Staff

Hello!

Just to avoid potential confusion, the limit is 5 ports per account. Only accounts registered with the earlier contractual agreements can still enjoy 20 ports, i.e. the change enforced on June 2023 is not retro-active:
https://airvpn.org/forums/topic/56405-port-forwarding-availability-change/

We are finalizing a deep infrastructure change, started more than 6 months ago, which will avoid port exhaustion for many years (we guess for the whole company lifetime) and which will allow us to offer more inbound forwarded ports per account (if needed) at a fair price. The change will not rely on "regional" or "server group" ports, so the comfort of the current system will remain.

Kind regards
 

Hello!

The Express VPN interface causes a critical error to OpenVPN:

Tell Eddie to ignore any alien interface: Select from Eddie's main window Preferences > Networking, write eddie in the "VPN interface name" field click Save.
You may also consider to switch to WireGuard to bypass the alien interface. You can do it in Preferences > Protocols window. Uncheck Automatic, select a WireGuard connection mode and click Save.

Kind regards
 

@Greyzy

Hello!

Our regional (country / continent / world) domain names for "best" servers change their records frequently, according to https://airvpn.org/faq/servers_ip/ . That's why you can get a different resolution every 5 minutes. This matter is totally irrelevant for the problem you experience, don't worry about it.

It is possible that Vodafone is messing up your DNS queries. We saw this shameful behavior in the past, many years ago, by Vodafone Italia, which re-directed anything to port 53 to force resolution of names by its own DNS servers and also prevent any other protocol to port 53. We can't rule out, according to all the data you provided, that this is the case for you too, with the addition of some acrimony against our VPN domain names.

The problem should get resolved by DNS over TLS to port 853. Unfortunately Windows 7, as far as we know, can't support it, but Windows 10 (which runs in another machine of yours) and the router can: please test it. Once the router is configured properly for DNS over TLS, you can configure your Windows 7 system to query only the router for names resolution (in the DNS settings enter only the router address in your local network).

Important side note: please consider to drop Windows 7 as it is an abandoned system ever since a long time ago.

Kind regards
 

Hello!

Just to avoid potential confusion, the limit is 5 ports per account. Only accounts registered with the earlier contractual agreements can still enjoy 20 ports, i.e. the change enforced on June 2023 is not retro-active:
https://airvpn.org/forums/topic/56405-port-forwarding-availability-change/

We are finalizing a deep infrastructure change, started more than 6 months ago, which will avoid port exhaustion for many years (we guess for the whole company lifetime) and which will allow us to offer more inbound forwarded ports per account (if needed) at a fair price. The change will not rely on "regional" or "server group" ports, so the comfort of the current system will remain.

Kind regards
 

UPDATE 01-SEP-17 Due to multiple, critical  problems in network-manager-openvpn which after years have not been solved we recommend to NOT use it. Please understand that we will not provide support to network-manager-openvpn. In GNU/Linux we recommend that you run our free and open source software "AirVPN Suite", "Eddie" or OpenVPN directly
 
 
Warning: Ubuntu 14.04 has an issue on configuration files import. At 25/04/2014 there's still no fix. Bug Report Go to Config Generator page, choose Linux and choose your preferred options. Select Advanced Mode Tick Separate certs/keys from .ovpn files
Click on any archive format. Save the downloaded archive file somewhere, say in ~/.airvpn. Extract it. Five files should be extracted. Try to make sure nobody but you can read the file user.key, because that one is secret. Install the package named network-manager-openvpn-gnome, which is a plugin to NetworkManager handling OpenVPN connections. The install will automatically include all needed packages, like openvpn etc. Click on NetworkManager icon in top-right bar, and choose Edit Connections...
Click Add, choose Import a saved VPN configuration, click Create... and choose a .ovpn file extracted from files generated by our Config Generator.
The imported information is displayed. Click Save... and close the NetworkManager Connections editor.
From now on, the imported connections are showed under VPN Connections menu. Click it to connect.

@Greyzy

Hello!

The domain name included in the configuration file generated by the Configuration Generator is fully qualified, as you can verify independently.

The problem is always the same as you can see even from nslookup: poisoned/wrong resolution (into a non-routable address). The problem is not in domain names or configuration files.

Specific example for de3.vpn.airdns.org: note how Quad9 (9.9.9.9) resolves correctly and this adds another strange piece to the puzzle because nslookup said that it queried Quad9 to resolve de3.vpn.airdns.org, but gets an answer that surely does not come from Quad9. This suggests some worrying scenario, but don't let us jump to conclusions too early: just switch to DNS over TLS (supported by Quad9). Configuration needs a little bit of documentation, please check (while you are in the VPN): https://www.elevenforum.com/t/enable-dns-over-tls-dot-in-windows-11.9012/

DNS over TLS will ensure that your DNS queries will not be tampered by your ISP or any MITM (when you are in the VPN you are already protected as the DNS is inside the VPN, but when you're not connected to the VPN you're not protected).


