Staff

3 Gbit/s ???  Interesting.  Loving the pictures of the cities. 😀

Been wanting a 10 Gbps server that's close to me for the longest time. This feels like an early Christmas present. Thank you AirVPN staff - this is amazing!

Hello!

In 2019 we pushed a commit with a major new feature for OpenVPN3 library but it was refused by the maintainer (Arne Schwabe) for stylistic reasons. In the opinion of some of us it's their (OpenVPN3 maintainers) style to be ugly, but OK it's a matter of personal tastes so the text format and spacing was changed accordingly and a new commit was ready.

The new commit was again refused, this time because the source code included tags mentioning the source code author "ProMIND". We couldn't fully understand why the author should not be mentioned in the source code itself, moreover the tags were useful for another purpose, but fine, all tags were removed and a new commit was ready.

The new commit was again refused, this time because the identity of the source code author ProMIND was not certified. In general we do not disclose the identity of our employees and collaborators, much less force them to certify it with any third party, and leave to them the choice to disclose real identity and certify it. The request was strange and we asked for some clarification. It came out, even from other OpenVPN community members, that the requirement was related to a specific contractual agreement mentioned here: https://github.com/OpenVPN/openvpn3/blob/master/CLA.rst

At that point we did not like the situation: please note that a new problem was mentioned only after each new commit was proposed, while it would have been fair that all problems were mentioned at the same time, obviously, since the very beginning. And we did not like anymore to allow OpenVPN Inc. to re-license under any new license our or ProMIND's code, which is under GPLv3, according to the mentioned contributor's agreement, specifically part II, (e) clause:
"(e) I understand that OpenVPN Inc. may relicense this project, this contribution, and any modification to it under any license. [...]".

Therefore we did not waste additional time on the matter and we went on with our fork without further ado. At this very moment we have no merging/commit plans.

On a lighter tone, this thread dated 2019 is funny in the last part:
https://airvpn.org/forums/topic/43850-openvpn-3-development/
because one of the AirVPN community moderators defended OpenVPN style and Schwabe refusals, and wrote: "If you had contributed to the Linux kernel like that, Linus would tear you to tiny bits." Ironically, after that message was written, Linus Torvalds examined OpenVPN code and he was horrified.

Kind regards
 

Hello!

The screenshot you published shows that it's not a block but a verification that the user is human through the usual Public Turing test. It may happen when there are numerous, concurrent connections from the same IP address, it's not a case of a black listed IP address. Google should never be used, VPN or not, anyway you can also rely on https://startpage.com which will act as a proxy to Google Search, therefore adding some additional privacy layer between you and Google Search.

Kind regards
 

@p9974839

Google Search should never be used, but if you really want it, why not just use https://startpage.com ?

Kind regards
 

Hello!

Google Search should never be used for privacy reasons (Google profiling techniques are so advanced that you risk to create a correlation between your real identity and your VPN identity at the tiniest error) and ethical reasons, but you can rely on startpage.com if you really need Google Search. Startpage will proxy your queries to Google Search and serve you back Google reply, therefore an additional protection layer stands between your node and Google and you usually avoid captchas. A very good search engine offering privacy protection commitment is Brave Search:
https://search.brave.com

Kind regards
 

Not only TikTok. For example the Bitcoin network can not be controlled so a transaction from an American citizen could potentially go to a citizen of a country that's "a menace" for the USA (definition of enemy and menace is discretionary, the used language seems fine tuned to allow scope enlargement at will without judiciary supervision). Since that's not controllable, we find it potentially possible that operators might be required to block "the Bitcoin network".

What's worse, according to a preliminary interpretation of the text, if in some way (difficult but personal and house search, pre-selected through the usual monitoring performed by USA ISPs, can help...) it can be proved that a USA citizen has used some tool like Tor or VPN to access any of the blocked network / services etc., that citizen will be prosecuted: civil liability up to a million of dollars, and criminal behavior subjected to up to 20 years in jail - which, if we're not mistaken, is worse than in China, Russia, and various countries controlled by human rights hostile regimes.

Kind regards
 

Hello!

Yes, stay tuned!

Kind regards
 

@ScanFarer

Hello!

New 10 Gbit/s full duplex server has been added in Los Angeles. Another server with high bandwidth has been added in Denver (Colorado) with a 10 Gbit/s interface and port and 3 Gbit/s bandwidth (full duplex) guaranteed, burstable to 10 Gbit/s.
https://airvpn.org/status

Kind regards
 

Hello!

We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Los Angeles (California, USA) is available: Saclateni.

Saclateni supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

You can check the status as usual in our real time servers monitor:
https://airvpn.org/servers/Saclateni

Do not hesitate to contact us for any information or issue.

Kind regards and datalove

This is great! Keep up the good work!

Hello!

We're very glad to inform you that a new 3 Gbit/s (full duplex) server located in Denver, CO (USA) is available: Sadachbia.

Sadachbia supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 and 47107 UDP for WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

You can check the status as usual in our real time servers monitor:
https://airvpn.org/servers/Sadachbia

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Staff
 

Hello!

We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Los Angeles (California, USA) is available: Saclateni.

Saclateni supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

You can check the status as usual in our real time servers monitor:
https://airvpn.org/servers/Saclateni

Do not hesitate to contact us for any information or issue.

Kind regards and datalove

Hello!

We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Los Angeles (California, USA) is available: Saclateni.

Saclateni supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

You can check the status as usual in our real time servers monitor:
https://airvpn.org/servers/Saclateni

Do not hesitate to contact us for any information or issue.

Kind regards and datalove

So much for "I've got the same issue". They weren't the same at all, just causing similar symptoms.
Open your own threads, people!

