Jump to content
Not connected, Your IP: 44.192.20.240

Staff

Staff
  • Content Count

    10402
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    1734

Reputation Activity

  1. Confused
    Staff got a reaction from SeUbHS in Network lock disabled when Eddie is closed,   ...
    Hello!
     
    You can consider to enforce permanent firewall rules that block all the outgoing traffic from your system. In this way, the activation of Network Lock will unlock communications to our VPN servers and bootstrap servers only. When Network Lock is disabled, the previous "block all" rules will be restored.
     
    This means also that as long as Eddie has not started, your system traffic is totally blocked (even at boot). Just make sure that you allow anyway DHCP communications to your router, they are vital to establish a connection inside your local network.
     
    Kind regards
  2. Like
    Staff got a reaction from klapvogn in AirVPN does not recognize ICANN authority anymore   ...
    AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES.

    The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction.

    Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union.

    The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure.

    Given all of the above, we repute that these acts:

    - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights;
    - are an attack against the Internet infrastructure and the cyberspace;
    - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired;

    and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses.

    In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time.

    Kind regards
    AirVPN admins
  3. Sad
    Staff got a reaction from foDkc4UySz in Termination of service in Italy   ...
    Hello!

    We regret to inform you that we will be discontinuing the service to residents of Italy as of February the 19th, 2024.
    From the above date, any user registering on the platform must declare that he/she is not a resident of Italy. The purchase page will have IP address-based geolocation and will not be served to IP addresses located in Italy. We will not interrupt the service to current subscribers until the natural expiry date and the refund policy will be granted as usual.
     
    REASONS FOR DISCONTINUATION
    The so-called "Italian Piracy Shield" is a legal framework with implementing regulation by AGCOM (Italian Telecommunications Authority) that forces operators offering services in Italy to block access to end services through IP blocking and/or DNS poisoning.  The list of IP addresses and domain names to be blocked is drawn up by private bodies authorised by AGCOM (currently, for example, Sky and DAZN). These private bodies enter the blocking lists in a specific platform. The blocks must be enforced within 30 minutes of their first appearance by operators offering any service to residents of Italy.

    There is no judicial review and no review by AGCOM. The block must be enforced inaudita altera parte and without the possibility of real time refusal, even in the case of manifest error. Any objection by the aggrieved party can only be made at a later stage, after the block has been imposed. For further details:
    https://www-wired-it.translate.goog/article/piracy-shield-agcom-piattaforma-streaming-pirata-calcio-segnalazioni/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

    The above requirements are too burdensome for AirVPN, both economically and technically. They are also incompatible with AirVPN's mission and would negatively impact service performance. They pave the way for widespread blockages in all areas of human activity and possible interference with fundamental rights (whether accidental or deliberate). Whereas in the past each individual blockade was carefully evaluated either by the judiciary or by the authorities, now any review is completely lost. The power of those private entities authorized to compile the block lists becomes enormous as the blocks are not verified by any third party and the authorized entities are not subject to any specific fine or statutory damage for errors or over-blocking.

    By withdrawing service availability from Italy, AirVPN will be able to stay outside the scope of the framework and maintain integrity and efficient operations.

    We certainly sympathise with our fellow Italian citizens, and we will be happy to offer advice and alternatives. We would also like to remind them of our more than ten years of support for the Tor network, which is freely accessible even from Italy, and which is becoming increasingly reliable and fast thanks to a myriad of small contributions like ours.

    Kind regards and datalove
    AirVPN Staff
     
  4. Thanks
    Staff got a reaction from go558a83nk in New 1 Gbit/s server available (UA)   ...
    Hello!

    We're very glad to inform you that a new 1 Gbit/s (full duplex) server located in Kyiv, Ukraine, is available: Altais.

    Altais supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Altais will replace Alcor in the same location.

    The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

    You can check the status as usual in our real time servers monitor:
    https://airvpn.org/servers/Altais

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove
    AirVPN Staff

  5. Thanks
    Staff got a reaction from oassQ9w4cbl4AySZhhth%p36x in Can the 10G Full-Duplex Servers Operate at Nearly or Full Bandwidth/Capacity?   ...
    Hello!

    Server load is indeed, and it has always been, one of the variables which are taken into calculation to determine the server rating and therefore recommend a server over another. Furthermore we have other inner variables which are monitored and are indicative of a server overload. In extreme cases yes, a server may be even closed to new connections due to overload, nothing new here. Such events are quite rare.
     
    Where does this assumption come from? There's no evidence that OpenVPN users are slowing down WireGuard users. The problem is mainly on the OpenVPN client side, as users running OpenVPN on agnostic networks and/or on devices not supporting AES-NI might be unable to reach the performance which they would enjoy with WireGuard.