$ drill @9.9.9.9 de3.vpn.airdns.org
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 27288
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0  
;; QUESTION SECTION:
;; de3.vpn.airdns.org.  IN      A

;; ANSWER SECTION:
de3.vpn.airdns.org.     300     IN      A       37.120.217.245

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 151 msec
;; SERVER: 9.9.9.9
;; WHEN: Wed Jun 26 20:58:14 2024
;; MSG SIZE  rcvd: 52


Also, please answer to the relevant question by @go558a83nk

Kind regards
 

Hello!
 
We're very glad to inform you that a new Eddie Air client version has been released: 2.24 beta. It is ready for public beta testing.
 
How to test our experimental release:
Go to download page of your OS Click the button Switch to EXPERIMENTAL Download and install
This is a new version of Eddie Desktop (Windows / Linux / MacOS).
We know there is still 2.21.8 as stable, and 2.22.x and 2.23.x series never reached the stable version.
We hope that this version 2.24.x will be tested and reach a stable release.

Internally (in terms of development and code) it represents a significant step forward for us: the CLI editions are compiled with dotnet 7, without Mono, Xamarin and any dependency on NetFramework (Windows) or Mono (Linux, MacOS). 
All CLI projects can be opened in Visual Studio Code and debugged on any OS (macOS, Linux, Windows) without the need to use Xamarin, Visual Studio or Visual Studio for Mac. 
A new UI is in the works that will finally remove the dependency on Mono and Xamarin, but we don't have a release date to announce yet. 
The MacOS CLI is new (previously there was only the UI, or the UI with "-cli"), and it's also native for arm64. 
Overall, there has been a significant effort to clean up and modernise the code, and to prepare our build/deploy scripts for the new UI as well. 

We understand that there are still tickets or posts that we haven't responded to yet, but we preferred to complete this step first.

Main changelog: [new] WireGuard is now the default communication protocol [new] All CLI editions can be compiled and debugged with VSCode and .NET7 [new] [macOS] CLI-only edition, built with .NET7, without Xamarin [new] New commandline only option "elevated.method" [change] OpenVPN 2.6.9 [change] [linux] CLI edition, built with .NET7, without Mono [change] [linux] .deb and .rpm, removed Mono dependency [change] [linux] .deb package tries to initialize elevated service at install/uninstall, .rpm package still missing this feature. [change] [windows] CLI edition, built with .NET7 [change] [all] Better management of SIGTERM signal [change] [all] Don't check if app dir is writable for portable-mode, now managed by presence of "portable.txt". [bugfix] [linux] terminal issue with sudo elevation [deprecation] [all] -cli mode for UI. Use CLI edition directly, now available in all supported platform. [deprecation] [windows] Vista builds [deprecation] [windows] Windows Firewall Network Lock mode [deprecation] [linux] x86 builds [deprecation] [linux] Portable Mono builds
 

About AsusWRT
 


AsusWRT is a unified firmware developed by Asus for use in their recent routers.
The firmware was originally based on Tomato-RT/Tomato-USB, but has since seen many changes.
Asus started using this new firmware with their recent routers (RT-AC68U, RT-AC87U), but they also started moving other routers to this new firmware.
 



Prerequisite

Asus Router with AsusWRT (native OpenVPN support).
Model tested: RT-AC68U but it should work for all Asus routers that have AsusWRT.
see Official website for AsusWRT model support list.
 
[Firmware Notes]: Please upgrade the router Firmware to the latest version.
"New Asus Firmware supports 4096 bits key and will work with AirVPN."
 


Steps 1. Create configuration files from our Config Generator. Select [Router or others] and choose a server you like. Tick on [Direct, protocol UDP, port 443] and click on [Generate]. Save the openvpn config file .ovpn (Ex: AirVPN__UDP-443.ovpn) anywhere on your computer. 2. Open the Asus router webinterface and click on [VPN]. Click on [Add profile], choose [OpenVPN] tab. Enter a "description", leave username and password EMPTY. Click on [browse] and select the downloaded openvpn config file (.ovpn). Click on [upload]. Click on [OK]. That's it now you can click on [Activate] to connect to AirVPN server.


3. Make sure to setup the AirVPN DNS this way: Click on [WAN] tab. Turn [DNS server] "off" (No) and enter AirVPN's DNS 10.4.0.1 as first DNS IP address (it's DNS for Protocol UDP, Port 443 - see Specs for more details).
About the secondary DNS entry, we recommend picking ones from the OpenNIC Project.
The AirVPN DNS will enable you to access AirVPN geo-routing services to bypass discriminations based on IP address geo-location.
4. Visit https://ipleak.net and check whether it works.  Every client (PC, Smartphone, Console, Smart TV ..) which is connected to the router now is secured by VPN and also has full access to the anti-geo-blocking service.
 


