Jump to content


Member Since 04 Jun 2010
Online Last Active Today, 04:52 PM

#81960 Server push `route`

Posted by Staff on 19 January 2019 - 05:53 PM



YES, the script rewrite for BSD looks like a perfectly suitable solution.


Kind regards

#81881 Nunki Line Problems

Posted by Staff on 16 January 2019 - 10:16 AM



IPv6 problems lead to connection failures when clients try to connect with IPv6 layer unblocked. Nunki will stay down until the datacenter does not restore IPv6 connectivity to Nunki. If such connectivity is not restored within one week from now, Nunki will be withdrawn and then replaced by a different server, also located in the UK of course.


Kind regards

#81706 Multi key support and management available

Posted by Staff on 08 January 2019 - 11:07 AM

hi all.

I created 4 new keys but when I start eddie and want to connect I don't get the option to chose. I presume the system is using old default SHA1 key because the connection works. I currently use v2.16.3 (win7).

should I delete the old SHA1 default key in control panel?





Please make sure that you're running Eddie 2.16.3 or higher version (check by selecting "About" menu item). Then, please log your account out and in again (through Eddie main window). A new combo box allowing you to pick any of the current certificate/key pairs should appear just under the credentials fields.


Kind regards

#81669 IPv6 problems with server Lich

Posted by Staff on 07 January 2019 - 02:37 PM

2. Why does IPLeak.com say the long, lat is 0 , 0? I mentioned that in the above mentioned support ticket and it was completely ignored. Dnsleaktest.com says unknown as the location and not United States or something.


You might've disabled the geolocation feature in your browser.


Unsure about Lich. If Staff said there are issues with it which are out of their control then wait a few days and see if it gets resolved then. AFAIK the only server definitely without an IPv6 prefix is Kitalpha in Switzerland. Staff posted in another thread a list of all servers not supporting IPv6. Lich is not one of them.




We inform you that Lich did have IPv6 support, but it does not have it anymore. We are waiting for more info from the datacenter to understand why their infrastructure suddenly stopped working with IPv6 and act accordingly. Lich has quite a good connectivity so we might keep it even if IPv6 is not restored in a reasonable time.


Kind regards

#81653 New user - Unable to connect to any server on Linux Mint

Posted by Staff on 07 January 2019 - 11:44 AM


Please try the following settings:

- from Eddie main window select "Preferences" > "Networking"
- set the "IPv6 layer" combo box to "Blocked"
- click "Save"

Alternative solution: upgrade to OpenVPN 2.4 or higher version.

Explanation: OpenVPN versions older than 2.4 do not handle IPv6 properly. So our servers do not push IPv6 routes and related directives when they detect older versions, in order to not break retro-compatibility. However Eddie (for a bug in 2.16.3, fixed in 2.17.2beta) tries anyway to check the IPv6 route in the tunnel and it obviously fails.

Kind regards

#81574 Automatically start Eddie at boot in headless Ubuntu?

Posted by Staff on 04 January 2019 - 03:41 PM



Please use "screen" for your purpose:



The problem you experience is due to the fact that, with the procedure you follow in your description, you put the process in background, but the stdin, stdout and stderr are still connected to your terminal. So, when you end the SSH session, you destroy the terminal emulator with anything connected to it.


screen is just perfect for what you need. It provides much more flexibility and features than nohup + disown


Read here (first answer) for a more detailed analysis:



Kind regards

#81474 How to block Christmas and other ad windows?

Posted by Staff on 30 December 2018 - 02:48 PM

Maybe perhaps be less of a smart ass? :whistle:


The ads come directly from the EDDIE client itself, a browser has 0% relevance here.


Like... I cant even believe people content with this. If you pay for a product you expect ads to be removed, at least not this intrusive as a message that blocks everything else on screen. At the very most it should be embedded into the client, not pop up at random in a completely separate window just popping out of the blue.




The window is separate and asynchronous, so you can safely ignore it. It will not even be displayed if you run Eddie in command line mode.


In any case, Eddie will go on with any other operation even if you don't interact with the window. No need to close it, for example, in order to connect or interact with Eddie.


The message is displayed only once (at startup) and only to accounts with a plan which is going to expire in less than 90 days. Most of our customers who missed in the past our promotions required a better information and we are confident that this is an effective and totally non-intrusive method to provide useful information.


Kind regards

#81122 Christmas 2018 special deals

Posted by Staff on 20 December 2018 - 05:24 PM

We're very glad to announce a special promotion on most of our Premium plans.
You can get prices as low as 2.45 €/month with a two years plan, which is a 65% discount when compared to monthly plan price of 7 €.


Special deals involve three and six months plans, as well as one and two years plan.





If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day.

Please check the exact prices of each plan on https://airvpn.org and https://airvpn.org/plans


Kind regards & datalove
AirVPN Staff

#80984 Recovery. Unexpected crash?

Posted by Staff on 15 December 2018 - 01:14 PM

I'm running Eddie 2.16.3 on windows 10 and have been getting the same error message recently. However this doesn't seem to affect performance but I thought it was just my setup before I came across this thread. Is this something we need to be concerned about or is it just a minor irritant that can be resolved in future versions of Eddie?




It's a known bug which has been fixed in 2.17.2 experimental version. The bug does not affect significantly Eddie operations but on the long run can remarkably slow down initial connections. If you decide to test Eddie 2.17.2, please see here for download instructions and detected issues:



Kind regards

#80863 Black Friday 2018 Week

Posted by Staff on 11 December 2018 - 10:53 AM

Best offer for me now is with NordVPN and with only 18 days active remaining here it looks like i'll be joining them until Black Friday 2021 !


I've had great service with AirVPN but I won't pay more than my online colleagues for the same thing.





