Search the Community

Hello, I write this message for help because, I try many things, I read many message about this problem but I can't find the solution. I have a totally working setup with a **Raspberry Pi 3 B+** with *qBittorent nox (v4.6.2)*, *AirVPN* and *port forwarding* working with *openvpn* on *Raspbian 11*. I want to upgrade my setup with a **Raspberry Pi 5**. I use new version of *qBittorent nox (v5.0.1)*, *hummingbird* CLI to use VPN and *port forwarding* with *AirVPN* on *Debian 12*. I try many things, but I can't make it work. When I check *Your forwarded ports* page, I see *Connection refused (111)*. My configuration is: Connection > Listening Port - Use only uTP - Port: forwarded port - Use UPnP / NAT-PMP port forwarding from my router: off Connection > Connections Limits - Global maximum number of connections: off - Maximum number of connected peers per torrent: off - Global maximum number of upload slots: off - Maximum number of upload slots per torrent: off Speed > Rate Limits Settings - Alternative global rate limits: off - Apply rate limit to transport overhead: off - Apply rate limit to peers on LAN: off BitTorrent - Torrent Queueing: off I try to let configuration as native too, but it doesn't work. I try to disable firewall with `ufw` or to enable it, but it doesn't work. BUT, it works with *transmission*! Everything is working and I see *Port is open* on *Your forwarded ports* page. When I use some tools to verify IP address, I see my VPN IP address. Some I don't understand what with my qBittorent configuration. I try to use *qBittorent nox (v4.6.2)* but it doesn't work too, even if I use config from my Raspberry Pi 3 B+. In best case, I have qBittorent firewalled as *Connection status*, and worst case, I have *Disconnected*. However if I disabled VPN, everything is working. So, I'm sorry if it's similar to other message, but I can't find the solution. I hope you can help me. I can provide more information if needed. Thanks you.

Hello, I have a forwarded port set up following the guide (https://airvpn.org/faq/p2p/) and it works perfectly fine for qBittorrent, however Nicotine+ cannot connect on tcp and says the port is closed. Setting a firewall rule to allow incoming traffic, on the VPN Network interface, to my specific forwarded port allows the connection for N+. In the guide there is no mention of having to change firewall settings in order to make use of the forwarded port. Am i doing something wrong here? and is making this rule safe as in not getting my real ip detected. The rule I made that worked was Allow In on tun0 interface, using both protocols, on Port # I am using Linux Mint 21.3, with the firewall in the default state of "Incoming: Deny" and "Outgoing: Allow"

Hello and thanks for this great VPN service! Clients work well until I try to combine a Network Lock with Open Snitch Our browsers and applications constantly spy on our usage, requiring secure users to block these pesky telemetry echos. A secure connection is not enough. The goal is to have Manjaro (mate) 6.1.62-1 running “Open Snitch” with the Eddie client fully locked (in/out), no LAN or DNS selected. Using any of the locking mechanisms available (iptables / nftables) *Question dose not include the use of Hummingbird in the settings.* Currently using both the cli (version 2.23.2) and UI (version 2.21.8) of the Eddie client. IPv6 is disable at the system level via grub entry. **There are two different errors with the same effect just worded differently.** - UI client gives the error “Unexpected crash of elevated helper: Connection reset by peer” - CLI client gives the error “Unexpected crash of elevated helper:Network subsystem is down” Both require disabling and re-enabling "Networking" via NetworkManager in order to communicate again. Open Snitch has 3 selections for process monitoring. EPBF Proc Audit My current configuration is using “EPBF” as auto selected by Open Snitch install. The Error in Question *What is necessary to have these both running in full; so that I can control any web browser telemetry or applications that phone home with Open Snitch. While managing and controlling my LAN/VPN connections with Eddie. There simply is no such thing as online privacy if you cannot stop telemetry and secure your connection with multiple technologies at the same time from one system. The OS. Thank You for any help and have a great weekend. Happy Thanksgiving AirVPN!

