Staff

Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors: active OpenVPN 3 open source development ChaCha20 cipher on OpenVPN Data Channel for higher performance and longer battery life on tablets and smart phones IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high standards for privacy protection no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary crystal clear, easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! Grim regards & datathrills AirVPN Staff

@183aTr78f9o @shaunography Hello! Can you post your Hummingbird log taken just after the problem has occurred? Kind regards

@MyAirVpnDotOrg Hello! From the FAQ answer: It sounds clear, as ports of different nodes (such as your router network interface ports) do not enter into play in the sentence. Maybe you don't know what a port is, hence the confusion, and here we have a problem: if we started to explain networking basics on the FAQ answers, they would risk becoming heavily pedantic and mainly useless.. Check https://en.wikipedia.org/wiki/Port_%28computer_networking%29 Feel free to add your suggestions. Kind regards

@Krebbin Hello! How to sideload and then install an APK in a Sony Bravia TV: https://community.sony.co.uk/t5/android-tv/faq-how-to-sideload-apps-on-android-tvs/td-p/2347365 Eddie APK can be downloaded by following the instructions (link provided in our earlier message: https://airvpn.org/forums/topic/29660-using-airvpn-with-eddie-client-for-android/) Enjoy AirVPN! Kind regards

@Krebbin Hello! Eddie Android edition works just fine in Sony Bravia TVs but you must side load it, after you have downloaded the APK. Once you run Eddie you don't need profiles anymore, or you can have Eddie generate profiles directly in the TV. Check here: https://airvpn.org/forums/topic/29660-using-airvpn-with-eddie-client-for-android/ Kind regards

Hello! We inform you that in the next days server Pisces will change IP addresses. We are upgrading server hardware and in this case IP address change is necessary. Server name, datacenter provider and transit provider will not change. If you run Eddie, the change will be automatically acknowledged. If you use some OpenVPN profile pointing specifically to Pisces, you will need to re-generate it when the switch occurs. Kind regards & datalove AirVPN Staff

Hello! Please check also: https://nguvu.org/pfsense/pfsense-multi-vpn-wan/ Additional ideas, information and detailed instructions to implement pfSense multiple VPN WAN with AirVPN servers, allowing fail-over and load balancing. Kind regards

If you have a proposal of a custom list aimed at blocking domain names, please open a discussion in this forum and provide: Name Description License A raw URL which our system can fetch from periodically in order to build the list It can be either a classic hosts file or a plain list of domain names. In these cases, every domain name is blocked.. Our system can also support a list which returns custom DNS records. Contact us if you want to publish a list of this kind to coordinate with us the file format. Lists that become more huge than 100.000 entries or block domains under our control-list will be automatically disabled. Community lists will be shown in "Lists - Third Party" inside "Client ⇨ DNS" section, opt-in available to AirVPN users. Developers can also obtain lists via "Client ⇨ API" section.

Hello! We are considering to wipe out session archive. Kind regards

@Jamertol  Hello! If a port does not exist there's physically no way to have some host process reached via that port (it seems you don't know what a port is, check it out). It's not a matter of bugs, it's a physical limitation in the code as the host lacks the information to process and assign the packet to any process. That's possible. Can you (or somebody else) make an example showing that the option would be useful and not an over-complication? We can't think of any, but If the reason is good, we can seriously think about adding the option(s). Kind regards

@Jamertol Hello! "VPN Lock" option, which is enabled by default, may be the cause of what you report. It's aimed to preventing traffic leaks outside the VPN tunnel when an unrecoverable connection error occurs. If Eddie allowed automatic re-connection it would also allow potential traffic leaks. You can disable "VPN Lock" in "Settings" and have Eddie re-connect automatically with no human intervention. Note that traffic leaks become possible. The exclusive "VPN Lock" feature is very important in Android 8 and older versions. With any other OpenVPN based application you routinely have traffic leaks. We prefer to offer Eddie Android edition with traffic leaks prevention enabled by default at the moment. In Android 9 and 10 you can prevent traffic leaks through system settings. When traffic leaks are prevented by the system, "VPN Lock" option becomes useless and even uncomfortable for the reason you mention. Once you have enabled traffic leaks prevention in system settings, you can disable "VPN Lock" option safely and have Eddie re-connect automatically (no user's action is required) with no traffic leaks at all. Kind regards

