Staff

@arteryshelby @ZPKZ Hello! Stay tuned, infrastructure expansion will go on. Kind regards

@hisik22091 Hello! Yes, please run Tor and use a Tor browser after you have connected to some VPN server when your threat model includes adversaries with the power of a government agency using legal or illegal tools in Europe. It's very important to not underestimate such risks, regardless of the documentation you're able to provide to substantiate any sentence and word, as even European countries have shown that they can infringe human rights with impunity: consider UK torturing a journalist (Julian Assange) for a long time and infringing other human rights, in spite of the United Nations reports, just to make an example. We use different entry and exit-IP addresses on VPN servers, but that's a weak defense against a government which can infer which exit-IP address is related to which entry-IP addresses. Unfortunately Wikipedia tends to block editing from a lot of Tor nodes,. a terrible and idiotic choice in our opinion, especially when anyone can see which IP address an edit was made from (or can obtain it through a court order). For a solution in such a case, keep reading. Note anyway that a government that performs such a correlation does not obtain a PROOF that someone wrote something, because they can't know from us which users were connected to which VPN servers at any given time, as we do not inspect and/or log traffic content and/or metadata. Also check what we wrote in 2013 about the importance of partition of trust: https://airvpn.org/forums/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745 If you find editing Wikipedia articles from Tor nodes diffiicult, you can consider OpenVPN over Tor. It's not as secure because the Tor circuit is fixed (it will not change at each new TCP stream), and it's not as easy to use as Tor over OpenVPN is, but it poses a probably impossible challenge for a government to find out the identity of the author. Wikipedia sees and records the VPN server exit-IP address, but your government does not see that you connected to that VPN server address, because your traffic goes through some Tor circuit first. Only the Tor exit-node knows that the traffic ends to our VPN server entry-IP address, but the Tor exit-node does not know your real IP address, because you connect OpenVPN to the first Tor guard. The correlation you fear is therefore destroyed. OpenVPN over Tor usage is made easier by our Eddie desktop edition software. Kind regards

@Point Zero Hello! Probably it had nothing to do with Eddie itself then, but with the system. Eddie frontend runs in the Mono (.NET in Microsoft systems) framework, while the backend is written in C++. What is your Operating System exact version? To wipe out anything Eddie-related, just delete the directory it is inside, if you use a portable package, while you need to uninstall according to your system (just like you do with any app) if you had installing package., Then delete Eddie configuration file as above. Kind regards

@airvpnclient Hello! Indeed. Let's try to reproduce it. Which system do you run? Kind regards

Check also https://airvpn.org/forums/topic/48234-speedtest-comparison/ in order to verify what you can expect from AirVPN best performance. Kind regards

Hello! Momentarily, in London please connect to Arion, where the problem is resolved, thank you. Kind regards

@airvpnclient Hello! An easier way will be available soon, in the next version, which will support a specific option to have Bluetit connect during the bootstrap (you will need bluetit.rc properly configured with your AirVPN credentials). As a first attempt, can you please change your account password into one which only contains ASCII characters in [a-z} U [A-Z} U [0-9]? We ask you to do that because the only difference we can currently spot is that in one case rc.local is launched by init, while in the other one it is launched by a shell which might have a different character set. By using only ASCII characters such a problem would be solved. We are looking forward to hearing from you. Kind regards

@freak Hello! Try to use wintun (another driver for tun-like virtual network interfaces) as you might have a bottleneck caused by the TAP driver. Eddie 2.19.6 for Windows is packaged with OpenVPN 2.5 and they both support wintun, you can enable it with a click. See here to download Eddie 2.19.6: https://airvpn.org/forums/topic/46329-eddie-desktop-219beta-released/ Kind regards

Hello! Moving to "Troubleshooting and problems" because AirVPN is much faster than NordVPN with the same transit providers, we guess because NordVPN does not have our load balancing system (on the single server we mean) and NordVPN servers are congested at times. Using Wireguard by default also slows down NordVPN if your system supports AES-NI. Also consider to open a ticket if necessary. Kind regards

