Staff

Hello!

We're very glad to announce that Eddie Android edition 4.0.0 beta 2 is now available. 
 
New: how to use Eddie in network where the "bootstrap" servers can not be reached
Eddie downloads user and infrastructure data, essential to use the service, from special "bootstrap servers" through an encrypted flow inside HTTP. If the bootstrap servers are blocked or the underlying protocol to port 80 is filtered out, Eddie is unable to proceed. Starting from Eddie 4 beta 2 version, the ability to retrieve such data locally has been added. Whenever bootstrap servers are unreachable, Eddie can read the latest available local data to connect to a VPN server. Once connected the bootstrap servers are again reachable and the local data are immediately updated for future usage. The local data remain valid as long as you don't need to change user.

On top of all of the above, Eddie can now retrieve such data through the login procedure that now can be started even when a connection to a VPN server was previously established via a profile. Therefore, when you are in a restrictive network that blocks access to bootstrap servers, you can connect through a profile generated by AirVPN web site Configuration Generator. After this first connection, log your account in to the service by selecting the specific option on the left pane, enter your AirVPN account credentials as usual and make sure that Remember me checkbox is ticked: Eddie will download all the necessary files and store them locally.

This procedure is "once and for all", at least as long as you don't need to change account. After this initial connection, Eddie will be able to log your account in to the infrastructure, retrieve servers data and establish connections without profiles and without bootstrap servers, offering again full AirVPN integration even when bootstrap servers are unreachable. Only If you change account you must repeat the procedure.
New: "Open with..." option added to "Share" option
Different Android versions allow management of files with different restrictions. Different apps may support different intents on specific Android versions. To enlarge total compatibility, now Eddie offers two different options to export and manage files, including generated profiles. You will find the usual "Share" option coupled with a new "Open with..." option. Some apps support only one intent, other apps only specific intents on specific Android versions, and so on. By adding this option Eddie enlarges considerably the amount of apps you will be able to open and/or share files with.
New: AmneziaWG parameters range validity
AmneziaWG parameter range validity has been documented in three different ways (official web site, GitHub documentation files, and developers comment) and the web site documentation that it's still official is in reality not aligned with the source code. The new parameters range validation adopted by Eddie 4.0.0 beta 2 is based now on GitHub latest documentation integrated by source code analysis.

The original message of this thread has been updated accordingly. You will find on it the new download link and checksum, as well as detailed Amnezia description.

If you decide to test, please report at your convenience any bug and problem in this thread. If possible generate a report from the app in a matter of seconds: by tapping the paper plane icon on the Log view bar rightmost side you will generate a full system report which will include both log and logcat and have it sent to our servers. Then you just need to send us the link the app shows you (open a ticket if you prefer to do it in private).

Kind regards & datalove
AirVPN Staff
 

Hello!

We had a similar project that is now temporarily frozen for good reasons: in real life the ability of the "AI"s to guess successfully the real destination from analysis of the VPN tunnel traffic is poor (the excellent success rates you see are achieved only in a controlled environment where the victim visits only destinations pre-determined from a tiny list) AmneziaWG is quickly becoming (*) a more universal approach that may be effective and that does not require our own proprietary solution, provided that constant rate tunnel, deterministic batching and traffic morphing are not required -- safe assumptions as DAITA doesn't aim at obtaining them
(*) While early AmneziaWG releases could "only" add junk packets during handshakes, making it not suitable to replace DAITA, AmneziaWG latest release is also capable to perform padding of transport messages and modification of their header range. 

It can do all of the above, optionally, over a faithful imitation of a different protocol (any protocol that can be built on UDP), including specific HTTP/3 web sites initial flow mimicry. 

While these options efficacy in fighting AI guided traffic analysis must be verified in a controlled environment when AI abilities will improve, and in spite of the fact that AmneziaWG currently lacks the important active distortion feature that DAITA offers, together with reason 1 they are sufficient to let us prioritize AmneziaWG support in the infrastructure and our software, and freeze proprietary solutions research.