@giganerd You often have a price per star. We don't know about a price per mouse/tree or whatever With them, we have had absolutely no request (otherwise you would not have seen the review, as you know we don't pay for bogus reviews). The journalist even contacted us to inquire and clarify various points, some weeks ago. This is a problem of ours which we need to face. You CAN enter a non-existent e-mail address, but you can NOT enter nothing. You can not even enter a bogus address if you don't include a "@" and a dot in the chars after the @. So noneofyourbusiness@mindyourbusiness is not accepted, but nonefoyourbusiness@mind.yourownbusiness is. So, the conclusion of the journalist is trivially wrong in this case, but we were complicit to make him reach the wrong conclusion, our bad. Kind regards

@curhen57 Just a quick preamble to make you notice that Italy is not one of the "Five Eyes countries". However it is one of the Fourteen Eyes country. It's not very relevant when servers are not based in Italy (but, like any other VPN service, we do operate or own servers even in the USA, the apparent champions of illegal wiretapping!). Remember that, no matter how powerful an entity is, it can't get data that we don't have. So do not enter personal data in your VPN account, pay with anonymous methods (we accept Monero too and without intermediaries!) and so on and so forth. We guess we are the only VPN service in the world that accepts many different cryptocurrencies without intermediaries. An intermediary can crumble all the privacy and anonymity layer of a cryptocurrency transaction nowadays: most cc payment processors now collect your data and many do not even allow transactions if you don't send them an ID document etc. The majority of Tor nodes are in the Fourteen Eyes countries too. We have written a lot on how to defeat a powerful adversary (in short: jump to Tor not from your node, but from a VPN server located in a country different than the one you are living in), but of course if you are a specific target the easy way for the powerful adversary is breaking your own system, so that any encryption and all that jazz become irrelevant. It's hilarious (or maybe sad) that a lot of people worry about intelligence data exchange and co-operation while they use routinely and with peace of mind Windows, Mac, Android, iOS or some archaic Linux distribution! About NordVPN mining personal data, we were aware that they implemented several trackers usage in their Android application which collected personal information and sent it out to third parties without your consent in the past, are you aware of anything else about data mining issue with them? AirVPN is the oldest VPN around (between the mainstream ones) operating since 2010 (and at least an AirVPN founder had experience with VPN and Tor since late 90ies). During these 10 years, can you mention about AirVPN a single case of identity disclosure imputable to AirVPN logging or storing personal information? There are cases for various "no logging" VPNs around, but we challenge you to find one about AirVPN. About local data mining (enforced by many VPN software, unfortunately, what a shame) can you find any line of code in our software (it's open source, so anyone can check), now or in the past, aimed at sending personal information to ourselves or any third party? Kind regards

