Staff

Hello! Currently not, but: https://airvpn.org/forums/topic/63545-new-remote-port-forwarding-system-expansion-with-pools/?do=findComment&comment=239145 However, if you need the same IP address, that option is not relevant for you in this case. Kind regards

Hello! Pool 1 ports are the ports of exit-IP address 1, that's also the exit-IP address of all the traffic except the traffic to pool 2 and its replies. You can always check which is which on your port panel by clicking the Test button of the port you want to check. Kind regards

Hello! Yes, totally correct, at the moment. We do not despise the idea of offering control over exit addresses as well (this is something to be done very carefully, however), we await feedback from the community. Kind regards

Hello! We're very glad to announce a remarkable expansion of our inbound remote port forwarding system aimed at avoiding once and for all the port exhaustion problem. The comfort and the growth problem In the AirVPN "Port Forwarding" service, unlike some of our competitors we grant that assigned ports are not server specific. We also ensure that they remain permanently reserved to an account for as long as any valid plan is active. This unique system offers unparalleled comfort as you don't have to worry about server switches, zone selections and program re-configurations. However, ports are only 65536, because the space reserved for them in a TCP/IP packet header is 2 bytes, and the inconvenience of the great comfort brought by the AirVPN service is that the port exhaustion is nearing as more and more users decide to use the service. A "no compromise" solution Our goal was to avoid port exhaustion while maintaining maximum comfort. We are introducing a new system specifically designed to achieve this goal. Now we allocate not only a port number, but a port number associated with a port pool. For example a port on pool :1 can be assigned to a user, and the same port number in pool :2 can be assigned to another user. Existing assigned port will come from the first pool (:1). Currently we offer two pools, but more pools can be added whenever necessary. With this method, port exhaustion is postponed indefinitely while the comfort of the service is preserved. In the following example you can see the pool (:1, :2 for now) specified right after the port number. The account has port 24860 reserved in both pools. How it works Each Air VPN server sends out clients' VPN traffic through a shared exit IP address. From now on, AirVPN servers feature multiple exit IP addresses, each of which is linked to a specific port pool. Therefore we can determine which pool a port/address is associated with and route traffic accordingly. The implications for AirVPN users and customers The obvious good impact is that port availability increases dramatically. The new system is not difficult at all and extremely similar to the previous one: simply use DDNS (*) names with port forwarding, and not the direct IP address. Your account name(s) based on AirVPN's DDNS will always resolve into the correct server's exit-IP address related to the pool of your assigned port. If you prefer to rely on IP addresses or anyway you don't want to define domain names through AirVPN's DDNS, you can find the correct IP address used by clicking the Test Open button available in your AirVPN account port panel. Please note that this IP address could change over time, so domain names defined by DDNS are a more comfortable solution. There is only a modest caveat (which could be resolved in the future), please see below. Caveat Any setup not involving manual communication on how to connect to a service, as it happens with a p2p program, does not need domain names at all. If a program transmits autonomously how it can be reached (typical examples: some blockchain wallet programs, all torrent programs), at this stage please make sure you forward a port from pool 1 for those programs. For p2p programs that allow manual announcement configuration of the IP address, you can also use pool 2. (*) DDNS is a service offered automatically for free to all accounts and included on every and each AirVPN plan. Kind regards & datalove AirVPN Staff

Hello! The selection mask which opens up when you proceed to import files is the Android selector, not managed by Eddie. When you click the import icon on the VPN PROFILE view Eddie invokes the selector and waits for its answer. We haven't noticed a malfunction in FireOS selector, we will investigate. We will update the thread if we find anything relevant. Kind regards

Hello! Maybe not for the OP as he/she wrote "without leaving AirVPN's network", but in general it could be, provided that the user is fine with Network Lock disabled. With Network Lock engaged, the user wanting to adopt this solution and at same time wanting Network Lock can improve the setup by inserting on top a specific input rule allowing packets to sshd through the physical network interface after Network Lock has been applied (because at the activation the previous rules are flushed). Furthermore, to avoid correlations sshd listening port should not be remotely forwarded by the AirVPN account since incoming connections through the VPN interface wouldn't be needed anymore. Kind regards

Hello! We added the end date on the first post, thanks. Kind regards

Hello! You can rely on inbound remote port forwarding used by the remote server, please see here: https://airvpn.org/faq/port_forwarding/ Configure sshd to listen to the remotely forwarded port, preferably on all interfaces, in order to avoid a potential lock out of remote ssh connections (if the VPN connection is not established, sshd should remain reachable on the server's real IP address), and restart sshd. Please make sure that your devices and the remote server connect to either different VPN servers (simpler solution), or by using different keys, in order to prevent conflicts with remote port forwarding. If you decide to connect different devices to the same VPN server, your remote server's ssh port should be remotely forwarded only for the key used by the remote server itself to connect to the VPN server. If necessary, please see here: https://airvpn.org/forums/topic/26209-how-to-manage-client-certificatekey-pairs/ On the AirVPN account port panel you can link a port to a single specific "device". Kind regards

