connect at bootstrap via a profile. The feature is available in Android versions from 5.1 to 12, and in Android TV versions from 5.1 to 9. The feature is lost in Android TV 10 and 11 due to unavailable operations on Android systems lacking "Always on VPN" option. Eddie 2.5 Alpha 3 is now linked against OpenSSL 1.1.1l and also features several bug fixes, including bugs reported in this thread. The first post has been updated to show the correct URL of the latest apk and its checksum. Please keep testing and report malfunctions and bugs, thank you in advance! Kind regards

@spinmaster Hello! It's a bug in the Configuration Generator coming from the times when the name earth3.airvpn.org existed. Now it doesn't exist anymore. Please modify it into earth3.vpn.airdns.org or earth3.all.vpn.airdns.org. The first name resolves into the entry-IP address 3 of the "best" Earth server, the latter into entry-IP addresses 3 of all VPN servers. We will fix the bug, in the meantime you can simply edit with any text editor your ovpn file. Thank you for having found and pointed the bug out. Kind regards

@monstrocity Hello! That's irrelevant for the problem @autone mentioned. Regardless of the tunnel transport layerl, inbound packet forwarding must work both with TCP and UDP, and both with WireGuard and OpenVPN. The fact that you can't use WireGuard is related to a possible UDP block but has nothing to do with the packet forwarding problem inside the tunnel experienced by @autone with WireGuard only. We invite @autone to open a ticket if the problem persists. In this way we can check in real time what happens with packet forwarding. Kind regards

@msbntt @OpenSourcerer Hello! Investigation on this case and a few similar ones will start soon. It's a rare issue as far as we can see and it's confirmed. @msbntt Please try now. If you still can't connect we will compensate the fact that you can't access the service until the problem is resolved. If you have urgent need to connect and still you can't now, please open a ticket and we will give you a disposable account for the time being necessary to resolve the bug. Kind regards

@monstrocity Hello! Watch out, the fact that WireGuard's transport layer is UDP does not prevent (as it happens with OpenVPN, on the other hand) both TCP and UDP wrapping, of course. TCP and UDP packet forwarding must work both with WireGuard and OpenVPN in the same way Please feel free to open a ticket if they don't. Kind regards

@CXX Thank you very much! Kind regards

Hello! Have you added the generated magnet link to your torrent software? Kind regards

@jelegend Hello! About remote port forwarding you though right. Your ISP can't interfere because the data stream is still encrypted in the ISP devices, up to your own node. Strange question... It's the software that must receive the packets, in other words the software you run in your system which must be reachable from the Internet, the only software you forwarded an inbound port for. Kind regards

@Agrock Hello! DNS over TLS is supported since several months ago. It is almost useless since plain DNS queries to our VPN DNS, and their replies, are anyway encrypted and authenticated because they stay in the tunnel, but you might need DoT for peculiar configurations. Check the usual specs page for more details: https://airvpn.org/specs You can define anyway custom per "device" (i.e. client certificate/key pair) block lists, personalized exceptions and blocks, regardless of the fact you use DoT or not. Kind regards