EMULE

Many users might think it's unnecessary, since using a proxy is sufficient to bypass the Firewall. I'd like to share my perspective: proxy providers only promise to offer specialized technology for circumventing the firewall, without guaranteeing user privacy or maintaining network neutrality. Furthermore, proxies are usually cheaper than VPNs, meaning some low-priced providers might profit from user information. Using only a proxy puts your information at risk. For a while, I only used a proxy to bypass the GFW, and I received a lot of spam, which was extremely annoying. Therefore, I decided to use a proxy in conjunction with a VPN. My traffic is encrypted through OpenVPN and forwarded by AirVPN servers, significantly increasing the difficulty for proxy providers to obtain my information, thus protecting my privacy. AirVPN didn't disappoint in terms of privacy protection; I didn't receive any spam while using it. Simultaneously, by utilizing proxy protocol technology, I can use numerous protocols to bypass the GFW's interference and blocking, which is superior in terms of obfuscation, privacy, and network neutrality.

The actual experience is quite good. The speed is on par with AmneziaWG, or even faster. If a dedicated proxy node is used, it may be able to run at full bandwidth, with speeds far exceeding SSH and SSL.

The IP address was detected as an AirVPN server IP, which was leaked via WebRTC. The IP was traced back to the proxy node IP, and could not be traced back to the local machine IP, so it can be considered secure.

Of course. The steps are as follows: 1. Configure Clash (agent software) Import proxy nodes using a proxy vendor link (proxy nodes can use any protocol). Clash settings - Port - Socks port - Enable - Set to 10000 (the port number can be anything). 2. Configure Eddie Eddie settings - Proxy/Tor - Type - socks - When - Always - Host - 127.0.0.1 - Port-10000 - Authentication - none Eddie Settings - Protocol - Select OpenVPN TCP 443 Eddie Settings - Network Lock - Uncheck "Ensure in Session" save 3. Connection To use it, first open Clash and connect to the proxy node using the system proxy mode, then open Eddie and connect to the server. 4. Diversion With this setup, all software still uses the proxy node and does not go through the AirVPN server, so traffic splitting is necessary. (There may be professional software for setting up traffic splitting rules, but I didn't use it; I'm just sharing my approach.) For browsers, the ProxySwitch plugin can be used to select direct connection mode. For other applications, they can listen on port 10003 of the AirVPN port forwarding service (this is different from the Socks port; it's the port number for port forwarding set in the AirVPN panel; it can also be any port). This allows you to route traffic through a proxy node for obfuscation before it passes through the AirVPN server, effectively enhancing the obfuscation effect.

Currently, AirVPN only has three options for bypassing the block: SSH SSL and AmneziaWG, which is already quite excellent for a VPN provider. However, these options are still insufficient in the face of the ever-evolving GFW and other national firewalls. Perhaps we can outsource the protocol obfuscation part to other proxy providers, while leaving the basic privacy protection part to AirVPN. I have implemented the addition of dedicated proxies from other vendors in Eddie. I set a hybrid proxy port x in the Clash software and set a SOCKS proxy 127.0.0.1:x in Eddie. This way, traffic goes through the proxy first and then is forwarded to the AirVPN server. I can use the obfuscation performance of the proxy protocol to obfuscate AirVPN traffic. This makes a wide variety of obfuscation protocols available, such as Vless, AnyTLS, Hysteria2, Shadowsocks, Trojan, and Vmess. Using a proxy provider combined with a VPN provider allows me to bypass internet censorship smoothly, which is a good idea.

Yes. This is because the ISP has blocked the boot server. Please open the ticket to obtain the private boot server from the staff, or wait for the subsequent Android version update. It is said that in the subsequent version, the login information will be saved locally. Then, there will be no need to log in every time. Just log in once and you can use it as before, just like the computer version.