@curhen57 Hello! Combining Tor over OpenVPN provides you with remarkable benefits. Some examples: you tunnel efficiently UDP, which Tor alone can't handle you tunnel at least over the VPN any system process with high privileges binding without your knowledge you hide your Tor traffic to your ISP and government (really relevant but only in some countries) you exit from the VPN server to enter a Tor circuit (Tor circuits are re-built normally, the fixed circuit problem is relevant in OpenVPN over Tor) you can split traffic to balance load, aggregate bandwidth etc. you can use protocols which are not welcome, not recommended, not usable or too sluggish on Tor network (one example on the next point) you can use BitTorrent (and any other software which behaves similarly or relies on STUN) without risking your real IP address is revealed, as it may happen (and it happened) with Tor alone https://blog.torproject.org/bittorrent-over-tor-isnt-good-idea?page=0 This is false with Tor over OpenVPN for very obvious reasons (speaking of which, if it was true then the correlation would be absolutely identical and successful with your ISP IP address!). With OpenVPN over Tor of course you have a fixed circuit because Tor does not change circuit for the same TCP stream and that's an issue to seriously consider. Therefore OpenVPN over Tor may be a starting point to use Tor over itself and establish "dynamic" circuits (a new one for each stream) over a VPN tunnel over a fixed Tor circuit. In this way you have all the advantages given by Tor while our VPN servers do not come to know neither your real IP address nor your real traffic origin and destination (the price to pay is another performance hit). Anyway use it only if you understand perfectly what you are doing, otherwise rely on Tor over OpenVPN and forget about OpenVPN over Tor. That's the most astonishing thing since sliced bread. 😱 Anyway it is exactly what would happen after a Tor exit node, or after your ISP nearest DSLAM, just to say, if you hadn't end-to-end encryption. The external, first encryption layer of Tor or OpenVPN or your router MUST be wiped out, otherwise how would the final recipient understand your data? By the way HTTP is disappearing so it does not apply much to web traffic. We think that nowadays lack of end-to-end encryption should not be tolerated, and actually we see important steps toward that. That said, we strongly support Tor (during 2018 and 2019, more than 2.5% of the global worldwide Tor traffic transited through exit-nodes financed by us) and we recommend to use it with and without VPN. Tor network access remains totally free for anyone especially thanks to those people who run at their expenses (money, time, legal issues) Tor exit nodes, just like AirVPN staff does. Kind regards

@hydrotux Yes, but some services restrict streaming to IP addresses assigned to residential ISPs. Any IP address, even geo-located in Italy, not assigned to some residential ISP is treated as a foreign address. That said, RAI programs are perfectly accessible from all of our VPN servers. Kind regards

Problem resolved in Eddie 2.18 and higher versions. Kind regards

@Flx No reboots have been recorded and no daemons have been restarted. However some Amanah servers have suffered a line blackout at ~ 3.30 AM (UTC) for several minutes. We also see that the problem was sorted out just before 4 AM. During the blackout they could not communicate at all. It might be the problem you mention. Check the real time server monitor and when you mention time remember to specify time zone. No communications from Amanah so far. Kind regards

@Flx You can check anytime the issue history of each server in the real time server monitor by clicking a server's name. We think no peculiar problems affected our servers in Amanah at the time you mention but check yourself. https://airvpn.org/status Kind regards

@NLVPN Hello! Also consider that you can have robust load balancing with a pfSense (and in general *BSD) box and AirVPN: https://nguvu.org/pfsense/pfsense-multi-vpn-wan/ Kind regards

@Maggie144 Hello! Eddie development will be re-opened soon, to align Edie with latest AirVPN library, improve general usability and comply to the future November 2020 Google requirements. Kind regards

Hello! Eddie's guides have been moved to the FAQ answers which in turn point here: https://eddie.website FAQ section is linked in the web site top menu and in the welcome e-mail (but of course it's not mandatory to enter a valid e-mail address, so if you did not you have not received the welcome e-mail). Another guide which you might find useful is the one linked in our welcome e-mail. It's the first, pinned guide in the How-To section: https://airvpn.org/forums/topic/18339-guide-to-getting-started-links-for-advanced-users/ 1. The welcome e-mail and the guide both stress the purpose and the importance of Network Lock. In general yes, we would recommend to activate Network Lock, but actually some special cases may require its de-activation, or its partial activation. About servers selection, that's up to you. If you leave the choice to Eddie, it will do its best to pick a good server. for your node, according to the rule you will find in above documentation. As usual, a human choice can be more fine tuned. 2. It should do so when you minimize the window, except in desktop environments where system tray and tray icons are not supported. What is your system? 3. In all systems except Windows sockets are reset when the default gateway changes. In Windows, which is insecure by design, you should take care to start applications after you have established a VPN connection, unless you run Eddie with Network Lock enabled, which will block any possible traffic leak outside the tunnel. 4. If Network Lock is enabled, you will know immediately. :) Otherwise a manual check is required, by browsing on https://airvpn.org home page for example. Kind regards

