Staff

@waterfall Hello! Can you please confirm that after you followed AppleCare recommendations the problem got resolved? Thanks in advance! Kind regards

@lex.luthor Hello! Do you mean that AAAA resolution is attempted even when IPv6 is off? Please publish the log generated with the new settings. Kind regards

@pnnl Hello! You can now connect to port 47107 too, on all servers. WireGuard testing on server side can be considered successfully complete. We will probably advertise WireGuard support as a stable one when Eddie 2.21 is released (currently it's in beta testing). Kind regards

Hello! That's correct and expected because Network Lock does not and must not block communications with your router, otherwise your system would be completely isolated from the network. Please note that while a connection is active, your system can't query the router DNS server, because Bluetit sets VPN DNS (provided that you do not disable this feature) - and actually you need to specify in dig a specific address. It's up to you to prevent such situation when the VPN connection is not active. The "problem" is that your system gateway address is also your system DNS server address. Act accordingly by configuring properly DNS settings of either your system, your router or both. Network Lock might make an effort to prevent some communications with your router by blocking destination port 53 to your router. That's however a questionable solution and currently it's not adopted, maybe we could implement it as an option in the future. Anyway it would not work in Hummingbird but only in Bluetit, given the different network lock and persistent network lock: logic when Hummingbird drops the connection, it cancels Network Lock, while Bluetit does not, when persistent Network Lock is enabled (consider to enable it anyway). Kind regards

@lex.luthor Hello! Nov 24 11:12:45 betelgeuse bluetit: WARNING: Cannot resolve nl3.ipv6.vpn.airdns.org (Temporary failure in name resolution) Apparently your local DNS has problems with AAAA. Try to connect in IPv4 by re-setting "airipv6" to off (default value) in bluetit.rc. If your ISP does not support IPv6, you can anyway tunnel IPv6 over IPv4 (set "air6to4" to on). Kind regards

Hello! We're very glad to inform you that the Black Friday week has just begun in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership, it was never sold out to data harvesting or malware specialized companies as it regrettably happened to most competitors. AirVPN does not inspect and/or log client traffic, and offers: five simultaneous connections per account IPv6 full support AES-GCM and ChaCha20 OpenVPN ciphers on all servers WireGuard support on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard even more, exclusive features, such as DNS customizable and flexible block lists to neutralize sources of ads, spam, trackers etc. AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 113 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Kind regards & datalove AirVPN Staff

Hello! It doesn't sound right but from your description it might be some cached page. Hummingbird enables Network Lock by default so everything should be fine (provided you did not disable Network Lock manually) but to stay on the safe side please open a ticket for a cross-check (it's off topic here). Kind regards

Hello! You are correct. Furthermore, OpenVPN runs in a single thread of a single core, so we need to run multiple instances (one per virtual CPU) to get more performance at server level (of course a client remains connected to the same instance during the whole session life), while WireGuard scales well. We will not publish at the moment meaningful statistics, unfortunately, because our servers run at the same time multiple OpenVPN instances and WireGuard, and clients connect in a wide mixture of modes. Any data set would not have relevance or reliability. Kind regards

We don't see how any assessment of any kind would make any difference when NSA has inner access to Google infrastructure, as we all know since 2013 when the PRISM program, revealed by the documents leaked by Snowden, provided proof of that. On top, of course, of all the ties between Google, the CIA and the State Department disclosed by Wikileaks (check also Julian Assange's "When Google met Wikileaks" and the excerpt https://wikileaks.org/google-is-not-what-it-seems/). Kind regards

@Zebby Warning points are not there. Other than that, usual netiquette applies. Kind regards

Hello! We're glad to inform you that OISD full and extra lists are now available. Kind regards

@postergus Hello! Thank you for your great feedback! Goldcrest offers the option to drive Bluetit with a fine grained access control (typically to any user in the group airvpn), instead of having to gain root privileges. It's a paramount security enhancement which is not underestimated by any serious UNIX administrator. About the competition for DNS settings between Bluetit, systemd-resolved and Network Manager, there is no easy solution to implement in Bluetit, as each of the hundreds Linux distributions may work differently. Furthermore it would be probably dangerous (if possible at all) that Bluetit tried to block DNS operations by root processes or other daemons. Just to say, systemd-resolved alone has several working modes: modes which bypass resolv.conf file and modes which don't. It's plausible that the best course of action is that each system administrator, according to her or his needs as well as system status, performs a fine-tuning. Kind regards

Hello! A message from the dev: in the next Eddie release a command line flag "-nosplash" will be added to skip the splash window. Kind regards

