Duck1 2 Posted ... https://www.speedtest.net/apps/cli 1 Unknown User reacted to this Quote Share this post Link to post
Daniel15 14 Posted ... 6 hours ago, Unknown User said: What speedtest site you used to convert it in text? These results are from the Speedtest.net CLI. You can find installation instructions here: https://www.speedtest.net/apps/cli. I use the Debian package, which is available here: https://packagecloud.io/ookla/speedtest-cli 1 Unknown User reacted to this Quote Share this post Link to post
YLwpLUbcf77U 32 Posted ... Trying with WireGuard GUI, but get stuck here: " Log in this site. Enter Config Generator Click on your favorite option. Click on "Generate". Download or extract files. " AIrVPN's config generator doesn't generate the '.conf' file. It gives me .crt. .key, and .opvn Quote Share this post Link to post
Daniel15 14 Posted ... 6 minutes ago, YLwpLUbcf77U said: Trying with WireGuard GUI, but get stuck here: " Log in this site. Enter Config Generator Click on your favorite option. Click on "Generate". Download or extract files. " AIrVPN's config generator doesn't generate the '.conf' file. It gives me .crt. .key, and .opvn You're downloading an OpenVPN config, not a Wireguard one. Enable the beta setting here: https://airvpn.org/preferences/ then select Wireguard in the config generator. 1 YLwpLUbcf77U reacted to this Quote Share this post Link to post
YLwpLUbcf77U 32 Posted ... 4 minutes ago, Daniel15 said: You're downloading an OpenVPN config, not a Wireguard one. Enable the beta setting here: https://airvpn.org/preferences/ then select Wireguard in the config generator. That did the trick. Thank you. It works now but I don't see speeds faster than what I am getting on OpenVPN already but I believe there is an issue with my laptop as my other devices don't have the same issue. Quote Share this post Link to post
SurprisedItWorks 49 Posted ... As many others have noted, most modern laptops have "AES-NI" hardware acceleration for the AES ciphers often used with OpenVPN, so wireguard is not expected to be faster. It will likely be much faster in devices without that acceleration, like phones and routers. Quote Share this post Link to post
Daniel15 14 Posted ... 14 minutes ago, SurprisedItWorks said: As many others have noted, most modern laptops have "AES-NI" hardware acceleration for the AES ciphers often used with OpenVPN, so wireguard is not expected to be faster. It will likely be much faster in devices without that acceleration, like phones and routers. Any Intel processors made in the last 10 years or so should have AES-NI, but I've still seen many cases where Wireguard is faster, particularly on systems with lots of cores, and Linux systems (where Wireguard runs in the kernel) Quote Share this post Link to post
SurprisedItWorks 49 Posted ... Thanks for taking it to the next step. I was cutting corners with that "not expected to be" just to damp expectations. Left off the "but might be anyway!" 🙂 Quote Share this post Link to post
Alex0901 0 Posted ... On 11/19/2021 at 2:05 AM, LcKHUNy7 said: There is a github repository with a kernel module for the old synology kernels here: https://github.com/runfalk/synology-wireguard For the userspace, I chose to run wireguard in a docker container (any docker container with wireguard tools will work here). Hello, can you please make a tutorial? It didn't work on my Synology DS920+ with DSM7. THX Quote Share this post Link to post
Wolke68 5 Posted ... pfsense 2.5.2 System with wireguard ISP Vodafone 1 Gbit up 50 Mbit down Client Windows 10 All is good for me 🙂 Howto not for AirVPN but give me a few ideasHow to pfsense wireguard 1 Lee47 reacted to this Quote Share this post Link to post
Air4141841 25 Posted ... this is not a complaint in any way just an observation. I am setup to us.vpn.airdns.org and in a day or two of being connected I have been on at least 3 different servers. is it connecting to the one with the least latency/ ping? This is on Pfsense by the way and not Eddie or anything software based Quote Share this post Link to post
kbps 29 Posted ... When using Wireguard on Android, I can not see my local network. I am guessing that I need to add more IPs to the Allowed IPs. What IP ranges do I need to add? Quote Share this post Link to post