Once AmneziaWG is operating in the whole infrastructure, it may be considered whether adding active distortion to match this DAITA feature, or anyway building additional features to outperform DAITA (on top of the many already available in Amnezia and not from scratch), is worth the effort or not.

Kind regards
 

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

@3x3x3

Hello!

Assuming that the notices are genuine, we need to remind you that VPN usage must be compliant to the relevant legal framework of the country the VPN server is in.

With all of the above said, you must make sure you do not suffer traffic leaks outside the VPN tunnel. If you run AirVPN software, this is easily achieved by activating Network Lock which is also active by default during connections (opt out). You also must make sure that you don't start the torrent software before you have connected to some VPN server if you don't run AirVPN software.

Network Lock is a set of firewall rules that remain in place even in case of software crash and protect you from leaks even when the torrent software is configured in a way that permits it to bypass the VPN tunnel (typical example: UPnP enabled). Please read AirVPN FAQ and starting guide, you will get plenty of useful information and avoid unpleasant consequences by improper usage. All the important links are included in the welcome message and you can start from here:
https://airvpn.org/forums/topic/18339-guide-to-getting-started-links-for-advanced-users

FAQ:
https://airvpn.org/faq

Binding a software to the VPN network interface is another excellent layer of defense. It is highly valuable in case of a "momentary lapse of reason", for example if you completely forget to fire up AirVPN software (or your favorite software) and you start the torrent program with already active torrents. Interface binding is a simple setting if supported by your torrent program. Procedure varies according to the program you run, please read your software documentation.

Kind regards
 

Hello!

Starting from version 2.3, firewalld by default owns exclusively nftables tables generated by itself, thus preventing Eddie, Bluetit and Hummingbird Network Lock related operations. If you want to have Network Lock enabled and firewalld running at the same time, then you must configure firewalld by setting the following option:
NftablesTableOwner=no in firewalld's configuration file, usually /etc/firewalld/firewalld.conf .

After you have edited the configuration file with any text editor with root privileges, reload firewalld configuration or restart firewalld, and only then (re)start Bluetit, Hummingbird or Eddie. Additional insights:
https://discussion.fedoraproject.org/t/firewalld-add-flags-owner-persist-in-fedora-42/148835
https://forums.rockylinux.org/t/rocky-9-5-breaks-netfilter/16551

Kind regards
 

Hello!

On Eddie 2.22 and higher versions you can "fix" the interface name by setting it on Eddie's "Preferences" > "Networking" window (make sure you pick an interface name that's valid in your system).

Kind regards
 

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Hello!
 
We're very glad to announce that Eddie Android edition 4.0.0 Beta 1 is now available.
UPDATE 2026-01-14: Eddie Android edition 4.0.0 Beta 2 is now available

This is a major update: for the first time Eddie Android edition features AmneziaWG complete support.

Eddie Android edition is a fully integrated with AirVPN, free and open source client allowing comfortable connections to AirVPN servers and generic VPN servers offering compatible protocols. Eddie 4.0.0 aims primarily at adding, besides the already available OpenVPN and WireGuard, a thorough and comfortable AmneziaWG support. 

AmneziaWG is a free and open source fork of WireGuard by Amnezia inheriting the architectural simplicity and high performance of the original implementation, but eliminating the identifiable network signatures that make WireGuard easily detectable by Deep Packet Inspection (DPI) systems. It can operate in several different ways, including a fallback, "compatibility mode" with WireGuard featuring anyway various obfuscation techniques.
 