Yes, as long as the size of the I1 data packet is less than the MTU, it will be fine. The default MTU of AirVPN is 1320. Of course, if the size of the I1 data packet complies with the QUIC specification, the effect will be even better. If you want to construct simulated QUIC data packets using random data, you can make 5 data packets have the same format and keep their size as small as possible (e.g. 110 bytes). You can also increase the size of the main data packet I1 (e.g. I1 1200, I2-I5 70). If you want to construct a CPS data packet using specific data, then the size of the main data packet I1 must follow the size of the Quic data packets in a regular internet connection. The sizes of the other data packets can be random, but I suggest that the sizes of the other data packets should also follow the packet sizes in a regular internet connection (such as I1 1292, I2 77, I3 87, I4 87, I5 73). You can also use only the I1 data packet, which contains specific data. However, do not increase the size of the I1-I5 data packets simultaneously (such as I1-I5 1292). Such behavior patterns are likely to violate the normal Internet connection and thus be detected. In summary, the functions of the 5 data packets are to imitate a regular internet connection, thereby concealing your VPN connection. Try to make the behavior patterns of these 5 data packets as close as possible to those of a regular internet connection. You can use Wireshark to capture packets to understand the behavior patterns of UDP data packets under a regular internet connection. All settings should be based on actual conditions rather than theory. Yesterday, I used AmneziaWG on my phone to connect to the US server and when accessing Google Play, the speed reached over 300 Mbps. This is the fastest speed I have achieved since I purchased AirVPN. For a VPN connection under the GFW, this speed is already very fast, haha😄😄😄. Good job!

I think this might be related to data centers. Some data centers offer excellent services, while others provide poor services. I believe as the AirVPN business expands, there will be more and more high-quality data centers providing services.🤔🤔🤔

Hello! I'd like to ask if there are any cheap VPS recommendations? I'd like to purchase an additional server to test any protocols that might bypass the Great Firewall. I've looked at many Hong Kong providers, but the cheap VPSs explicitly prohibit any circumvention techniques in their terms of service. I really can't find a usable and relatively inexpensive VPS. Could you recommend a few? Thank you.

That's incredible! It seems the server hardware wasn't that bad; perhaps it was just maintained two days ago? Or maybe the hardware was replaced? I see that this server only has 280+ users. Could it be a user issue? More users using the Wireguard protocol can indeed bring higher bandwidth usage. If the AmneziaWG protocol becomes widespread, it would be incredible if even 10G servers could be fully utilized.😄😄😄

Hello! It's clear that Eddie version 2.24.6 has disabled the use of the tap driver. I think the official reason is that tap is too slow and therefore abandoned it, since the wintun driver is much faster. To use the Tap driver in Eddie, select Eddie version 2.21.8 from the download page. In Eddie 2.21.8, there is a rollback driver option. Check the box to enable Eddie 2.21.8 to use the Tap driver. To use the latest tap driver, you can try installing the latest version of the OpenVPN client and connecting using a configuration file.

Hello! It seems many people have encountered the pop-up issue, but fortunately I haven't, because I had already turned off Eddie's system notifications. You can try ending the eddie process, reopening it, ignoring the system pop-ups, and directly waking up the eddie main program page from the taskbar, then turning off system notifications on the main program page. Eddie-Preferences-UI-System notifications, uncheck. This may be a temporary solution. To completely resolve the issue, please submit your system report to the official support team and wait for an official fix.

@Stalinium Yes, the packets you obtain yourself are better suited to your network environment. If you find that troublesome, you can also try other people's parameters. Here are my parameters. Jc = 8 Jmin = 86 Jmax = 892 S1 = 0 S2 = 0 H1 = 2 H2 = 3 H3 = 4 H4 = 1 I1 = ... I2 = ... I3 = ... I4 = ... I5 = ... CPS I1-I5(bing.com-initial QUIC).txt

I think so. My VPN functions the same as before, and I'm able to connect to blocked websites.

Hello! I've also frequently encountered this problem. The connection often fails during the IPv4 check step, and I don't know what causes it. However, I can connect normally after disabling the IPv4 check step. I don't know if this is correct, but it does solve my connection problem. Eddie-Preferences-Advanced-Check if the tunnel works, uncheck. Eddie-Preferences-DNS-Check AirVPN DNS, uncheck. Will there be any potential problems with my settings?