Staff 10014 Posted ... @Air4141841 Hello! That's correct, FQDN records pertaining to the "best" server of a certain area (country or continent or planet) are updated every 5 minutes to make the name resolve into the "best" server entry IP address in that area. "Best" server is computed by a simple formula which takes into account server load (connected clients), available bandwidth, ISP reliability and round trip time between the server itself and all (or many) other VPN servers in AirVPN.@kbps IPv4 private subnets are inside three possible ranges:https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses You can find the one your devices are in by checking the router settings, for example, or the physical interface settings of one of your computers Kind regards 1 Air4141841 reacted to this Quote Share this post Link to post
kbps 29 Posted ... 13 hours ago, Staff said: @Air4141841 Hello! That's correct, FQDN records pertaining to the "best" server of a certain area (country or continent or planet) are updated every 5 minutes to make the name resolve into the "best" server entry IP address in that area. "Best" server is computed by a simple formula which takes into account server load (connected clients), available bandwidth, ISP reliability and round trip time between the server itself and all (or many) other VPN servers in AirVPN.@kbps IPv4 private subnets are inside three possible ranges:https://en.wikipedia.org/wiki/Private_network#Private_IPv4_addresses You can find the one your devices are in by checking the router settings, for example, or the physical interface settings of one of your computers Kind regards Thanks @Staff. Upon closer look in Wireguard, there is a check box in edit mode called 'exclude private IPs' that is not checked by default. Checking it populates with the IP ranges from your link. I can now see my local network. 2 Staff and Lee47 reacted to this Quote Share this post Link to post
SumRndmDude 22 Posted ... FWIW, I have been "on the fence" about migrating to WireGuard from OpenVPN for my primary connections. It's newer and not as "battle tested" as it were as OpenVPN. I have read more discussions about the pros and cons that I care to admit. I will say that I found the setup for each tunnel a bit more tedious, but that may be my bias from years with OpenVPN. However, once I had multiple connections up and running in a load balance/fail-over configuration identical to my OpenVPN setup, I have to admit that it's not just a speed increase (150+ Mbps), but the fluctuation in speeds seems to have disappeared. Running any bandwidth testing program would result in ups and downs based on the network activity, CPU load and a million other factors at that moment running OpenVPN. Not a great deal mind you, but still there in the logs. This WireGuard setup is a constant download and upload speed almost every test, within a few Mbps. A much smaller margin. I believe I'm a convert. 1 Lee47 reacted to this Quote Share this post Link to post
Staff 10014 Posted ... 7 hours ago, SumRndmDude said: [Wireguard vs. OpenVPN} it's not just a speed increase (150+ Mbps), but the fluctuation in speeds seems to have disappeared. Hello! Very important indeed. Thank you very much for the report! Kind regard Quote Share this post Link to post
Alex0901 0 Posted ... I have the following problem. I installed wireguard on the Synology DS920 +. Connection was there too and everything worked. When I restarted Synology, Wireguard was running again, but no connection can be seen in my account. Even stopping and restarting Wireguard was unsuccessful. Wireguard also works on my virtual machine (Ubuntu). Is it possible to route the traffic through the Ubuntu Virtual Machine on my Synology? Unfortunately I didn't find any help to realize that. Greetings Alex Quote Share this post Link to post
Unknown User 2 Posted ... Hi team, I notice it's not possible to assign more then one interface because the information to add to the new interface is exactly the same as the existing one. This result in an error for the new interface saying the IPv4 Address already exist. the following information is the same: Static IPv4 Configuration IPv4 Address 10.168.17.169 IPv4 Upstream gateway AirVPN - 10.168.17.169 Quote Share this post Link to post