@Mytob Hello! While we can see multiple problems, none of them seems strictly related to WireGuard. Please re-check configuration through the official guide here: https://help.ui.com/hc/en-us/articles/16357883221015-UniFi-Gateway-WireGuard-VPN-Client and don't forget to set traffic routes to let devices send traffic over the VPN if necessary. If the problem persists, we would suggest you contact Unifi support. If they reply and manage to solve the problem, please let the community know what the problem was: the info can be useful for future Unifi users. Kind regards

@DarkSilver @ipzipzap Hello! What Eddie does is ask Android to open the file selector. The system knows which one the user has associated for this operation. After that it's all delegated to the file browser app. Now, in FireOS by default the file selector is a bleak and depressing file manager that allows you to see only internal files or so. By installing something decent like Cx File Explorer (or your favorite file manager for Android TV) you should be able to resolve the problem at once. Kind regards

@thevesba123 Hello! Please bind qBittorrent to the VPN interface. You can determine its name through Eddie log (click "Log" tab on Eddie's main window) or from Windows' Control Panel, or from the command prompt (type "ipconfig /all" to list all the interfaces). If in doubt please send us a system report generated by Eddie while a VPN connection is active. Please make sure to start qBittorrent only after the VPN connection has been established successfully. From your description, your setup is already correct. Kind regards

Hello! The glitch in the expiration limit is also caused by the grace time automatically offered (maximum 48 hours). The payments are automatic if and only if you picked and authorized a recurring PayPal billing. In this case you can revoke the authorization from inside your PayPal account anytime. Kind regards

Hello! We see two different problems. Please log your account out and in again (from Eddie's main window). Then, please apply the following procedure which should solve the critical problem caused by the alien Veep-VPN interface and wrong Eddie's interface choice: https://airvpn.org/forums/topic/56643-stuck-in-a-broken-route-never-connects/?do=findComment&comment=225323 After the above, both OpenVPN and WireGuard connections should be possible. Kind regards

Hello! We're very glad to announce a special promotion on our long term Premium plans for the end of Summer or Winter, according to the hemisphere you live in.  You can get prices as low as 2.06 €/month with a three years plan, which is a 70% discount when compared to monthly plan price of 7 €. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please verify AirVPN features and check plans special prices on https://airvpn.org and https://airvpn.org/buy All reported discounts are computed against the 7 EUR/month plan. The sale will end on September the 24th (UTC) Kind regards & datalove AirVPN Staff

Hello! Please start from here: https://airvpn.org/faq/p2p/ If you need some additional information on remote inbound port forwarding, read this as well please: https://airvpn.org/faq/port_forwarding/ The service is not Eddie specific, but it's a server side feature not affected by the software a client runs to connect to VPN servers, so we're moving this thread to "Troubleshooting and Problems" forum. Kind regards

In a specific older qBittorrent version (we can't find which exact one at the moment, we're sorry) it was necessary to set "Tools" > "Preferences" > "Advanced" > "Optional IP address to bind to" combo box into "All IPv4 addresses". If it was set to "All IP addresses" the app responded only to IPv6 on FreeBSD systems (we guess on macOS too, therefore). This problem has been fixed at least six months ago, as far as we can see. Kind regards

Hello! Is the Windows system successfully connecting with WireGuard through the same ISP and the same upstream router? If so, the problem should be Unifi specific. Could you please send us the WireGuard log while the problem is ongoing? Can you also make sure that the WireGuard interface is up and running on the USG (please check the interface status by connecting via SSH to the device and entering either wg show or ip addr show command). Also check whether you can ping the VPN gateway directly from the Unifi device during your SSH session on the Unifi (ping 10.128.0.1) while the WireGuard connection is allegedly up. Kind regards

Hello! Please try MTU set to 1280 bytes, if you haven't already done so. Kind regards

