We are shutting down our stunnel service, since no one is using it anymore.
If you actually need this service, contact the support.
Port forwarding
We plan to add a port forwarding feature to all v3 Netherlands servers with a shared IPv4 address (OpenVPN and WireGuard).
OpenVPN upgrades
We will soon support TLS 1.3 on all servers for the control channel encryption, for better security.
Chacha20-Poly1305 will also be supported on all servers (except v1/v2) for data encryption. Chacha20-Poly1305 offers better performance on devices without hardware acceleration (like routers or old PCs).
arethusa.su
After going through a lot of bureaucracy, it looks like we will be able to keep our .su domain name.
We have removed the warning messages about the domain name change, but it is still recommended to use arethusa.co.
We are probably going to lose our arethusa.su domain name in 6 months, or even before.
This impacts your bookmarks for the web site, as well as the VPN server addresses in your VPN configuration files.
Arethusa.co is now our official domain name, so we recommend you to update your bookmarks and your VPN configurations as soon as possible to avoid any service interruption.
The origin of this domain name problem is the war in Ukraine.
.su domain names are managed by a Russian organization. So far .su domains haven't been cut off from the Internet and Russia hasn't cancelled domains owned by foreigners, but there is a very high risk that it will be impossible to renew the domain (because of payment restrictions).
We condemn the aggression committed by Russia and we stand with the Ukrainian people. We had a lot of infrastructure in Ukraine in the past, so we feel a deep connection to this country. We also stand with Russians who oppose their government.
We are against censorship and believe that information must flow freely. That's why we will not put restrictions on who can use our services or which web sites can be accessed.
In the next few days and weeks, all remaining v1 and v2 accounts will be transferred to the v3 web site.
There will be no interruption of service and v2 servers will stay online as long as needed.
The only major change for v1 and v2 accounts is that they will renew their services on the v3 web site.
We have launched our WireGuard server.
WireGuard is a new VPN protocol, way faster and simpler than OpenVPN, without sacrificing security.
Our WireGuard server is located in Netherlands and will provide you with a shared IPv4 address and a full /64 IPv6 prefix.
Connections are accepted over UDP port 443. You can't use WireGuard if your ISP blocks UDP.
You can setup up to 3 devices for each VPN account.
We will later add a full documentation and the option to have incoming IPv4 ports (aka “port forward”) or a dedicated IPv4 address.
To start using WireGuard, go to My account > Services: VPN v3 Europe > WireGuard.
Support for PPTP and L2TP/IPsec will be stopped at the end of this month.
While we might not stop the servers right away, users should switch to OpenVPN as soon as possible to avoid any disruption.
We will send an email to affected users (if we have their email address).
TLS 1.0 and 1.1 deprecation
TLS 1.2 (or newer) will soon be required to visit our web sites.
You should not notice any difference, unless your web browser is extremely outdated (and vulnerable to many threats).
We have also added support for TLS 1.3 and HTTP/2.
Information for Android 7.0 and older
Smartphones with Android versions before 7.1.1 will soon start getting certificate errors when visiting sites that have a Let's Encrypt certificate (including the Arethusa web site). This is unrelated to VPN usage.
The solution to this problem is to install and use Firefox Mobile. Firefox Mobile does not rely on the OS for certificates.
The PPTP and L2TP/IPsec servers will be stopped on 2020-11-30.
PPTP has always been insecure. IPsec can be secure in a controlled environment, but not in the context of a public VPN service.
If you are still using PPTP or L2TP/IPsec to connect to our servers, it is time for you to switch to OpenVPN.
v3 logins accepted on v1/v2 OpenVPN servers
All v1 and v2 OpenVPN servers now also accept v3 login/passwords. This will allow us to migrate v1 and v2 accounts to the v3 web site without interrupting the VPN service.
Transition server
When you generate a new configuration file with the v1/v2 control panel and use it, you will now connect to a new server called the transition server.
OpenVPN 2.3.4 or newer is required for the transition server. The configuration file includes new certificates.
When the v1 and v2 servers are stopped, users on the transition server will be automatically transferred to a v3 server without any interruption of service.
At the moment it redirects to arethusa.su, but in the future it will probably become our main address.
SU is the country code for Soviet Union, a country that no longer exists. .su domains are managed by a Russian organization, with different rules than .ru domains.
Once a piracy haven, Russia has adopted one of the toughest anti-piracy laws in the world, which evolved into a broad censorship system. They also want to censor anything that could be used to evade censorship, including VPN services.
We've had so far no issues with our .su domain, but we prefer to stay safe by preparing this new domain name.
DNSSEC is enabled on arethusa.co. Please tell us if you can't access this address.
Updated MyIP tool
We have rolled out a new version of our MyIP tool.
This version tells you when an IP address is an Arethusa IP.
The tool is now written in modern JavaScript. If you have an outdated browser (Internet Explorer for example) you will be redirected to a legacy version.