What's new in Eddie 4.0.0
  AmneziaWG support Amnezia WireGuard API stronger anti-blocking logic: ability to log in to the service and download AirVPN infrastructure and user data while connected through a profile with a specific option on the left pane ability to read and use local user data when bootstrap servers are unreachable new "Open with..." option on top of the usual "Share" option to manage and export comfortably generated profiles on any Android version with any suitable application updated AmneziaWG parameters allowed ranges  updated OpenSSL, OpenVPN3-AirVPN and WireGuard libraries bug fixes see the complete changelog below  
AmneziaWG overview
  From the official documentation: https://docs.amnezia.org/documentation/amnezia-wg AmneziaWG offers:
Dynamic Headers for All Packet Types (compatibility with WireGuard: YES)
During tunnel initialization, the library generates a set of random constants applied to each of the four WireGuard packet formats: Init, Response, Data, Under‑Load. These constants:
Replace predictable WireGuard packet identifiers; Shift offsets of Version/Type fields; Modify reserved bits. As a result, no two clients have identical headers, making it impossible to write a universal DPI rule.
 
Handshake Length Randomization (compatibility with WireGuard: NO)
In WireGuard, the Init packet is exactly 148 bytes, and the Response packet is exactly 92 bytes. AmneziaWG adds pseudorandom prefixes S1 and S2 (0-64 bytes by default):
len(init) = 148 + S1 len(resp) = 92  + S2 Offsets of the remaining fields are automatically adjusted, and MAC tags are recalculated accordingly. In order to keep backward compatibility with WireGuard, S1 and S2 must be set to 0. 
  Obfuscation Packets I1-I5 (Signature Chain) & CPS (Custom Protocol Signature) (compatibility with WireGuard: partial, with fallback)
Before initiating a "special" handshake (every 120 seconds), the client may send up to five different UDP packets fully described by the user in the CPS format. In this way AmneziaWG can mimic perfectly QUIC, DNS and other protocols adding powerful methods to circumvent blocks. QUIC is particularly interesting as HTTP/3 is built on it and currently, from Chrome and other compatible browsers, 50% of traffic to/from Google is QUIC traffic. Therefore, blocking QUIC may have major disruptions for any ISP.
 
Junk‑train (Jc) (compatibility with WireGuard: YES)
Immediately following the sequence of I-packets, a series Jc of pseudorandom packets with lengths varying between Jmin and Jmax is sent. These packets blur the timing and size profile of the session start, significantly complicating handshake detection.
 
Under‑Load Packet (compatibility with WireGuard: YES)
In WireGuard, a special keep-alive packet (“Under-Load”) is used to bypass NAT timeouts. AmneziaWG replaces its fixed header with a randomized one, the value of which can be set manually. This prevents DPI from filtering short ping packets, ensuring stable tunnel connections, especially on mobile networks.
 
 
How to use Eddie with AmneziaWG

To enable AmneziaWG mode, just tap the connection mode available in the main and other views. It will rotate between WireGuard, AmneziaWG and OpenVPN. Set it to AmneziaWG. In its default AmneziaWG mode, Eddie will use all the possible obfuscation, except protocol mimicking, that keeps WireGuard compatibility, thus allowing connections to AirVPN servers. The default settings choice was possible thanks to the invaluable support of persons living in countries where VPN blocks are widespread. Such settings have been tested as working and capable to bypass the current blocking methods in various countries. You may consider to modify them if they are ineffective to bypass "your" specific blocks.
  In Settings > Advanced, you will find, at the bottom of the page, a new "Custom Amnezia WG directives" item. By tapping it you will summon a dialog that will let you customize any possible AmneziaWG parameter.

You can maintain backward compatibility with WireGuard in the dialog WireGuard section, or enable the full AmneziaWG support in the Amnezia section, which is not compatible (at the moment) with AirVPN WireGuard servers. This mode will be mostly valuable in a not distant future, when AirVPN servers will start to support AmneziaWG natively. You may also enable QUIC or DNS mimicking for additional obfuscation efficacy. 

In order to maintain WireGuard backward compatibility, with or without QUIC or DNS mimicking, you must set:
S1 = S2 = 0
Hn ∈ {1, 2, 3, 4}
H1 ≠ H2 ≠ H3 ≠ H4

Furthermore, do not exceed the valid limit of the J parameters (anyway Eddie will not let you do it). In this preview version, Eddie's formal control of the input data is based on the following document. We strongly recommend you read it if you need to modify manually parameters:
https://github.com/amnezia-vpn/amneziawg-linux-kernel-module?tab=readme-ov-file#configuration


Please do not modify In parameters if you don't know exactly what you're doing. 