Does anyone have any experience with Untangle firewall? I am trying to get a port forwarded for bittorrent but for some reason it will not work despite my best efforts. I have got the port forward working fine with a local openvpn client on the machine so can confirm it is something to do with untangle. I have my port forward setup as following... Destination local - True Protocol - TCP Destination port - 48146 New destination - 192.168.0.194 New port - 48146 I also have a firewall rule allowing from the vpn tunnel interface to the machine with the client running on it. I have also tested the port is open from the untangle box and can confirm it open. Any input would be appreciated!

Since it is not very easy to use a VPN from countries like Iran a recorded a tutorial on how to use airvpn from these countries: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ The videos are hosted on my website and on youtube. The reason is that it is not possible to access youtube from Iran. https://youtu.be/jl8I2-GQF94 It would be nice if you could share this with your friends in Iran, China, Turkey, Russia, UAE, Saudi Arabia and provide feedback if this method works. You can also download this video from my website to make it easier to share and spread the word. A video on how to use stunnel on android will follow and also published on this site. Update on 6.1.2018: The Video for Android is finally published: https://www.youtube.com/watch?v=zwf5JI6t0TI For all who suffer from youtube censorship this is the link for you: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ Second Video on the page

Hi, I have written an alternative client for AirVPN that I would like to share with you. Just as Eddie, it supports other providers, too, as long as OpenVPN config files are provided. For AirVPN and Mullvad it offers a convenient update function that just requires you to enter your credentials in order to download the latest server configurations. Furthermore, it allows you to choose among the plethora of protocols offered by AirVPN (including OpenVPN over SSL/SSH) except the experimental ones (I might add support for those in the future, once they become available for all servers). Qomui (Qt OpenVPN management UI) as I have named it, is written in Python and PyQt and should run on any GNU/Linux distribution. It allows you to easily create double-hop connections. In other words, you can route your requests via two OpenVPN servers. This feature works provider-independent. For example, you could choose a Mullvad server for the first hop, and AirVPN for the second (I have successfully tested this with AirVPN, Mullvad and ProtonVPN). Thereby, it avoids a major downside of similar offers by some providers, namely the fact that if one provider controls all "hops" he or she could potentially still see, log or inspect all your traffic. In the latter case, you would gain little in terms of privacy. With the ability to "mix" providers, Qomui does not suffer from the same problem and hence offers some tangible benefits. Obviously, you would still have to sacrifice some speed/bandwith, though. Depending on your DE (looking at you, Gnome!), Qomui will also display a systray icon that shows the country of the server you are currently connected to. Additional features include protection against DNS leaks and a firewall that optionally blocks all outgoing network connections except for the OpenVPN server you have chosen. Since it is never recommended to run graphical applications as root, which is a major flaw of most OpenVPN clients, all commands that require root privileges are handled by a background service that can be controlled via systemd. The following screenshot gives you an idea of what Qomui looks like (on Arch/Arc Dark Theme). If you are interested, you can download Qomui from github: https://github.com/corrad1nho/qomui Of course, I'd be happy for any kind of feedback. If you find bugs or Qomui does not run properly or not at all on your machine, please let me know. I'm happy to help! At last, a big thank you to AirVPN and its amazing community. The fact that you rely more on explaining technical details than empty promises, has helped me to learn a lot. It is also one of the main reason why I chose AirVPN. Commendably, Eddie is also released as open-source software. Only Mullvad does that, too, to my knowledge. Why doesn't every provider do that? You are selling a service, not software! Why would I trust in proprietary software? Funnily, I have never really used Eddie, though, since I was accustomed to manually adding config files to NetworkManager as my first provider did not offer a GNU/Linux client. My interest in features such as OpenVPN over SSL made me look into more convenient solutions, though. Ultimately I decided to write my own program as I wanted to learn some Python and this provided a perfect practical challenge. I have actually used Qomui daily on multiple machines during the past few months and constantly tried to improve it. So I'd thought it'd be about to time to share it (it's an alpha release, though). Have a nice weekend! Corrado