    Again, whether or not prioritizing WireGuard over OpenVPN on the client side through our software default settings is not a problem due to OpenVPN stealing CPU time to WireGuard on server side (as incorrectly understood by @ms2738 too, we see now), as all servers have plenty of CPU available time for WireGuard, but a problem of customer satisfaction (in our previous message we mentioned the pros and cons which make the choice non trivial).

    Kind regards
     
  6. Thanks
    Staff got a reaction from go558a83nk in Termination of service in Italy   ...
    Hello!
     

    Customers who are not residents of Italy and purchased the service from outside Italy should not suffer any unintended suspension, even if they are transiting through Italy (for example for tourism). Should any problem arise please contact the support team.
     
    We will carefully explore different, feasible options when necessary, and this is one of them.
     
    This is because the authority will seek to enforce blocks on any company offering services to residents of Italy, regardless of whether the service is offered from another country and jurisdiction. See, for example, the request for DNS poisoning filed to Quad9, a non-Italian company that operates DNS servers outside Italy but accessible to residents of Italy. It is remarkable to note that Quad9 challenged a similar request from Sony in court, and won.

    Kind regards


     
  7. Thanks
    Staff got a reaction from OpenSourcerer in Mitigate the impact of "Limit of 5 Connections Reached" overhead in Eddie   ...
    @qwertyuiopas

    Hello,

    we think the moderator locked the thread correctly because you yourself wrote that the problem was resolved:
    Since you just wrote the opposite we have re-opened the thread and merged it with your new message, no problems.

    Kind regards
     
  8. Like
    Staff got a reaction from organicchocolate in ios wireguard working, am i supposed to be using openvpn concurrently?   ...
    @organicchocolate

    Hello!

    Your setup is fine. On your side you may either use WireGuard or OpenVPN. You can't use them at the same time on the same machine. In many cases WireGuard can provide higher performance especially on devices without AES-NI acceleration, such as your iPhone. WireGuard kernel module, which plays an important role to make WIreGuard faster than OpenVPN, is not available in macOS, so you may also compare in your Mac OpenVPN vs. WireGuard and pick the one which can provide the better performance.

    Kind regards
     
  9. Thanks
    Staff got a reaction from oassQ9w4cbl4AySZhhth%p36x in Can the 10G Full-Duplex Servers Operate at Nearly or Full Bandwidth/Capacity?   ...
    Hello!

    Server load is indeed, and it has always been, one of the variables which are taken into calculation to determine the server rating and therefore recommend a server over another. Furthermore we have other inner variables which are monitored and are indicative of a server overload. In extreme cases yes, a server may be even closed to new connections due to overload, nothing new here. Such events are quite rare.
     
    Where does this assumption come from? There's no evidence that OpenVPN users are slowing down WireGuard users. The problem is mainly on the OpenVPN client side, as users running OpenVPN on agnostic networks and/or on devices not supporting AES-NI might be unable to reach the performance which they would enjoy with WireGuard.

    Again, whether or not prioritizing WireGuard over OpenVPN on the client side through our software default settings is not a problem due to OpenVPN stealing CPU time to WireGuard on server side (as incorrectly understood by @ms2738 too, we see now), as all servers have plenty of CPU available time for WireGuard, but a problem of customer satisfaction (in our previous message we mentioned the pros and cons which make the choice non trivial).

    Kind regards
     
  10. Thanks
    Staff got a reaction from sennahojs in Slow connection speed regardless of server?   ...
    Hello!

    Do you get any improvement with WireGuard? In order to switch to WireGuard:
    from Eddie's main window please select "Preferences" > "Protocols" uncheck "Automatic" select any line with WireGuard. The line will be highlighted. click "Save" and re-start a connection to apply the change please make sure to test a few servers in different locations around your node Kind regards
     
  11. Like
    Staff got a reaction from Dr_Hausk in New 10 Gbit/s server available (US)   ...
    Hello!

    We're very glad to inform you that a new 10 Gbit/s (full duplex) server located in Los Angeles (California, USA) is available: Saclateni.

    Saclateni supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard.

    The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses and 4096 bit DH key not shared with any other VPN server.

    You can check the status as usual in our real time servers monitor:
    https://airvpn.org/servers/Saclateni

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove

  12. Like
    Staff got a reaction from madrat in Will not connect to anything "Yahoo"   ...
    Hello!

    With the current information unfortunately we can't say what you should look into. Try to open a ticket and investigate together with the support team. Let them know your Operating System, the browser you run, the software you use to connect to VPN servers... probably they will ask you for even more info in an attempt to understand the cause of the problem.