@govegan3 Thank you for the report! In order to let us try and reproduce the issue, can you determine more precisely and tell us the "long time" you mention? Can you also tell us your distribution name and version? Kind regards

Hello! Please open a ticket at your earliest convenience: AirVPN community can't help you with this, you need the support team.You can open a ticket from the web site or by writing and e-mail to support@airvpn.org Kind regards

@john roberts Hello! If you run Bluetit and Goldcrest, you don't need to create an exception in SELinux, because Bluetit is a daemon. Bluetit will start at boot, and you can connect your system to the VPN by running Goldcrest at the end of system runlevel, or subsequently from any user belonging to airvpn group. If you run Hummingbird and you want to start it at system bootstrap with nft based Network Lock enabled you should create an exception in SELinux, but such a solution should be discarded, as Hummingbird is not designed to be a daemon. Therefore, using Hummingbird as a systemd unit is deprecated. We would suggest that you run Bluetit and Goldcrest instead. NOTE: if you need to prevent any communication outside the VPN tunnel even during the system bootstrap by system processes, you can consider to set permanent firewall rules blocking anything except DHCP discovery (essential to connect to a router), local network and localhost, as well as some ntp server if you need time sync at boot (no battery etc.). "Network Lock" will then "unlock" communications to the VPN servers and your local network allowing you to connect to a VPN server with no time pressure at all. As long as network lock is disabled, total lock will remain in place. As soon as network lock is enabled, only comms to the VPN servers become possible. Kind regards

@RameshK Hello! Can you please make sure that you have downloaded the "pre-Catalina" notarized 2.19.6 version? If in doubt, please re-download (of course you can download the packages as many times as you wish). We are looking forward to hearing from you. Kind regards

Hello! Sure, porting our software to ARM based Mac machines is an option we are seriously considering because during 2021 (and maybe 2022) Mac Apple will abandon development of x86-64 based computers completely. Stay tuned. Kind regards

Hello! Through round trip times differences, discernment between geographically near locations of servers whose traffic is served by the same transit provider is very hard or not possible, because the deviation may remain inside the range of the experimental error. Anyway if you want to try, use mtr, gather a sufficiently vast set of experimental data and process it according to what statistics teaches. Tests with YouTube mean literally nothing for obvious reasons. M247 operates servers in co-owned datacenters and not. Server locations are correct to the best of our knowledge, according to M247 claims and consistent with technical verification. M247 servers in Phoenix operated by us are located in Phoenix, in the following Cogent datacenter: https://www.cogentco.com/en/cogent-phoenix Bootes (Phoenix) IP addresses are in 193.37.254.0/24, a block property of M247 (AS9009) and employed in Cogent above mentioned datacenter. https://ipinfo.io/AS9009/193.37.254.0/24 You can verify via mtr the last replying hops and check the different final route with M247 servers in Los Angeles (Teegarden,. Grrombridge). Normally traffic in Phoenix is served by Cogent while in Los Angeles mainly by NTT. Disclaimer: IX location where the provider has a POP may not match datacenter location, for example our servers in Alblasserdam (NL) are in Alblasserdam but have direct lines to AMS-IX, which is in Amsterdam. We report anyway Alblasserdam as it is the town where the servers and its high volume router(s) physically are. Kind regards

@pjnsmb Hello! Yes, it runs fine in Debian stable releases. Momentarily, problems occurring in unstable distributions are not addressed, but that does not mean that they won't be addressed in the future. Furthermore, it is also possible that problems get resolved in time, while unstable distribution bugs are resolved. Kind regards

@krytellan Hello! Eddie 2.12.4 is very old and is packaged with and linked against software which does not support anymore the new encryption requirements by AirVPN. Please upgrade and the problem should be resolved. NOTE: Windows 7 is an abandoned system and latest Eddie versions are no more tested in Windows 7. If you experience issues with latest Eddie release, please run Eddie 2.16.3. To download Eddie 2.16.3: browse https://airvpn.org/windows click "Other versions" click "2.16.3": you will be brought back to the download page, pointing this time to Eddie 2.16.3 select the correct system Windows 7 select the correct architecture (32 bit or 64 bit, please check) download and install as usual Kind regards