The port-forwarding page was updated very recently (neat!) and there's now an option to test whether the port is open and reachable. I did test it: unreachable! Darn, I must've changed/enabled the firewall again. Disable it? No, I will show you the proper way how to configure Windows Firewall for port-forwarding. Screenshots attached below Go to "Control Panel\All Control Panel Items\Windows Firewall". You will see the Home/Work and Public networks. Find out which one is your OpenVPN connection to AirVPN (mine is properly named, yours will not be), preferably you should've set it as a public network like me. if the VPN connection is not classified as a public network, change it now. There's no reason to allow Windows to be promiscuous with the local services like printing and file sharing on the VPN network. Read what is says about incoming connections: "Block all connections to programs that are not on the list of allowed programs". We will need to change that On the left click "Advanced settings" (opens "Windows Firewall with Advanced Security") - OR skip steps 1,2: Press Win+R keys and run "WF.msc" You'll see the same thing as in 3: "Public profile is Active - Inbound connections that do not match a rule are blocked" and "Outbound connections that do not match a rule are allowed" This means we only need to create inbound rules to allow incoming connections (port-forwarding) [Allow Program] Go to "Inbound Rules" -> New Rule... Rule Type = Program, Next This program path = choose the program's .exe file. Like "C:\Gameserver\server.exe", NEXT For Minecraft that's either java.exe or javaw.exe in Program Files. Windows: cmd.exe and run "where java" to find out the path. The first line is your answer Action = Allow the connection, Next Profile = Check the profile where AirVPN adapter is (e.g. Public). You can select all three checkboxes, it's ok. Name = "MyServer (allow program)" Your new entry will appear at the top. When you next visit the settings, it will be sorted alphabetically. [Allow ports] Only doing (5) was not enough to get port-forwarding to work, I had to explicitly allow the ports. Go to "Inbound Rules" -> New Rule... Rule Type = Port, Next TCP/UDP (repeat these steps to enable TCP AND UDP with 2 different rules) Specific local ports: Enter the port from port-forwarding page. If you specified a different local port there, enter the local port in Firewall settings. Next Allow the connection, Next Profile = See above or check all Name = "MyServer (allow TCP _port#_) Repeat these steps to allow UDP Now port-forwarding should work and inbound connections be accepted by your server or content-sharing application. This guide was sponsored by windows 7 gang Final result (I forgot to allow UDP 1234 too) Go to Windows Firewall, click advanced settings (left): Create new Inbound rule to Allow program (step 5): Now the individual TCP/UDP ports (step 6)

I just now saw a post in my Telegram newsfeed which had this to say: VPNs targeted, throttled - Gov Jan6 Patriot witch-hunt? https://youtu.be/38za1LYj2XQ Here is the info undeneath the actual YOUTUBE video: HOW can ANYONE "throttle" VPN traffic if it is encrypted? unless they watch a certain port all the time??? And AirVPN lets us pick our own ports or sets apart isolated ports for us.... Why is this even happening?!

Hello, I updated Eddie from 2.16.x to 2.18.9 on Windows 10. I did not uninstall the old version first, just installed over it. It installed ok. The Eddie screen comes up with my login and password already filled out from before when it worked. Upon launching I am not greeted with Cannot login (curl (7) Failed to connect to 63.xxx.xxx.xxx port 80 bad access. I typed my user name and password again - same error. Windows Firewall is on, so I turned it off for Domain, Private and Public. It works. I turned them on one by one and it works for Domain and Public, but as soon as I add private it fails again with the above error. I used 'Allow an app through firewall' added Eddie - Windows UI (both private and public. Still the problem persists when the Private Firewall is turned on. With the private firewall turned off, I can see the list of servers then try to connect to a server and it keep trying and failing with the error curl: (7) Failed to Connect to <server>_exit.airservers.org port 89: Bad access <red x> Checking route IPv4 failed If more info is needed, please let me know! Help? Thanks, Veep