Reproduced with anonymous access. Went into the spam messages and it actually was there. Removed, should no longer be visible now.

Thank you for the report.

Hello!

All problems were resolved. For the readers:
YuNoGuy problem was caused by the Windows Firewall blocking the incoming traffic of other programs his/her main listening program relied on. Check the message here for interesting and useful details: https://airvpn.org/forums/topic/56970-port-forwarding-connection-timeout-error-110/?do=findComment&comment=227771 JebediahWolfe (original poster) problem was caused by the fact that the remotely forwarded port was disabled by the user in the control panel. All ports are enabled by default when you reserve them to your account and a new option allows you to disable them without de-allocating them. It is an option which can be useful under specific circumstances and required by some users. Always pay attention when you change settings. Voja Ten. problem "disappeared by itself" from one day to another so we can't say anything about it.
Kind regards
 

Hello!

Yes, definitely. Stay tuned and follow the "News" AirVPN forum for updates. 😉

Kind regards
 

Hello!

We're very glad to inform you that a new 1 Gbit/s full duplex server located in Chicago, IL (USA) is available: Praecipua.

The AirVPN client will show automatically the new server. If you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts OpenVPN connections on ports 53, 80, 443, 1194, 2018 UDP and TCP, and WireGuard connections on ports 1637, 47107 and 51820.

Just like every other Air server, Praecipua supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the server status as usual in our real time servers monitor:
https://airvpn.org/servers/Praecipua

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Hello!

We're very glad to inform you that a new 1 Gbit/s full duplex server located in Miami, FL (USA) is available: Minelauva.

The AirVPN client will show automatically the new server. If you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The server accepts OpenVPN connections on ports 53, 80, 443, 1194, 2018 UDP and TCP, and WireGuard connections on ports 1637, 47107 and 51820.

Just like every other Air server, Minelauva supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, tls-crypt and WireGuard.
Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the server status as usual in our real time servers monitor:
https://airvpn.org/servers/Minelauva

Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

I will mark this as solved to underline that Linux Is The Solution. Especially to all kinds of Windows problems

I'm the mod in question. The subreddit is not official – and not forgotten. I track the Reddit posts via RSS and intervene within hours if necessary, as I had to just the other week when one account quite rudely violated rule 2 during the sale. Happens often. It's neither a scam nor a hoax, but the party is over here in the forums, so people are encouraged to join it.
 

Mostly, it's just offline time with nice ebooks – I've been on quite the reading frenzy these past few weeks, let me tell you. You could say holiday, I guess, though I do work in between, but other than for work the computers are staying off currently.

Hello,

Thanks for your answer. The solution in the link you kindly provided didn't solve my problem, actually the AirVPN wireguard tunnel stop working at all when using the specified long AllowedIPs chain.

But it did set me in the right direction : the blog post regarding the IP calculator detailed a better alternative, which is to change the routing table for the subnet to be excluded, 192.168.2.0/24 in my case.

So for the record my working config file is :
[Interface] Address = XXX/32, XXX/128 PrivateKey = XXX DNS = 10.128.0.1, fd7d:76ee:e68f:a993::1 PreUp = ip route add 192.168.2.0/24 via 192.168.1.1 dev enp0s4 PostDown = ip route del 192.168.2.0/24 via 192.168.1.1 dev enp0s4 [Peer] PublicKey = XXX PresharedKey = XXX Endpoint = nl.vpn.airdns.org:1637 AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 15

Back again - For anyone who may be having the same issue ensure that whatever program you are installing has access to go through both the private and guest networks on your firewall, since Eddie will run on the guest network if you block a program from using that in your firewall then there's no way for the port to be accessed from the outside, if you've already blocked a program you can unblock it again pretty easily.

If you're on Windows 10:
- Open search and find "Windows Defender Firewall with Advanced Security" 
- Click on Inbound Rules 
- Find the program you want to allow, if it has a red X on the left of the name, then that means it's disallowed on that network profile.
- Double click on it and click "Allow the connection" and apply

If you want to run a Minecraft server then you won't find a "minecraft.exe" in this list, instead allow the Java Platform SE Binary (or OpenJDK alternative if that's what you prefer)

For any future programs simply allow for guest network when Windows asks you what you want to allow with the program.

@ScanFarer

Hello!

Your analysis is correct. The maximum amount of bandwidth this month which Haedus could give was 7 Gbit/s:


One of the main reasons is that the load on the CPU increases more than linearly as the number of OpenVPN connected clients increases. Other reasons include routing, since the maximum throughput one can get is the maximum throughput that the slowest hop in the route can provide.

While more and more users switch to WireGuard, the servers will be able to deliver more bandwidth, because WireGuard scales excellently. Consider that each OpenVPN process runs in a single thread of a single core (when OpenVPN's DCO is stable things will change), forcing us to run multiple processes, while we only need to run one WireGuard process which distributes load evenly on all cores. Furthermore, WireGuard doesn't copy data from kernel to userspace and vice-versa, while OpenVPN does (again, OpenVPN's DCO running in the kernel space will do the same). Actually, Haedus can provide almost 4 Gbit/s (8 Gbit/s on the server, in practice) when the connection is performed by a single client. Increasing MTU size might also improve performance further, only provided that there's room in the frames.

From Android devices, almost everyone runs WireGuard, because Eddie Android edition is set to WireGuard by default. From desktop devices, Eddie's default is OpenVPN at the moment, so many users start with that default setting and stick to it. What to offer by default is a matter of analysis on desktop systems: WireGuard poses privacy issues and can be easily blocked, while OpenVPN is definitely and sometimes significantly slower even on most AES-NI supporting devices but offers dynamic address assignment and the invaluable abilities to connect over stunnel, SSH, SOCKS proxies, Tor (working in TCP).

Kind regards