Hello! Probably the least difficult solution is using a Virtual Machine. Connect the host to a VPN server over Tor (OpenVPN over Tor). Then run a VM and attach the VM to the host via NAT (very important to achieve your purpose). Connect the VM to a different VPN server. Use your VM only to connect to the final services on the Internet. Traffic from the VM will be tunneled over OpenVPN over Tor over OpenVPN. The final services will not see a Tor exit-node IP address (instead they will see VPN server exit-IP address), while your ISP will not see that you connect to a VPN or that you run OpenVPN, it will see that you're using Tor. Things to consider carefully: if VPN traffic is "problematic" for your ISP or country, probably Tor traffic will be even more "problematic" performance will be hit seriously Kind regards

Hello and thank you! Can you please check the URL? The FQDN does not exist at the moment. https://isitup.org/pluzz.france.tv $ drill @8.8.8.8 pluzz.france.tv ;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 23313 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;; pluzz.france.tv. IN A ;; ANSWER SECTION: ;; AUTHORITY SECTION: france.tv. 1799 IN SOA a3-66.akam.net. hostmaster.akamai.com. 1560960371 43200 7200 604800 7200 ;; ADDITIONAL SECTION: ;; Query time: 60 msec ;; SERVER: 8.8.8.8 ;; WHEN: Tue Sep 1 14:25:13 2020 ;; MSG SIZE rcvd: 104 Kind regards

@giganerd Yes, NL servers in Alblasserdam (i.e all of them) are connected to AMS-IX with 40 Gbit/s. The IANA database (for the readers: this is the only database that counts because https://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority) is also correct, entries of NL servers IP addresses show the Netherlands, without changes since 2016 (so there is apparently no explanation for such gross errors in poorly maintained databases? puzzling). If you find errors in whois please warn us. Example: $ whois 109.202.107.14 % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object refer: whois.ripe.net inetnum: 109.0.0.0 - 109.255.255.255 organisation: RIPE NCC status: ALLOCATED whois: whois.ripe.net changed: 2009-01 source: IANA # whois.ripe.net inetnum: 109.202.104.0 - 109.202.107.255 netname: GLOBALLAYER descr: Global Layer network country: NL admin-c: GL6540-RIPE tech-c: GL6540-RIPE remarks: INFRA-AW status: ASSIGNED PA mnt-by: GLOBALLAYER created: 2013-04-08T16:29:12Z last-modified: 2016-03-29T20:47:41Z source: RIPE person: Global Layer address: Postbus 190 address: 2950AD Alblasserdam address: Netherlands phone: +31 78 20 20 228 nic-hdl: GL6540-RIPE mnt-by: GLOBALLAYER created: 2011-08-04T20:36:25Z last-modified: 2017-10-30T22:14:45Z source: RIPE % Information related to '109.202.107.0/24AS49453' route: 109.202.107.0/24 descr: Global Layer network origin: AS49453 mnt-by: GLOBALLAYER created: 2016-03-17T11:39:02Z last-modified: 2016-03-17T11:39:02Z source: RIPE % This query was served by the RIPE Database Query Service version 1.97.2 (HEREFORD) Kind regards

Thank you! As a small addition to your kind words, for you and all the readers interested in practical examples to set up permanent Network Lock rules with nft and MUCH more, you can: observe rules while Hummingbird is connected to some VPN server with network lock set to "nftables" mode examine the Bourne Again Shell scripts by @nwlyoc (yes, again 👏 ) https://airvpn.org/forums/topic/46717-interactive-wrapper-for-hummingbird-with-boot-script-and-default-network-lock/ Kind regards