I understand that with the new Eddie version, the Comodo Firewall settings are no longer up to date. I am now getting a whole slew of errors (e.g., not connecting, IPv6 tunnel errors, connection loops, etc.). Instead of trying to fix the problem, I shut the entire firewall down and went back to the basic Windows 8.1 firewall on default settings. At least now airvpn is connecting. There used to be a sticky tutorial here on the AirVPN forums on how to configure Comodo Firewall with AirVPN, but I do not see it anymore (nor can I find it). Is it safe to assume that Comodo Firewall is no longer recommended by the admins? If it is still recommended, what is the recommended setup? Warm regards, Jopa

Hello, Everything was working just fine till recently. Every time I boot up and connect to the AirVPN client, it is always unsuccessful. I check and found out the Windows 10 Firewall is on. When I turn it off, I can connect. When I look at Private Networks active networks, I see Linksys43709. I am guessing I have to add this as an exception - but don't see where. I can add apps (AirVPN-ICMP, AirVPN-In-Allow local, AirVPN-In-AllowVPN) Private networks have been select to be allowed. Settings for AirVPN. Right now I have the FW turned off so it works See attachments, please Help? Thanks, Mr. V

Hi, I am getting several alert entries in my pfsense firewall. There are connections denied to 4 different TOR relays in the US, Switzerland, Germany and the Netherlands. I never had these entries before so I am a bit worried. Example: AirVPN_LAN Source: 192.168.1.xxx:476xx Destination:176.10.104.240:443 Any ideas?

Hi, I would like to use AirVPN on my Android device but am concerned about leaking. I have seen some posts on here about using AfWall+ and was wondering if this is the best way to go. Android now also natively has a kind of Network Lock feature. But then there is also the boot leak (discussed here, along with providing a userinit script for droidwall to disable network connectivity during boot and also a script to prevent Google portal capture during wifi connection: https://blog.torproject.org/mission-impossible-hardening-android-security-and-privacy). My thinking is to use OpenVPN on the latest Lineage OS and would appreciate any assistance on the matter. Thank you.

Hello all, I use a very restrictive firewall for Windows 7 known as TinyWall. I made it only allow programs I specifically let through it. The issue is I've allowed the AirVPN.exe executable through the firewall with no restrictions, but even so I'm not able to connect to a server until I disable the firewall. After I connect to a server, I can then reactivate the firewall. If I have the SSL protocol activated though, and I re-enable the firewall after connecting, it just disconnects from the server. If I let Eddie choose the protocol automatically, it doesn't disconnect after re-enabling the firewall. Judging from the attached screenshot of blocked processes by the firewall and Eddie's logs, it seems it's trying to connect to port 80? Though I'm not sure what exactly is trying to do so, since the executable is not shown. Any ideas? Thanks for any help. system log info.txt

Hi, After I've forwarded the right port in AirVPN client area and put the right settings in qBittorrent, I finally get great speeds while connected to the VPN service. However, the speeds (for torrents), seem to fluctuate heavily between 0 and 200Mbit (my max speed). I have the feeling it is because of some setting or limit somewhere that high speeds cannot be sustained. Here is a screenshot of the Eddie speed: More info: - Using network lock - Using OS X 10.12.6 - Using an SSD - Using Asus AC-3200 router - Only using the utun3 network interface in qBittorrent - Used settings described here for qBittorrent - Disabled firewall on router - Looked for any settings in my router that might impede sustained speed like ICMP flood detection but cannot find those - Using port forwarding in client area Is this normal behaviour? I don't really mind it for the time being, as speed is much faster than before, however maybe I'm missing a setting that could prevent this?

How do you do this?