Unknown User 2 Posted ... 8 hours ago, Unknown User said: Hi team, I notice it's not possible to assign more then one interface because the information to add to the new interface is exactly the same as the existing one. This result in an error for the new interface saying the IPv4 Address already exist. the following information is the same: Static IPv4 Configuration IPv4 Address 10.168.17.169 IPv4 Upstream gateway AirVPN - 10.168.17.169 I create an extra new key, i think that's the case in this setup: Create new keys if you use the same account on more devices. Quote Share this post Link to post
Jacker@ 6 Posted ... 1 hour ago, Unknown User said: I create an extra new key, i think that's the case in this setup: Create new keys if you use the same account on more devices. If you use multiple wireguard interface connections, a device has to be assigned to each: 1 Unknown User reacted to this Quote Share this post Link to post
Unknown User 2 Posted ... 1 hour ago, Jacker@ said: If you use multiple wireguard interface connections, a device has to be assigned to each: Indeed, but still the error when adding a new interface: The following input errors were detected: IPv4 address 10.169.65.218/10 is being used by or overlaps with: AIRVPNNL (10.169.65.218/10) The gateway IP address "10.169.65.218" already exists. IPv4 address 10.169.65.218/10 is generated on all new clients... Quote Share this post Link to post
Daniel15 14 Posted ... 2 hours ago, Unknown User said: IPv4 address 10.169.65.218/10 is generated on all new clients... Did you add a new "device" here: https://airvpn.org/devices/? Then ensure you select different devices for each config you download. Each device has its own WireGuard IP - You can see it by clicking the "Details" button. For the first error, you might need to change the /10 to /32 to avoid it. It shouldn't break anything since you're not going to be contacting other VPN users over the VPN (and I don't think that even works). 1 1 Unknown User and Lee47 reacted to this Quote Share this post Link to post
Daniel15 14 Posted ... @Staff Are there any plans to allow users to provide their own private keys, so that you only have the public key on your end and are never in possession of the private key? Quote Share this post Link to post
Unknown User 2 Posted ... 13 hours ago, Daniel15 said: Did you add a new "device" here: https://airvpn.org/devices/? Then ensure you select different devices for each config you download. Each device has its own WireGuard IP - You can see it by clicking the "Details" button. For the first error, you might need to change the /10 to /32 to avoid it. It shouldn't break anything since you're not going to be contacting other VPN users over the VPN (and I don't think that even works). Ah that did the trick! Thanks Daniel i didn't known that there was a difference in the Details information. 1 Jacker@ reacted to this Quote Share this post Link to post
Alex0901 0 Posted ... (edited) Hello, now Wireguard runs on my Synology has with DSM7, but Portforwarding don't work. When I set [Interface] Address = 10.184.113.180/32 PrivateKey = XXX= PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [PEER] PublicKey = XXX= PresharedKey =XXX= Endpoint = 213.152.162.148:1637 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 15 I became a error, because it doesen't work with the DSM 7 Linux Kernel When I set [Interface] Address = 10.184.113.180/32 PrivateKey = XXX= PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [PEER] PublicKey = XXX= PresharedKey = XXX= Endpoint = 213.152.162.148:1637 AllowedIPs = 0.0.0.0/1, 128.0.0.0/1 PersistentKeepalive = 15 root@DS920:/etc/wireguard# wg show interface: wg0 public key: XXX private key: (hidden) listening port: 45316 peer: XXX preshared key: (hidden) endpoint: 213.152.162.148:1637 allowed ips: 0.0.0.0/1, 128.0.0.0/1 latest handshake: 16 minutes, 31 seconds ago transfer: 92 B received, 17.72 GiB sent persistent keepalive: every 15 seconds The connection work, but nothing is to see in the Client Area under connected devises and Portforwarding doesn't work. When I set [Interface] Address = 10.184.113.180/32 PrivateKey = XXX= PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [PEER] PublicKey = XXX= PresharedKey = XXX= Endpoint = 213.152.162.148:1637 AllowedIPs = 192.168.84.0/32 PersistentKeepalive = 15 The connection work, I see my Client in the Client Area under connected devices but Portforwarding doesn't work. Can anybody help me? Edited ... by Alex0901 Ergänzung Quote Share this post Link to post