    Kind regards
     
  13. Like
    Staff got a reaction from Valerian in How to correctly use the "routes" tab to only route the torrent client through Eddie?   ...
    @shortfacedbear

    Hello!

    While Eddie Windows edition does not feature traffic splitting on an application basis (i.e. the feature you would need) WireSock for Windows has emerged in the last months as a practical and efficient solution even for your needs. https://www.wiresock.net/

    On Windows, WireSock allows per app traffic splitting, per app reverse traffic splitting, per IP address destination traffic splitting, and hybrid traffic splitting with an extremely simple configuration file. According to the new reports we received from some of our Windows customers, it is probably a good solution which will save you from virtualization and from any solution requiring a fairly decent system and networking competence. According to those same reports, WireSock is fully compatible with AirVPN but unfortunately it is not open source software as far as we can see.

    Kind regards
     
  14. Like
    Staff reacted to benfitita in Server Name / Cities List Fails Check   ...
    There's also https://airvpn.org/api/status/
  15. Like
    Staff got a reaction from Valerian in Google "Unaddressed Abuse Complaints"   ...
    Hello!

    Google Search should never be used for privacy reasons (Google profiling techniques are so advanced that you risk to create a correlation between your real identity and your VPN identity at the tiniest error) and ethical reasons, but you can rely on startpage.com if you really need Google Search. Startpage will proxy your queries to Google Search and serve you back Google reply, therefore an additional protection layer stands between your node and Google and you usually avoid captchas. A very good search engine offering privacy protection commitment is Brave Search:
    https://search.brave.com

    Kind regards
     
  16. Thanks
    Staff got a reaction from Alexei Sator in Eddie Android edition 3.0 available   ...
    Hello!

    A new release is planned during April 2024. Stay tuned!

    Kind regards
     
  17. Like
    Staff reacted to Xp5 in My review on AirVPN.   ...
    If someone else wanted a decent VPN, I'd direct them to this. So far of a month usage, AirVPN never created any issues.
    The port forwarding instruction was a bit confusing, as I was not sure If I should configure port forwarding in my router,
    Maybe more detailed steps would be appreciated (the answer is don't configure, VPN will work without router configs)
    About speeds, I always reach around 5/6 my speed (to keep it simple, I reach max speed).

    Using WireGuard, in a Linux machine.
    A happy customer, will renew subscription.

    Edit: Oh, my bad. I forgot to credit AirVPN staffs, they are helpful in forums.
  18. Like
    Staff got a reaction from fsy in Google Authenticator   ...
    Hello!

    Definitely, that reference to Google Authenticator was an old remnant of board's scrambled text. Please verify that everything has been fixed properly now. Thank you for the head-up.

    Kind regards
     
  19. Like
    Staff got a reaction from John Gow in Sucuri blocking many websites   ...
    @John Gow

    Thanks, we ignore the Linux Mint policy hostile to AirVPN and their reasons to act in this way after we supported the open source community so much in the last 13 years, but as far as it pertains to Reddit that's part of their policy enforced ever since years ago. Please note that it is in no way a block against AirVPN and that you can enter Reddit anyway from all the AirVPN servers. For a full description please jump here:
    https://airvpn.org/forums/topic/56980-vpn-servers-mostly-blocked-by-reddit/
     
    It is, but it's not against AirVPN specifically. An important reason for which all VPNs tend to get blocked (but of course this can't be the reason for Linux Mint web sites) is that their usage has exceeded a critical threshold worldwide and it's now threatening businesses based on profiling, personal data harvesting and reselling. For other reasons, see also:
    https://airvpn.org/forums/topic/57171-no-specific-report/?do=findComment&comment=228533

    Kind regards
     
  20. Thanks
    Staff got a reaction from aVoid2 in How to manage client certificate/key pairs   ...
    Hello!

    Multiple keys allow you to:
    selectively pick remotely forwarded inbound ports by device/key connect multiple devices to the same VPN server by using a different key on each device have different, device-specific DNS block lists
    A dedicated panel to manage your client certificates and keys is accessible in our web site.
     
    In order to access the main control panel click Client Area while your account is logged into the AirVPN web site.
     
    The Devices button provides you with access to a panel to administer your client certificate/key pairs. The panel lets you use a multi-certificate/key support from AirVPN, a comfortable and convenient feature. You can have multiple pairs, renew them and issue completely new ones. From each device of yours you will be free to use any pair you like. Therefore you can keep all of your certificates and keys under control, administer them and also connect multiple devices to the same server and port by using a different key on each device. Eddie 2.13.6 or higher version is required.