I've been having this problem for months now. I'm running Windows 7 and Windows 10 and use Bitdefender Internet Security on both machines. I want to be able to access certain websites outside of the VPN tunnel (so they see my real IP), but still force all other traffic through the VPN tunnel. To achieve this, I added the exceptions inside Eddie under Settings -> Routes. The problem is: they only work as long as I don't have network lock enabled. How do I know this? I'm testing these routes with sites like ipleak.net, doileak.com, ifconfig.co etc. As soon as I activate network lock, I can't access the sites I specified under "routes" anymore. I can ping them just fine, and run a traceroute command, but I can't access them inside any web browser. I also tried adding them under "allowed addresses" inside the "network lock" settings without any luck. I've been trying to solve this issue with staff for almost two months now, but without luck so far. It would be awesome if some of you could try to reproduce the same error, i.e. setting up these routes to see if you can access these sites while network lock is active. "Disclaimer": I'm using the "Windows Filtering Platform" method for network lock. (Which is the default method anyway as far as I'm aware) Everything is working just fine when I'm using the "Windows Firewall" method, even with network lock enabled. However, I don't want to rely on the Windows Firewall, so I'm using the firewall from Bitdefender Internet Security instead Any ideas or suggestions? Can any of you reproduce this same issue? Are any of you using another third party firewall that doesn't cause this issue? If so, which one? PS: Here are the IPs for some of the sites I used for testing so you can just copy and paste them if you want to test it for yourselves: 95.85.16.212 (ipleak.net) 62.243.70.171 (doileak.com) 188.113.88.193 (ifconfig.co)

Hello everyone, I am TheDarkOnyx. That aside, I am facing problems with connecting with SSL to any server, for that matter. In my case, my school has a hefty firewall that has DPI recently, and it has been effective. I have since been using STunnel and I am using SSL port 28439, and oddly enough, it has been resetting connection by peer by almost every single server available except the Dheneb server. Is there something I should fix? Thanks.

Hey, everyone: Not sure if this is the best place to post this or not, or if this is being discussed elsewhere; I tried to search for topics related to this, but couldn't find anything, so I figured I'd start my own. If it needs to be moved or is already being discussed, please change it, or let me know where I can find the information. I'm not really a fan of Windows 10 firewall, and was hoping there is now a way to use Network lock with Kaspersky firewall? I know a year or so ago, there wasn't really a way, but now I'm seeing something about "Windows Filtering Platform" to help with that? What is WFP? Is there a way to get Eddie and the Network Lock to work with Kaspersky? If so, how would I go about setting it up, and testing to make sure it's setup correctly? If not, how can I make sure that my Network Lock and Kaspersky aren't interfering with one another and are setup correctly? Thank you, Kevin

Hello everyone, I would like to create rules in the Windows 7 firewall so the AirVPN Edie client can work properly. Right now I have to allow all outbound connections for the client to work, which is not that secure. I want to have my Windows 7 firewall block all inbound and outbound connections unless I make a rule which allows a connection. I tried to make new rules in the Windows 7 firewall which included the AirVPN client files located in C:\Program Files\AirVPN to allow the connections but this did not work. I am fairly new to making firewall rules and using a VPN, so I need a basic explanation how to do this. Any advice would be appreciated.

Hi all, I have a little problem. I try to tell it with my terrible English. So i like to setup this VPN(airvpn client) >>> SOCKS PROXY>>> Browsers and others, virtual machines etc... (all socks traffic over vpn). The host os is linux.

Hello, I've recently installed OpenVPN for Android (the open-source recommended choice) but I'm concerned about different issues. For instance, this app doesn't autostart at boot / reboot but has to be manually started. BTW Android uses wifi's previous state after reboot : when Wifi was "on" our real IP is visible until OpenVPN is manually started. When it crashes (it happens with the latest version) our real IP gets exposed too. I wonder if it could be possible to configure a firewall (AfWall+ or Droidwall) to block all the traffic excepting the one which transits through OpenVPN for both Wifi and data (3G/4G) ? These two apps are using iptables but I don't know how to write the custom rules matching my requirements. The help and knowledge of some computer savvy members would be appreciated. If it works we could maybe create a tutorial for the "How to" section of this forum ? I've collected several articles regarding Android and iptables but I've no idea how I could adapt all this for AirVPN .ovpn default config file (Europe). https://android.stackexchange.com/questions/14455/how-can-i-block-the-traffic-outside-the-vpn-even-if-the-vpn-is-down https://github.com/ukanth/afwall/wiki/Apps-leak-private-user-data-during-boot https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy https://droidvpn.com/page/stopping-leaks-with-droidwall-when-using-droidvpn-8/ https://airvpn.org/faq/software_lock/ Any idea ? Thanks