Useful Info

A custom firmware for Asus routers based on official AsusWRT called Asuswrt-Merlin is available.

AsusWRT-Merlin retains all the features of the original stock AsusWRT firmware with added/enhanced features.
More info on AsusWRT-Merlin website http://asuswrt.lostrealm.ca/features

Hello!

Note the above and this:
You specifically configured Eddie to ignore the DNS push by the server and let the packets to your default DNS slip through the Network Lock.

Kind regards
 

@htpc

Hello!

The list of available "devices" (client certificate/key pairs) should appear beside the login credentials, on the main window. If it doesn't, please try to uncheck "Remember me", log your AirVPN account out and log it in again (you will need to re-enter your account credentials).

Kind regards
 

Hello!

At last the root cause of the problem should have been found, a loose power cable.

Kind regards
 

Hello!

The problem affects those users who run Eddie Desktop edition with OpenVPN and never logged out for more than a year, or use OpenVPN clients with configuration files generated before 2021. Since Eddie Desktop edition re-downloads certificates and keys only when the operator logs in, locally some certificates have expired because we extend their expiration date automatically at least one year in advance (three years normally).

Please try the following procedure to quickly resolve the problem:
run Eddie on Eddie's main window uncheck "Remember me" log your account out log your account in (you'll need to re-enter your AirVPN credentials) try again a connection Kind regards
 

Happy Birthday AirVPN. Thanks to the AirVPN-Team for their great and reliable service.
Cheers!

Hello!
Today we're starting AirVPN 14th Birthday celebrations with big discounts on longer term plans.
 
From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 23 countries on four continents!

AirVPN is now one of the only three major consumers' VPNs which are still independent, i.e. not owned by big corporations with multiple fields interests, interfering in editorial publications or intersecting with products or services in conflict with privacy protection.

Ever since we celebrated the past 13th birthday, AirVPN focused on a comprehensive infrastructure enhancement consisting of:
line and server expansion to accommodate the significant customer growth. The infrastructure is now capable of delivering up to 694,000 Mbit/s CPU and network interface upgrades on all four continents where we operate in order to further stabilise and consolidate actual bandwidth availability thorough rewrite of remote inbound port forwarding logic to avert impending port exhaustion. The new implementation will be unveiled soon far reaching improvements to the "behind the scenes" infrastructure (backend servers) through hardware upgrades and targeted software optimisation   On the software side, all AirVPN applications and libraries are still free and open source software released under GPLv3. The development of traffic splitting features on an application basis, already available in AirVPN Eddie Android and Android TV edition, has been implemented on the AirVPN Suite for Linux. The OpenVPN3-AirVPN library has undergone a remarkable round of bug fixes and improvements, while the WireGuard library is now fully supported by the Suite.

If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day.
 
Check the promotional prices here: https://airvpn.org/buy
 

 
Promotion will end on June the 12th, 2024 (UTC).
Kind regards and datalove
AirVPN Staff 
 

There wasn't even the need to go that far: If it were a widespread problem, people would've spammed the forums and Reddit with new threads and replies.

Hello!

The problem affects those users who run Eddie Desktop edition with OpenVPN and never logged out for more than a year, or use OpenVPN clients with configuration files generated before 2021. Since Eddie Desktop edition re-downloads certificates and keys only when the operator logs in, locally some certificates have expired because we extend their expiration date automatically at least one year in advance (three years normally).

Please try the following procedure to quickly resolve the problem:
run Eddie on Eddie's main window uncheck "Remember me" log your account out log your account in (you'll need to re-enter your AirVPN credentials) try again a connection Kind regards
 

Hello!

If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Or you can get a voucher, of course, but it's not strictly necessary in this case.

Kind regards
 

Hello everyone!

We hereby publish the Community Forum policy in response to requests for clarification as apparently the generic invitations to comply to Netiquette are not sufficient. We will spread this information throughout the platform if necessary. This document pertains only to Community forums and not to AirVPN forums for official AirVPN communications and guides, where only AirVPN staff can open new threads.

The Community Forums are managed and maintained by AirVPN, inside its own infrastructure, and are intended to be an environment to:
improve AirVPN services through community driven suggestions provide an old style, relaxed platform for customers to get technical help in addition to the core assistance provided by the professional AirVPN customer care and support team.
  Community forum is open to everybody, including non-AirVPN customers, and moderated by AirVPN staff. Community moderators may be appointed by AirVPN staff on a voluntary basis to improve moderation.