Eddie implements QUIC and DNS mimicking and random obfuscation packets for each specific "I" parameter (by using the corresponding "Generate" button). You can enable them with a tap on the proper buttons. You may mimic QUIC and DNS even to connect to WireGuard based servers.

When you enable QUIC mimicking and you maintain WireGuard backward compatibility, you add a powerful tool against blocks, because the first packets will be actual QUIC packets. AmneziaWG will fall back to WireGuard compatibility very soon. However, when DPI and SPI tools, and demultiplexers in general, identify the initial QUIC flow, most of them will be unable to detect a WireGuard flow for several minutes. This has been tested thoroughly with deep packet inspection on Linux and FreeBSD based machines by AirVPN staff.

Therefore, in different blocking scenarios the QUIC mimicking increases likelihood of successful block bypass. NOTE: the same does not happen with DNS mimicking. In this case DPI / SPI tools identify the stream initially as DNS, but are much quicker (just in a few dozens of packets) to identify the stream as WireGuard's, after the initial DNS identification.
 
How to use Eddie in network where the "bootstrap" servers can not be reached
Eddie downloads user and infrastructure data, essential to use the service, from special "bootstrap servers" through an encrypted flow inside HTTP. If the bootstrap servers are blocked or the underlying protocol to port 80 is filtered out, Eddie is unable to proceed. Starting from this Eddie 4 version, the ability to retrieve such data locally has been added. Whenever bootstrap servers are unreachable, Eddie can read the latest available local data to connect to a VPN server. Once connected the bootstrap servers are again reachable and the local data are immediately updated for future usage. The local data remain valid as long as you don't need to change user.

On top of all of the above, Eddie can now retrieve such data through the login procedure that now can be started even when a connection to a VPN server was previously established via a profile. Therefore, when you are in a restrictive network that blocks access to bootstrap servers, you can connect through a profile generated by AirVPN web site Configuration Generator. After this first connection, log your account in to the service by selecting the specific option on the left pane, enter your AirVPN account credentials as usual and make sure that Remember me checkbox is ticked: Eddie will download all the necessary files and store them locally.

This procedure is "once and for all", at least as long as you don't need to change account. After this initial connection, Eddie will be able to log your account in to the infrastructure, retrieve servers data and establish connections without profiles and without bootstrap servers, offering again full AirVPN integration even when bootstrap servers are unreachable. Only If you change account you must repeat the procedure.

Download link, checksum and changelog
https://eddie.website/repository/Android/4.0.0-Beta2/EddieAndroid-4.0.0-Beta-2.apk
 
This is a build debug package and side load is mandatory.

If you decide to test, please report at your convenience any bug and problem in this thread. If possible generate a report from the app in a matter of seconds: by tapping the paper plane icon on the Log view bar rightmost side you will generate a full system report which will include both log and logcat and have it sent to our servers. Then you just need to send us the link the app shows you (open a ticket if you prefer to do it in private).
$ sha256sum EddieAndroid-4.0.0-Beta-2.apk 20d4aee7a0544eec2ad379b8ab8126c2f276e4762a0a32109cb808701d2c0bb3 EddieAndroid-4.0.0-Beta-2.apk
Changelog 4.0.0 (VC 37) - Release date: 26 November 2025 by ProMIND
  Beta 2