"Same thing" is frankly offensive for AirVPN. It's also astonishing that someone can have the idea to compare such profoundly different services. Power of marketing fluff aimed to gullible people, we guess.


Just to make a few examples, NordVPN lacks separate entry and exit IP addresses on many servers (various types of correlation attacks become possible), does not support IPv6, provides a ridiculous/non-existent servers monitor, provides fake servers locations, infringes net neutrality (does not allow any p2p protocols on a wide range of servers), does not provide dynamic remote port forwarding, does not provide DNS inside the VPN whose address matches the VPN gateway (exposing to DNS poisoning through route hijacking), is not GDPR compliant, is owned by a Lithuanian data mining company and has ties with Russian oligarchs.


AirVPN prices are competitive even without a special deal, check our new two years plan and anyway stay tuned for Christmas special deals.


Kind regards

#80797 LZ4 compression. is it safe/suggested to use with Airvpn?

Posted by Staff on 08 December 2018 - 02:13 PM



Currently our VPN servers are configured to not use compression, so you can't use LZO or LZ4 with AirVPN. Some old compression vulnerability is therefore resolved at its roots. Furthermore, the incompatibility between "comp-lzo" and "compress" directives (a mutual incompatibility which sooner or later might have a dramatic impact) should be more easily solved in due time.


Kind regards

#80787 Eddie Android edition 2.0.1 released

Posted by Staff on 08 December 2018 - 10:51 AM

I notice that using Chromecast doesn’t work while connected with this app. It does however work using the Open VPN Connect app and AirVPN config files. Any way of getting Eddie Android to do the same?




LAN access while Eddie is connected is not possible, we're sorry. We have planned LAN access for a near future Eddie release.


Kind regards

#80740 Eddie Android edition 2.0.1 released

Posted by Staff on 06 December 2018 - 11:55 AM

That makes sense but the android is level VPN settings "always on VPN" and "block connections without VPN" seem to accomplish the same feature right? I've been using this with OpenVpn for Android and I'm conceptual getting the same leak protection without the manual intervention to reconnect.

Let me know if Eddie is preventing more leaks than my above solution.




Eddie can't count on the options you mention since it must prevent leaks even in Android versions older than 8 (from 5.1 to 7.x).


However, if you can start a VPN application at boot, the options you mention (in Android 8 or higher versions), when active and when the VPN application had already started at boot and never terminated during device usage (otherwise the block will not work anymore), should ensure an equivalent leaks prevention.


We need a deeper experimental testing to confirm or deny. Currently we can not say with absolute certainty that your described setup leaks prevention is equally effective than Eddie lock method.


Eddie can start at boot, when "Restore last profile at boot" is active, so the Android 8 new VPN related options umbrella can cover Eddie as well, but of course Eddie will super-impose its own communications lock in case of fatal OpenVPN connection error.


Kind regards

#80633 Wireguard + post-quantum cryptography

Posted by Staff on 04 December 2018 - 12:05 PM

https://github.com/TunSafe/TunSafe/blob/master/docs/WireGuard TCP.txt
Honestly I think this is the crux of the issue. Your infrastructure isn't compatible in its current state, so it's a good business decision not to include it. There's absolutely nothing wrong with that; I still love Air. You're exceptional at what you do. But all the other FUD is unnecessary.



it looks like you still miss the point. Wireguard, in its current state, not only is dangerous because it lacks basic features and is an experimental software, but it also weakens dangerously the anonymity layer. Our service aims to provide some anonymity layer, therefore we can't take into consideration something that weakens it so deeply.


We will gladly take Wireguard into consideration when it reaches a stable release AND offers at least the most basic options which OpenVPN has been able to offer since 15 years ago. The infrastructure can be adapted, our mission can't.


We provided a list of missing features causing real, objective security flaws in Wireguard (when meant to provide specific features). We will expand them here below since it looks like you missed the huge implications of the mentioned issues.


If you followed the WireGuard mailing list you'd know Jason states the 'not to be considered production ready' is an ass covering statement and actually WireGuard is fine.


It's not a matter to "cover their asses" as you say.


First, it's a matter of security. If you followed some basic IT security principle, you would know how wrong and dangerous a claim like the one quoted here above is. If you are really in the position to certify that "Wireguard is fine", then do it officially. If you can't do it officially, your words must be considered irrelevant, because they go against the claims of the very Wireguard developers themselves.


Second, it is a matter of lacking features that are essential for any service which aims to provide a decent layer of anonymity.


Wireguard, in its current state, does not meet our requirements. Here below, once again, some points which need to be considered and addressed:


  • Wireguard lacks dynamic IP address management. The client needs to be assigned in advance a pre-defined VPN IP address uniquely linked to its key on each VPN server. The impact on the anonymity layer is catastrophic;
  • Wireguard client does not verify the server identity (a feature so essential that it will be surely implemented when Wireguard will be no more an experimental sofware); the impact on security caused by this flaw is very high;
  • TCP support is missing (third party or anyway additional code is required to use TCP as the tunneling protocol, as you suggest, and that's a problematic regression when compared to OpenVPN);
  • there is no support to connect Wireguard to a VPN server over some proxy with a variety of authentication methods.


Kind regards

#80582 Two new 1 Gbit/s servers available (CA)

Posted by Staff on 03 December 2018 - 03:03 PM


We're very glad to inform you that two new 1 Gbit/s servers located in Vancouver (Canada) are available: Telescopium and Titawin.

The AirVPN client will show automatically this new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP.

Just like every other "second generation" Air server, Telescopium and Titawin and  support OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt.

Full IPv6 support is included as well.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

You can check the server status as usual in our real time servers monitor:


Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

Servers online. Online Sessions: 15711 - BW: 61499 Mbit/sYour IP: Access.