Messages posted on the forums and authors must comply with the following rules: Message content and author's behavior must respect Netiquette rules as described here: https://www.britannica.com/topic/netiquette Content must be rigorously on topic. The topic is specified in the description of each forum or made explicit in the name itself. Any form of explicit or surreptitious advertising for third party companies or private activities is prohibited.
Moderators have the task to enforce compliance with the above rules. Messages that violate the rules can be deleted. When possible, moderators will inform the author about the infringement. Authors of two or more messages whose content violates the rules can have their accounts temporarily prevented from posting in the forum.

If the author of a message reputes that a moderator made a mistake in the moderation actvity, communication with the moderator is encouraged. If the author is still unsatisfied by communication with the moderator, AirVPN staff can be contacted at info@airvpn.org. The staff undertakes to examine author's' complaints within a reasonable time not exceeding 30 days.

Kind regards and datalove
AirVPN Staff
 

You could try using Invidious instances. A bit of a hit and miss with them, though, as YouTube is trying to make life harder for them.

Happy Birthday

Thanks for all you do.

Hello!

You're trying to connect to an entry-IP address 1 (217.138.195.26), which supports TLS Auth. If you're trying the connection through a key for TLS Crypt you would get that error.

TLS Auth and TLS Crypt are different and mutually incompatible OpenVPN ways to negotiate the Control Channel. Hence we use different keys and different IP addresses for each "mode". The Configuration Generator, by default, generates TLS Crypt keys and entry-IP address 3, which supports TLS Crypt. Can you please check?

Note that if you turn on the "Advanced" switch, you will be able to see all the available connection modes on the Configuration Generator.

Kind regards
 

Hello!

Yes, our suspicion was correct, as you can see the IP address in the file generated by the CG is different from the one you used previously. Server domain names resolve only into entry-IP address 1, we do not have domain names for other entry-IP addresses. You can query the API or use the CG to see all the entry-IP addresses of the servers. Now the TLS key mismatch problem is solved.

The new problem: May 30 15:42:34 ovpn-client1[17021]: /usr/sbin/ip addr add dev tun11 10.11.214.40/24 May 30 15:42:34 ovpn-client1[17021]: Linux ip addr add failed: external program exited with error status: 2 Something goes wrong when the tun11 virtual network interface is configured. According to the current man, the syntax does not seem correct: ip addr { add | del } IFADDR dev STRING but we see it's an old usage which should be just fine. If the problem persists, try to upgrade the firmware if a new version is available. If you have WireGuard available in your firmware you can also test it and check what happens.

Kind regards
 

Hello!

The most common causes are a "dirty" line and an MTU related problem. Please try to get a stronger WiFi signal, change WiFi channel, test a different Ethernet cable, make sure that network interface driver and router firmware are both up to date. Also set WireGuard's virtual network interface MTU down to 1280 bytes. You will need Eddie 2.24.x to do it, as older versions do not offer an option to modify MTU (so WireGuard default value is enforced). In Eddie 2.24.x please select Preferences > WireGuard, set MTU to 1280 bytes, click Save and test connections to various servers.

Kind regards
 

Hello!

The most common causes are a "dirty" line and an MTU related problem. Less frequently it's a replay attack. Please try to get a stronger WiFi signal, change WiFi channel, test a different Ethernet cable, make sure that network interface driver and router firmware are both up to date. For the second cause try to adjust network interface MTU down to 1280 bytes if you use WireGuard, or add mssfix directive if you run OpenVPN (try for example mssfix 1280).

Kind regards
 

Hello!
Today we're starting AirVPN 14th Birthday celebrations with big discounts on longer term plans.
 
From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 23 countries on four continents!

AirVPN is now one of the only three major consumers' VPNs which are still independent, i.e. not owned by big corporations with multiple fields interests, interfering in editorial publications or intersecting with products or services in conflict with privacy protection.

Ever since we celebrated the past 13th birthday, AirVPN focused on a comprehensive infrastructure enhancement consisting of:
line and server expansion to accommodate the significant customer growth. The infrastructure is now capable of delivering up to 694,000 Mbit/s CPU and network interface upgrades on all four continents where we operate in order to further stabilise and consolidate actual bandwidth availability thorough rewrite of remote inbound port forwarding logic to avert impending port exhaustion. The new implementation will be unveiled soon far reaching improvements to the "behind the scenes" infrastructure (backend servers) through hardware upgrades and targeted software optimisation   On the software side, all AirVPN applications and libraries are still free and open source software released under GPLv3. The development of traffic splitting features on an application basis, already available in AirVPN Eddie Android and Android TV edition, has been implemented on the AirVPN Suite for Linux. The OpenVPN3-AirVPN library has undergone a remarkable round of bug fixes and improvements, while the WireGuard library is now fully supported by the Suite.

If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day.
 
Check the promotional prices here: https://airvpn.org/buy
 

 
Promotion will end on June the 12th, 2024 (UTC).
Kind regards and datalove
AirVPN Staff