    In Eddie's Overview window a menu which will let you choose a key before you start a connection will appear automatically when you create a new certificate/key par from your account control panel (note: restart Eddie and log your account out and in again if such menu does not appear). To create a new certificate/key pair click the button labeled Add a new device.
     
    The Configuration Generator has been modified as well, in order to let you generate configuration files with the certificate/key pair you wish.
     
    Let's see in details how to use the "Devices/Keys" options.
     
    Device Name and Description: these are free name and description which you can associate to any pair for your comfort. Click the pencil icon to edit.

    Details opens a window showing various information: Type, Creation date, Last renew date and Last VPN connection. In the same window you can find the following actions: Renew: when you click this action button, the corresponding certificate will be revoked, and a new certificate/key pair will be issued. Delete: this action button will revoke the corresponding certificate, without issuing a new one. DNS: this action button will let you enter the DNS block list panel for that specific certificate/key pair to let you define, activate or de-activate specific DNS block lists, exceptions and additions, which will apply to that pair only.
    View history and View Active will toggle with each other to provide you with any relevant information on the history of your actions about keys and the current active list.   
    Some caution when using the aforementioned features:
    if you revoke or renew a certificate/key pair which is being used by some connected device, that device will soon be disconnected
    in Eddie Desktop edition, you will need to log your account out and then in again to force Eddie to pick a different pair (new or old) (*) - in Eddie Android edition this is not necessary
    to use new pairs, you will need to re-generate and import configuration files if you use them with some third-party software, or if you run OpenVPN or Wireguard directly
    (*) unchecking "Remember me" is necessary in older Eddie versions  
    Kind regards and datalove
    AirVPN Staff
  21. Thanks
    Staff got a reaction from ms2738 in Can the 10G Full-Duplex Servers Operate at Nearly or Full Bandwidth/Capacity?   ...
    Hello!

    If DCO becomes stable and maintains the performance claimed in the OpenVPN Hackathon 2019 yes, we do, as DCO would outperform WireGuard (in real life we don't see much difference though, but we must keep into account that DCO is still highly experimental). On top of multi-threading support, it could be used over TCP too, which would be significant. On the server side it resolves also WireGuard limitation regarding the automatic IP address assignment in place of the moronic static, hard coded and on file key<->address bijection needed by WireGuard. On the other hand, on the Linux universe, we don't foresee DCO included in the mainline kernel, while WireGuard is already there. We'll see.
     
    It's a worthwhile test and we're thinking about it.

    Kind regards
     
  22. Thanks
    Staff got a reaction from ms2738 in Can the 10G Full-Duplex Servers Operate at Nearly or Full Bandwidth/Capacity?   ...
    Hello!

    If DCO becomes stable and maintains the performance claimed in the OpenVPN Hackathon 2019 yes, we do, as DCO would outperform WireGuard (in real life we don't see much difference though, but we must keep into account that DCO is still highly experimental). On top of multi-threading support, it could be used over TCP too, which would be significant. On the server side it resolves also WireGuard limitation regarding the automatic IP address assignment in place of the moronic static, hard coded and on file key<->address bijection needed by WireGuard. On the other hand, on the Linux universe, we don't foresee DCO included in the mainline kernel, while WireGuard is already there. We'll see.
     
    It's a worthwhile test and we're thinking about it.

    Kind regards
     
  23. Thanks
    Staff got a reaction from BKK20 in Veritate down   ...
    Hello!

    Please try again now.

    Kind regards
     
  24. Like
    Staff got a reaction from xmartymcflyx in Fedora asking for password each time   ...
    Hello!

    You should be able to avoid the password request by ticking "Don't ask [for] elevation [at] every run" in "Preferences" > "General" window. Eddie 2.23.2 is required, as this feature might not work properly in Eddie 2.21.8 on Fedora 38 and 39.

    Kind regards
     
  25. Like
    Staff got a reaction from ScanFarer in Can the 10G Full-Duplex Servers Operate at Nearly or Full Bandwidth/Capacity?   ...
    @ms2738
    @ScanFarer

    Hello!

    DCO would resolve any problem and would not require this relevant waste of resources with the infrastructure split into "WireGuard only" and "all the rest" servers. As the "kernel acceleration module" which then became "DCO" project was announced in 2019 we thought the split you suggest would have been unnecessary. Five years have passed since that announcement and DCO is still "under heavy development, therefore neither its userspace API nor the code itself is considered stable and may change radically over time." so we might review our plans. Let's see anyway whether this first quarter of 2024 brings news on DCO development.

    Kind regards
     
×
×
  • Create New...