Jump to content
Not connected, Your IP: 3.144.43.194
Mar0Li

ANSWERED Asus AC86U and OpenVPN over SSL

Recommended Posts

Hi everyone,

 

I'm quite new to the forums and I was wondering if anyone could help with a question I have regarding the asus AC86U router.

 

When I tested airvpn a few weeks ago (using Eddie on Windows 10), I realised that my ISP is probably throttling speeds for openvpn as I was only getting 60-70 Mbps when using UDP / TCP, but over 180 - 190 Mbps when forcing an SSH connection.

 

I am thinking of buying the Asus AC86U, but I don't want to end up with an expensive piece of kit that doesn't work with my ISP and I was wondering if anyone knows whether I can configure the router to use SSH rather than UDP / TCP?

 

Thanks in advance

Share this post


Link to post

Yes though I don't know if you need to install entware for just SSH tunnel.

 

I've done it in the past with an old asus router with merlin and entware.  SSL tunnel too.

Share this post


Link to post

I recommend autossh via entware on the 86u running RMerlin firmware.. works brilliantly with speeds reaching 30 to 45Mbps. If these speeds are slow for you, then your next best option is a dedicated pfsense hardware appliance or virtualized instance running on a AES-NI enabled system with at least 2.4GHz (dual core or better) base core speeds for  > 100Mbps tunneled traffic speeds.

 

Did you try connecting using tls-crypt enabled profiles on port 443 tcp/udp?

Share this post


Link to post

I'm using an ac86u + stunnel and get about 85Mbps, see my post here
https://www.snbforums.com/threads/release-asuswrt-merlin-384-10-is-now-available.55742/page-36#post-481507

using test detailed here: 

I get these results on asus rt-ac86u:
# openvpn --genkey --secret /tmp/secret
# time openvpn --test-crypto --secret /tmp/secret --verb 0 --tun-mtu 20000 --cipher aes-256-cbc
Sat May  4 19:23:26 2019 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode
real    0m 3.20s
user    0m 3.19s
sys     0m 0.00s

3200 / 3.2 = 1000 (Projected Maximum OpenVPN Performance in Mbps)

I get these results on netgear R7000:
# openvpn --genkey --secret /tmp/secret
# time openvpn --test-crypto --secret /tmp/secret --verb 0 --tun-mtu 20000 --cipher aes-256-cbc
Sun Jun 23 22:59:20 2019 disabling NCP mode (--ncp-disable) because not in P2MP client or server mode
real    0m 26.12s
user    0m 25.88s
sys     0m 0.20s

3200 / 3.2 = 122.5 (Projected Maximum OpenVPN Performance in Mbps)

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...