Hi, Long-time AirVPN user, I'm on a linux PC, using the ufw method described here: (https://airvpn.org/topic/5586-prevent-leaks-with-linux-firestarter-also-stop-traffic-when-vpn-drops/?p=14095). I would like to share this connection with other devices, having my PC serve as a kind of router. Assume I cannot modify my router or the other devices to natively use AirVPN. I have been able to create a wifi hotspot using an ethernet connection. However, my devices are unable to complete the connection until I disable the firewall. Obviously, this is not an acceptable solution as it will allow leaks and I was wondering if anyone here in the community could modify randombit and worric's method to allow hotspot usage.

Hello all, I'm having issues Eddie - Network Lock at Windows startup. I have to manually turn off Windows Firewall every time Windows starts. I don't understand why it automatically turns on if Service is set to "Manual". Can you please tell me if you need any more info to understand the issue? Thanks.

Hello, I have a question that maybe someone more knowledgeable can answer. I have a computer at home that runs airvpn client and a remote computer. I want to be able to connect from either computer to another one with ssh. Without airvpn client, everything works (obviously). If I run airvpn without network lock, I can ssh from home to remote (it goes via the AirVPN server) but not from remote to home. I tried to start airvpn with the parameter "routes.custom=my.remote.ip.addr,255.255.255.255,out" but it didn't help - the required route was not added to the routing table. However, that problem was easily solved: I added the route separately with "route add -host my.remote.ip.address gw 192.168.1.1" and all was well: ssh works from home to remote and from remote to home bypassing AirVPN as I want it to do. Now, I enable network lock. This time I need to add "allowed IP" parameter to be able to ssh from home to remote: ./airvpn -cli -connect -netlock -login=**** password=**** netlock.allowed_ips=my.remote.ip.addr But ssh from remote to home is blocked by the firewall. I can't find any airvpn parameter that can be used to create custom firewall rules. So I ended up with adding the required rule myself. Before: # iptables -L -v --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 177 16717 ACCEPT all -- lo any anywhere anywhere 2 0 0 ACCEPT all -- any any 255.255.255.255 anywhere 3 93 8963 ACCEPT all -- any any 192.168.0.0/16 192.168.0.0/16 4 26 4651 ACCEPT all -- any any 10.0.0.0/8 10.0.0.0/8 5 0 0 ACCEPT all -- any any 172.16.0.0/12 172.16.0.0/12 6 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 7 1890 460K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 8 0 0 ACCEPT all -- tun+ any anywhere anywhere 9 6 502 DROP all -- any any anywhere anywhere Add the rule: iptables -t filter -I INPUT 9 -i eth0 -p tcp -s my.remote.ip.addr --dport 22 -j ACCEPT After: # iptables -L -v --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 182 17197 ACCEPT all -- lo any anywhere anywhere 2 0 0 ACCEPT all -- any any 255.255.255.255 anywhere 3 107 10296 ACCEPT all -- any any 192.168.0.0/16 192.168.0.0/16 4 41 6945 ACCEPT all -- any any 10.0.0.0/8 10.0.0.0/8 5 0 0 ACCEPT all -- any any 172.16.0.0/12 172.16.0.0/12 6 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 7 1981 480K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 8 0 0 ACCEPT all -- tun+ any anywhere anywhere 9 0 0 ACCEPT tcp -- eth0 any my.remote.ip.addr anywhere tcp dpt:22 10 6 502 DROP all -- any any anywhere anywhere Now everything works again, but the question remains: what is the best way to achieve that ? In the worst case scenario, I can just start airvpn in the background, wait a minute or so and then run iptables with my additional rule. But that looks ugly. Can anyone think of a better way ? Maybe some "event.session..." or "event.vpn..." parameter will do the trick ? Thanks for any help.