LogActivity.java
[ProMIND] added View log button (open with...)
MainActivity.java
[ProMIND] method startAirVPNManifestRefresh() renamed to startAirVPNDocumentRefresh() [ProMIND] method stopAirVPNManifestRefresh() renamed to stopAirVPNDocumentRefresh() [ProMIND] member timerAirVPNManifestRefresh renamed to timerAirVPNDocumentRefresh [ProMIND] onCreate(): do exported files cleanup [ProMIND] onDestroy(): do exported files cleanup [ProMIND] drawer: added login item [ProMIND] drawer: changed login and logout icons [ProMIND] navigationViewItemSelected(): added code for AirVPN login [ProMIND] onResume(): show proper drawer's login/logout item
QuickConnectFragment.java
[ProMIND] onCreate(): removed AirVPN autologin (superseeded by extended "remember me" local login) [ProMIND] onCreate(): in case "remember me" is set, do local login by using locally stored user instance
SettingsActivity.java
[ProMIND] ameziaSettingsDialog(): fixed formal check for jc [ProMIND] removed AirVPN Autologin option (superseeded by extended "remember me" local login)
SettingsManager.java
[ProMIND] removed added SYSTEM_AIRVPN_AUTOLOGIN and SYSTEM_AIRVPN_AUTOLOGIN_DEFAULT (superseeded by extended "remember me" local login) [ProMIND] removed methods isAirVPNAutologinEnabled() and setAirVPNAutologin()
SupportTools.java
[ProMIND] added enum ShareMode [ProMIND] sharePlainText(): added argument share mode [ProMIND] sharePlainText(): the code is now compliant to all supported Android versions [ProMIND] sharePlainText(): exclude "myself" from helper apps [ProMIND] removeShareFile() renamed to removeShareFiles() [ProMIND] sharePlainText(): share/view files are now removed on app exit    
Beta 1

Native Library
[ProMIND] updated to version 4.0.0, API 10 [ProMIND] added Amnezia WireGuard API [ProMIND] updated to OpenVPN-AirVPN 3.12 (20251126)
AirVPNUser.java
[ProMIND] getWireGuardProfile(): added Amnezia support

ConnectAirVPNServerFragment.java
[ProMIND] showConnectionInfo(): added AmneziaWG logo display [ProMIND] onCreateContextMenu(): added AmneziaWG items [ProMIND] onContextItemSelected(): added AmneziaWG items [ProMIND] added method loadVPNProfile()
ConnectVpnProfileFragment.java
[ProMIND] added Amnezia support
EddieLibraryResult.java
[ProMIND] added Amnezia WireGuard API
QuickConnectFragment.java
[ProMIND] onCreateView(): added AmneziaWG logo display [ProMIND] updateStatusBox(): added AmneziaWG logo display
SettingsActivity.java
[ProMIND] added "Custom AmneziaWG directives" setting
SettingsManager.java
[ProMIND] added Amnezia specific settings and methods
SupportTools.java [ProMIND] removed method getVPNProfile()
VPN.java
[ProMIND] added methods enableAmneziaWireGuard() and isWireGuardAmneziaEnabled()
VPNManager.java
[ProMIND] added method isWireGuardAmneziaEnabled()
VPNProfileDatabase.java
[ProMIND] added AMNEZIA type
WebViewerActivity.java
[ProMIND] EddieWebViewClient.shouldOverrideUrlLoading(): it now properly opens android asset files
WireGuardClient.java
[ProMIND] added WireGuard tunnel node to constructor  [ProMIND] added methods for generating Amnezia's junk settings
WireGuardTunnel.java
[ProMIND] added support for Amnezia WireGuard [ProMIND] added Mode enum [ProMIND] added tunnel node to constructor 
EddieLibrary.java
[ProMIND] added Amnezia WireGuard API
Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati

Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

 

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Hello!
 
Hold on @Tech Jedi Alex, you hit the mark.

You were just misled by this:
 
0777 is for a directory, but for data files the default is 0666, here's why the user ends up with 644:
 
For the reader, if the umask is 022, the newly created file by root will get 644 (rw-r--r--) (the complement of 666 with 022 in octal) which causes the first problem. So that's why /sbin/bluetit doesn't have x even though it does in the extracted package. It doesn't matter that the original bluetit file has 755, the umask starts from 666.

cp in the original script lacks the -p option so this problem should get resolved by your change with install (it should be solved even by adding "-p" to the cp command, or an additional chmod of course). It looks like a long time installation script issue that went strangely unnoticed. Noted down for a fix in the next release or a package hot fix, we'll see. Apparently there is another problem too but maybe it's not related to Suite's installation, we'll keep following the thread.

