Staff

Hello! We're very glad to inform you that two new 10 Gbit/s servers located in Alblasserdam (the Netherlands) are available: Menkent and Piautos. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. The servers support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server. You can check the status as usual in our real time servers monitor: https://airvpn.org/servers/Menkent https://airvpn.org/servers/Piautos Do not hesitate to contact us for any information or issue. Kind regards and datalove

Hello! From the documentation we think that SERVER_HOSTNAMES variable must contain hostnames (we infer therefore the FQDN (Fully Qualified Domain Names) we use), while SERVER_NAMES must contain the internal AirVPN names (for example Xuange) that you find in the mentioned JSON file as well as in the servers monitor: https://airvpn.org/status We also think that you need to valorize only one variable between the mentioned, optional ones, in order to avoid ambiguity or conflicts about the end point(s) to connect to. Kind regards

Is it possible for you to delete my account keys etc. for me? Hello! In theory AirVPN management can do it, yes. Please note that in this moment you have only one key, if it gets deleted you will be cut out from the VPN until you create a new key. We would recommend that you manage your keys by yourself: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/ For any further support on the matter (on top of the community support here) please do not hesitate to open a ticket. Kind regards

Hello! We can confirm that the Configuration Generator works just fine as usual. Please select the proper key you desire on the CG page otherwise the CG will default to the first one and then remember to set it in the Gluetun configuration. The configuration generated by our CG is also consistent on what you wish, as it contains only the Xuange IP address. The IP addresses considered by Gluetun are not taken from the generated configuration file, but from the servers addresses included in the servers.json file, as far as we can see from Gluetun's documentation. We also see (again from the documentation) that you need to set the proper variables if you want to force Gluetun to connect only to specific areas or servers: SERVER_COUNTRIES: Comma separated list of countries SERVER_REGIONS: Comma separated list of regions SERVER_CITIES: Comma separated list of cities SERVER_NAMES: Comma separated list of server names SERVER_HOSTNAMES: Comma separated list of server hostnames See also https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/airvpn.md Please remember that Gluetun is not an AirVPN software, therefore if our explanation is not enough you could get better answers from Gluetun developer. Kind regards

Hello! Please follow this guide: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/ Kind regards

Hello! Assuming that your NAS is not omniscient, it must have found the entry-IP addresses of Kajam and Crater in some configuration file, please check. However, another option is that someone else is using your account fraudulently, although from your description that's very unlikely as the ghost connections appear whenever your NAS tries to connect. Please go ahead, change your AirVPN account password AND renew all of your keys, just in case. Kind regards

Hello! Eddie Desktop edition stores client keys locally and updates them only when the account logs in to the bootstrap servers. Since you renewed a key recently, the old key was no more valid, but Eddie kept using it. By logging out and logging back in, with "Remember me" option disabled, you caused Eddie to re-download your keys and you solved the situation. Kind regards

Hello! Maybe, or maybe not, as the probability is small given the tiny time frame, but from now on you can easily avoid the hazard. Shutting down the whole daemon just to perform a re-connection is indeed a disproportionate and unnecessary action, just send commands with Goldcrest to do it. Kind regards

Hello! Thank you for your choice. Please open a ticket at your convenience and send the support team the ID of the failed transaction(s) for additional investigation. Kind regards

Hello! Yes, there is a small likelihood that leaks will occur: when you restart Bluetit, first Bluetit stops and the previous firewall rules, policy settings included, are restored. Then Bluetit starts and Network Lock rules are enforced. The time between those actions varies from system to system, but in general a few tenths of a second are required. If, during those tenths of seconds, a process manages to create a new socket and send out data, or use a pre-existing one whose communications did not "time out", you will have a leak. A safer approach is to disconnect and reconnect with Goldcrest. By using Goldcrest to send commands to Bluetit, the persistent network lock is not disabled at any stage: the rules are of course changed, but the whole process is carried out while maintaining the "drop" policy. Kind regards

Hello! So, what did you find? Had Eddie restored the system DNS settings properly or not? Yes, and the kind Pop!_OS tester had all of his problems resolved with 2.24.2 so it's worth that you mention this problem in that thread too. System report generated by Eddie and the answer to our questions may help remarkably. Thank you for your tests! Kind regards

Hello! We're sorry, this is not currently planned. Suite 2.0 is designed to offer reverse traffic splitting on an application basis only. The type of traffic splitting you request may be considered in future releases. Kind regards

Hello! Have you checked your DNS settings as recommended? If not please do it and report at your convenience. What is your Linux distribution? Kind regards

Hello! You might have renewed your keys recently. Are you running Eddie Desktop edition? If so, please try this: from Eddie's main window uncheck "Remember me" log your account out log your account in again (you will need to re-enter your AirVPN account credentials) If you run any other software with configuration files please re-generate them. Kind regards