@XV-8774 Hello! We have detected the same problem on a few Samsung devices running Android 10 and 11. Although the cause of the lack of "traffic-through" is currently unknown, (and we don't know why only certain Samsung devices are affected) we verified that Eddie 2.5 alpha 3 resolves the problem. Please see here to download the apk (you need to uninstall Eddie 2.4 first, and then side-load Eddie 2.5 alpha 3): https://airvpn.org/forums/topic/49705-eddie-android-edition-25-alpha-is-available/ Eddie 2.5 beta 1 public availability is imminent, currently we are testing it internally. Please let us know whether Eddie 2.5 resolves the problem for you too. Kind regards

Hello! To help us troubleshooting DNS block list issues with WireGuard, please activate at your convenience the DNS List "Air ADV", and try from terminal (Linux and macOS) # dig ad-delivery.net @10.128.0.1 or in Windows # nslookup ad-delivery.net 10.128.0.1 Then publish the output. Kind regards

Indeed! Express is a filthy enemy of AirVPN mission and a threat to its own customers. https://english.almayadeen.net/articles/analysis/exclusive:-expressvpn-insider-tells-all-on-companys-israelua https://twitter.com/Snowden/status/1438291654239215619 Kind regards

Hello! The issue is unexpected and not deliberate, we will investigate. In the meantime, please do not attach files, just copy and paste text into your message. In particular, do not send screenshots which in many cases are useless and cause only a waste of time for obvious reasons. Should attaching screenshots be absolutely unavoidable, attach them to an e-mail to support@airvpn.org Kind regards

Thank you, we're very glad to know it. We have not changed anything on our side so the cause of the problem remains unknown. If it wasn't on your side, the problem might re-appear. Open a ticket if it does to let us investigate more properly. Kind regards

@autone Hello! Can you confirm that remote inbound port forwarding works as expected even in WireGuard subnets? Kind regards

@C205Veltro Hello! Probably it's not a connectivity issue because you could connect to the VPN, but a DNS problem. Please check your DNS settings and make sure that publicly available DNS server addresses are set. Good choices we recommend are OpenNIC https://www.opennic.org and Quad 9 (9.9.9.9). Instructions if necessary to change DNS in macOS: https://serverguy.com/kb/change-dns-server-settings-mac-os/ Kind regards

@Zebby Hello! The forum for the community is moderated and moderators can warn an account with points for posts infringing community forum policy. Kind regards

Hello! We're glad to inform you that Eddie 2.5 Alpha 3 is now available. It includes the ability to start and connect during bootstrap (if Master Password is disabled) according to a priority list which includes automatic choice, your defined country and your defined server, on top of the usual ability to start and connect at bootstrap via a profile. The feature is available in Android versions from 5.1 to 12, and in Android TV versions from 5.1 to 9. The feature is lost in Android TV 10 and 11 due to unavailable operations on Android systems lacking "Always on VPN" option. Eddie 2.5 Alpha 3 is now linked against OpenSSL 1.1.1l and also features several bug fixes, including bugs reported in this thread. The first post has been updated to show the correct URL of the latest apk and its checksum. Please keep testing and report malfunctions and bugs, thank you in advance! Kind regards

@spinmaster Hello! It's a bug in the Configuration Generator coming from the times when the name earth3.airvpn.org existed. Now it doesn't exist anymore. Please modify it into earth3.vpn.airdns.org or earth3.all.vpn.airdns.org. The first name resolves into the entry-IP address 3 of the "best" Earth server, the latter into entry-IP addresses 3 of all VPN servers. We will fix the bug, in the meantime you can simply edit with any text editor your ovpn file. Thank you for having found and pointed the bug out. Kind regards

@monstrocity Hello! That's irrelevant for the problem @autone mentioned. Regardless of the tunnel transport layerl, inbound packet forwarding must work both with TCP and UDP, and both with WireGuard and OpenVPN. The fact that you can't use WireGuard is related to a possible UDP block but has nothing to do with the packet forwarding problem inside the tunnel experienced by @autone with WireGuard only. We invite @autone to open a ticket if the problem persists. In this way we can check in real time what happens with packet forwarding. Kind regards

@msbntt @OpenSourcerer Hello! Investigation on this case and a few similar ones will start soon. It's a rare issue as far as we can see and it's confirmed. @msbntt Please try now. If you still can't connect we will compensate the fact that you can't access the service until the problem is resolved. If you have urgent need to connect and still you can't now, please open a ticket and we will give you a disposable account for the time being necessary to resolve the bug. Kind regards