Kind regards
 

Hello!

The AirVPN integration is kindly maintained by GlueTun developer. In brief, servers information is retrieved from the servers,json file which is updated several times a year. When starting up, Gluetun merges the hardcoded list and the contents of servers.json, preferring newer data and including any custom entries marked to be kept. For more details and a more accurate description please see here:
https://deepwiki.com/qdm12/gluetun/6-server-management

At this moment, while we're writing this message, the servers in Amsterdam have not yet been added. You can wait for the next update, or you may add them manually, by abiding to the json format. Alternatively you can point directly, through the proper environment variable, to the correct entry-IP address of the server you wish to connect to. In such cases you find all the information you need on the server status page https://airvpn.org/status and by generating a configuration file with the Configuration Generator.

Here's an example for Vindemiatrix, only for WireGuard connections. This sub-block must be inserted in the correct position inside the airvpn block: study the file structure to quickly understand. Make sure to edit the file while no container is running. { "vpn": "wireguard", "country": "Netherlands", "region": "Europe", "city": "Amsterdam", "server_name": "Vindemiatrix", "hostname": "nl3.vpn.airdns.org", "wgpubkey": "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=", "keep": true, "ips": [ "94.228.209.212" ] }, You then need to restart the container(s) in order to merge the current list with the edited one. The "Keep": true line/flag (inside the server definition) ensures that the server will not be wiped out if you rebuild the server list.

Kind regards
 

Hello!

We're very glad to inform you that three new 10 Gbit/s full duplex servers located in Toronto (Ontario), Canada, are available: Castula, Chamukuy and Elgafar. 

The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor :
https://airvpn.org/servers/Castula
https://airvpn.org/servers/Chamukuy
https://airvpn.org/servers/Elgafar/
 
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

Congratulations on the launch. This is great news for CA which has had most of its 2 Gbit/s servers pretty saturated during peak hours. Hopefully the ghost of Wurren does not come back to haunt us.

Should be Elgafar, right?  Was briefly confused that eldafar had no IP.

Here is my working Open VPN config on a Netgear R7000 with Fresh Tomato:

Thank you very much. 

For the readers: the key information here and other threads where the problem could be resolved swiftly is that it does not matter how you configure it: Plex will always listen to port 32400 of the VPN interface. Therefore, AirVPN's port "re-mapping" function comes handy. Once you choose a random port for your Plex server on your AirVPN account port panel, fill the "Local" field with "32400". Reach the Plex server from the Internet on the port remotely forwarded and the VPN server will take care to forward the packets to port 32400 of your local VPN interface.

Kind regards
 

Hello!

We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati

Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

 

Hello!

We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati

Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

 

Hello!

We're very glad to inform you that a new 10 Gbit/s full duplex server located in Los Angeles, California, is available: Revati.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Revati supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor , by clicking the server name. Direct link: https://airvpn.org/servers/Revati

Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff

 

@itsmeprivately

Hello!

Please try the following settings (usually they are strictly necessary to bypass China blocks): switch to OpenVPN (if you haven't already done so) by tapping the icon "VPN Type" on the main view. Each tap switches between WireGuard and OpenVPN. force connection over TCP to port 443 in the following way: open "Settings" and expand "AirVPN" by tapping on it tap "Default OpenVPN protocol", select "TCP" and tap "OK" tap "Default OpenVPN port", select "443" and tap "OK" tap "Quick connection mode", select "Use default options only" and tap "OK" Finally test again connections to various servers in various locations.

Kind regards
 

Hello!

We're very glad to inform you that a new 10 Gbit/s full duplex server located in Toronto (Ontario, Canada), is available: Kornephoros.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Kornephoros supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the status as usual in our real time servers monitor .
Do not hesitate to contact us for any information or issue.

Kind regards & datalove
AirVPN Staff