@fkeriviavcxjhvjke Hello! You have three options. 1) Run AirVPN Suite 1.0.0. It will take care properly of DNS push even when systemd-resolved is configured to work in on-link mode bypassing resolv..conf and even when it works together with network-manager. Tested successfully under new Fedora 33 default settings. The suite is free and open source software by AirVPN, based also on a robust client-daemon architecture, and offers Network Lock (for traffic leaks prevention) which works fine even in Fedora 33. See here: https://airvpn.org/forums/topic/48435-linux-new-software-airvpn-suite-10-beta/ 2) Disable systemd-resolved and re-create /etc/resolv.conf file to work with global DNS as usual, instead of the questionable and dangerous per-link basis mode. After that, you can either run AirVPN Suite 1.0.0, OpenVPN with update-resolv-conf script, or Eddie. Eddie is a free and open source software by AirVPN with a GUI running in Mono. Only when systemd-resolved is disabled or re-configured to respect /etc/resolv.conf, can Eddie be used in Fedora 33. If you choose to run OpenVPN directly, remember that OpenVPN does not handle DNS push on Linux on the client side, so use the mentioned script. Please see here: https://airvpn.org/forums/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/ 3) Not recommended. Run OpenVPN with script update-resolved-systemd. Again see https://airvpn.org/forums/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/ Kind regards

@dibble Hello! Eddie is compiled for x86-64. If you're running an ARM based Mac, you should run Eddie in Rosetta 2, can you please check? We have some reports according to which Eddie runs fine in Rosetta 2, and other reports claiming that Eddie freezes. Please send us your report as well. Kind regards

@Point Zero Hello! Try to delete the default.profile file. It's Eddie configuration file. You can find its location by reading the first Eddie log entries. Make sure that Eddie is not running, then delete the file, finally re-start Eddie and check whether the problem is resolved. Eddie will re-create a profile with default settings. Note that you will need to re-enter your AirVPN credentials and custom settings. Kind regards

@colorman Hello! That's great, thank you! Case dismissed. Kind regards

@colorman Hello! Can you please upgrade to 1.0.0 RC 1? Check the links in this thread first message. Also, can you please clarify which version did not have this problem in your machine? You're still running Bluetit version 1.0.0 beta 1... after that, beta 2, beta 3 and RC 1 have come out. Feel free to elaborate. Anyway, you're running Bluetit beta 1 and Goldcrest beta 3. Goldcrest beta 3 expects new messages (D-Bus comms have been improved with beta 3), that did not exist in Bluetit beta 1. Jump directly to RC 1 (both Bluetit and Goldcrest, important) and check what happens, thanks! We are looking forward to hearing from you. Kind regards

@colorman Hello! Can you please send us Bleutit log taken after the shell does not give you back the prompt when you stop Goldcrest with CTRL-C, and when you get the DBusConnectorException: DBusConnector: not primary owner (2) error? In both cases, from a terminal: sudo journalctl | grep bluetit Thank you in advance. Kind regards

@misam We see, thank you. You can delete that file and then run Hummingbird. Fixes will be implemented in the next AirVPN-Suite release or release candidate (stay tuned in the AirVPN Suite thread after Christmas). https://airvpn.org/forums/topic/48435-linux-new-software-airvpn-suite-10-beta/ Kind regards

@OpenSourcerer Hello! The following line is puzzling as we can't reproduce it: 2020-12-24 11:34:06 ERROR: Key "My Key" does not exist for user opensourcerer unless of course you typed \"My\ Key\" which is not the case, we guess. Very puzzling indeed. Can you send us the content of your IFS variable, just in case, and make sure to run Goldcrest from the very same account you print IFS content from (running Goldcrest as root is unnecessary and deprecated anyway)? Maybe it will help shed some light. od -abc <<<"$IFS" We are looking forward to hearing from you. Kind regards