Hello! We confirm the problem and we could determine that both the domain name authoritative DNS and the web site block the Taiwan server. Packets get out regularly from the server and from Taiwan but they are black holed by the final destination datacenters. Furthermore the authoritative DNS does not answer to our DNS server in Taiwan (this is a lesser problem as you could resolve the name through some other public DNS or the hosts file). We don't know the reasons of this behavior. If you query Democracy Now and you receive a reply please let us know. In the meantime we can "micro-route" Democracy Now web site from Sulafat, we will examine how to do it soon. Yes, this is in the official ISO-3166 that Eddie uses to find areas names assigned by the United Nations. According to a previous administrative division, Taiwan is the biggest province of the Republic of China (ROC), not to be confused with People's Republic of China (PRC, mainland China). By using Taiwan as the country's name, "Province of China" is also a definition pushed by PRC at all levels (from UN to NGOs) to shape two ideas: that PRC must "re-unify" with Taiwan and that when you say "China" you don't talk about the Republic of China, but about the PRC (even PRC detractors fall prey of this propaganda as we can see from this thread). In this sense ISO-3166-2:TW entry could be seen as a concession to PRC narrative and the PRC can "play" over the ambiguity of the definition. In the next version we may either stay with this one, according to the United Nations status (but see here for some arguments against this), or censor the ISO document itself. A UN spokesperson’s statement in May 2024, reiterating that Taiwan is a province of China (referring to PRC and not ROC according to directly or indirectly PRC controlled media), guided by the General Assembly resolution of 1971 (Resolution 2758), is important to see how much energy PRC spends to affirm the notion that there is only one China and this only China is PRC and not ROC. On the other hand, we have been fighting and circumventing mainland China (PRC) censorship for 14 years, we recognize China (PRC) as a country enemy of the Internet, controlled by a regime hostile to various human rights, and in reality resolution 2758 interpretation may have been distorted by PRC.. Therefore ISO-3166-2:TW unilateral modification to delete "Province of China" is not unreasonable for us. The matter will be discussed. However, to insinuate that the normal software usage of an ISO document to translate or find a country/area name means that AirVPN endorses PRC (or PRC alleged wet dream to invade Taiwan) or that AirVPN fails its mission after all the sacrifices brought on to circumvent censorship in mainland China is offensive to say the least, or not in good faith in the worst case. The very fact that we list the server in Taiwan with Taiwan as a country tells a lot, as today Taiwan is recognized as a country only by 12 countries in the world. Kind regards

Hello! You can download the binaries by clicking the links in the first message of this thread. Kind regards

Hello! The disconnection problem is not a matter we will investigate here (please open a ticket if you want to have the support team look into it or wait for community feedback here). Apparently Bluetit failed to restore the previous DNS settings in your system. The potential problem can be caused by the following bug: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1872015 Now, to restore DNS system settings make sure that Bluetit is not running and set the proper DNS (we recommend Quad9, 9.9.9.9, 149.112.112.112 and 2620:fe::fe) . Then, verify whether the system is affected by the bug: ls -l /etc/resolv.conf If you see that the symlink is relative, such as: lrwxrwxrwx 1 root root [...] /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf then Bluetit can be unable to restore properly DNS (a workaround will be implemented to let Bluetit run properly even in bugged systems). The relative path for a symlink may perhaps make sense in very specific circumstances but in this case it is correctly considered as a bug. If you find that your setup is bugged, fix it simply by entering the commands shown in the quick fix available in the above linked bug report (make sure that Bluetit is NOT running). Verify the content of the directory /etc/airvpn and delete any lock and/or backup file you find there (do not delete other files as they are essential for Bluetit). Start Bluetit, connect to some VPN server, disconnect, shut down Bluetit and verify that the DNS setting have been restored properly. Please feel free to keep us posted. Kind regards

Hello! It's ISO 3166 used by Eddie. It does not necessarily reflect AirVPN management ideas on Taiwan's independence. Quite the contrary, if you consider that AirVPN management now operates a server in Taiwan but always refused to consider servers in mainland China and withdrew servers in Hong Kong before it was clawed back by mainland China. We do understand your complaint even for the reasons explained in this petition https://www.change.org/p/iso-international-organization-for-standardization-correct-taiwan-province-of-china-on-iso-3166-and-change-it-to-taiwan-let-tw-be-taiwan but Eddie Desktop edition considers ISO 3166 in its current code so it takes the current ISO denomination. Kind regards

Hello! Thank you for your tests again. The log shows that IPv6 push is fine and accepted, it shouldn't be a general Eddie 3.2.0 beta 1 issue. If possible, please test Eddie 3.1.0 or 3.0 (stable versions) and tell us whether you see the same problem. Kind regards

Remarkably slower and not more secure but definitely more capable to bypass blocks, that's the key (for the readers, if your ISP doesn't block WireGuard and OpenVPN do not use an additional SSH tunnel). Kind regards

@fruchtenstein Hello! It is not supported by Eddie Android edition, we're sorry. Please see here for manual setup: https://airvpn.org/forums/topic/13486-ssh-tunneled-vpn-on-stock-android/ It is possible that this feature will be implemented in some future Eddie Android edition version, but it is not planned at this very moment. Kind regards