@altae Hello! When you were connected we verified that the packets are properly forwarded to your node. For what it's worth now you are 100% sure that the server side is properly configured. As an additional test we forced packets to your node address on a wide range of high ports (port scan in TCP and UDP) and they were all filtered. On your side please re-check the firewall rules. Please check when the system is connected to the VPN just in case you run some firewall which changes rule set according to the type of the network the system is connected to. Kind regards

@Penthious Hello! It looks like a problem related to Docker (check configuration) since it disappears when the Docker is re-started. Please note that @altae did not mention Docker, and did not mention that the problem disappears after a reboot, therefore you two should have different problems. Please avoid to hijack threads and feel free to open your own. @altae Please re-check qBittorrent configuration, and in particular make sure that: you start qBittorrent after the VPN connection has been already established the "Tools" > "Preferences" > "Advanced" > "Network interface" combo box is set to the proper VPN interface (if you run WireGuard consider that the interface name changes according to the WireGuard configuration file name) the "Tools" > "Preferences" > "Advanced" > "Optional IP address to bind to" is set to "All IPv4 addresses" (if you set it to "All addresses" you might have some problem on specific versions) Kind regards

@malthusiandrill Hello! We're sorry, we do not develop software for iOS for the reasons explained in the box with yellow background here: https://airvpn.org/ios For your privacy protection purpose it's relevant to remind you that Apple software and system processes in any iOS device, by policy, are always able to bypass the VPN. Kind regards

Hello! How to change DNS settings in Windows: https://www.windowscentral.com/how-change-your-pcs-dns-settings-windows-10 How to change DNS settings in macOS: https://serverguy.com/kb/change-dns-server-settings-mac-os/ For more articles just search the web for "how to change dns settings in <your own OS>". Kind regards

Hello! In this case we have no rational explanation, unfortunately. We will update the thread if we get new, relevant information. In the meantime we would suggest that you try WireGuard. The app we tested is "OpenVPN Connect", which is the only app released by OpenVPN Technologies in the store, we think. It is this one: https://apps.apple.com/us/app/openvpn-connect-openvpn-app/id590379981 can you please check and let us know? Kind regards

@calcu007 Hello! Quite puzzling, as we can't reproduce the problem. Have you also tested with the configuration file for OpenVPN 2.6 "no DCO" we recommended? Kind regards

Hello! Is it 5-10% of a single core or the whole CPU? Can you tell us your Operating System name and version and the Eddie version? Kind regards

@calcu007 Hello! Please use a configuration file generated for OpenVPN 2.6 without DCO and you should resolve the problem. In the Configuration Generator please enable "Advanced" mode and then select "2.6 no-dco" from the "OpenVPN profile" combo box on the right. Generate and import the configuration file as usual. If the workaround doesn't work please consider to switch to WireGuard if possible. Instructions are available here: https://airvpn.org/ios/wireguard/appstore/ You might gain performance as a nice side effect. Can you please tell us the OpenVPN app version you're running? We failed to reproduce the problem with any configuration profile and we run openvpn-connect 3.4.1 linked against Ovpn 3.8.3. Kind regards

@LateStageCap1t4l12m Hello! You can disconnect from the VPN by ordering a disconnection to the program you run to connect to the VPN. For example, if you run Eddie, the Air client software, you may click the "Disconnect" button in the main window or, in the Android edition, the "power" button in the main view. If you run another program please read the manual of that program. If you experience any issue please mention your Operating System name and version as well as the connecting software name and version. Kind regards

New version 2.24.2, primarily containing bug fixes related to the Linux build. [bugfix] [windows] Shortcut .lnk for all users [bugfix] [linux] Fixed a systemd-resolved issue that caused wrong "DNS of the interface x switched to VPN DNS - via systemd-resolved" [bugfix] [linux] An issue with tray-icon at exit [bugfix] [linux] A concurrency issue that caused the application not to close [bugfix] [linux] Dependency to mono-runtime-common (only on .deb packages) [bugfix] [linux] Minor fixes [bugfix] [linux] Arch build in AUR

@ctss36pwwon Hello! OK that's fine, a mistake can be made by anyone and anyway we were genuinely interested in knowing the basis of your allegations, since M247 provides something like 20% of our global bandwidth, which is a remarkable amount. Glad to know that there's no basis, then. Sarcasm is welcome here except when it serves the purpose to write defamation in disguise. Please keep in mind that errare humanum est, perseverare autem diabolicum. Usually we leave the moderation to the community moderators but throughout the years we were forced to chime in for annoying and potential defamatory cases, so we prefer when possible a moderate prevention. Do you have the HN link we asked for, regarding the mega-leak you mentioned? Thank you for your great feedback. Kind regards