Jump to content
Not connected, Your IP: 3.147.82.252
maremosso

ANSWERED Is OpenVPN over PPPoE possible

Recommended Posts

I have seen a post on a different forum about OpenVPN not been able to work over a PPPoE (VDSL) connection. As I am considering switching to an ISP that uses PPPoE, this may be a deal breaker.

This is a quote from the VPN provider in question explaining why, according to them, this does not work:

“What you're now using is an authenticated DSL connection (PPPoE); you can't mask an authenticated session, or it would almost immediately disconnect (as soon as your ISP's RAS server would check the local connection, which happens in regular cycles), and you'd have no internet access at all until you shut down the VPN tunnel. There sadly isn't a way around this, unfortunately, without using a non-authenticated internet service, like cable internet, etc (the same thing happens with portal-auth systems, and cloud-based connections; anything that requires authentication to connect, cannot be obscured by VPN service); this is merely how VPN technology functions, and is not unique to our service alone.

I'm sorry I can't resolve your issues for you while you're using that ISP's current setup. If there's some way they can let you connect without using PPPoE, it should work fine; however, with an authenticated setup, there sadly isn't a way to get this to work. I'm sorry I can't resolve this for you.”

Share this post


Link to post

@maremosso

Hello!

The VPN provider you have quoted is perhaps talking about PPTP which obviously have issues with PPPoE. OpenVPN is perfectly capable to establish tunnels in PPPoE connections (and actually thousands of people around the world do that).

Air is based on OpenVPN and for security reasons has never provided and does not provide PPTP access.

Kind regards

Share this post


Link to post

Sorry to revive this post after a few months, but I finally subscribed to the an ISP that's using PPPoE. Oddly enough, I seem to have some problems.

 

Connection is xDSL, speed is solid 25 Mbps down and 1 Mbps up. After starting AirVPN, speed goes down to a crawl. I can still browse, but pages take up to a minute or two to load. Speedtest.net tests fail consistently (they just time out). 

 

Can anyone help in troubleshooting this problem?

 

Thanks

Share this post


Link to post

Hello!

 

OpenVPN over PPPoE is surely possible. Since you connect, you don't even have a redirect gateway issue. However, your slow speeds might be caused by the overhead that PPPoE introduces (when you connect over OpenVPN over PPPoE, you are in practice establishing a tunnel within a tunnel), so our default MTU size may be too large and this causes packets fragmentation.

Please see here http://michael.stapelberg.de/Artikel/mtu_openvpn

and if you catch in the logs lines that hint to MTU problems, try to adjust the MTU size on your client configuration file (we're sorry, this option is not currently supported by the Air client for Windows, so if you run Windows please use OpenVPN GUI or OpenVPN directly).

Kind regards

Share this post


Link to post

Hi,

In the log that I accessed by right-clicking the taskbar AirVPN icon and selecting 'logs' I could not see any reference to MTU. I tested using 3 different machines, and also tried different Airvpn servers to no avail.  I do run Windows 7 x64.  Could you please provide a step-by-step guide on how to change the MTU in the OpenVPN client? Should MTU be set to 1472?

 

thanks

Share this post


Link to post

Hi,

In the log that I accessed by right-clicking the taskbar AirVPN icon and selecting 'logs' I could not see any reference to MTU. I tested using 3 different machines, and also tried different Airvpn servers to no avail.  I do run Windows 7 x64.  Could you please provide a step-by-step guide on how to change the MTU in the OpenVPN client? Should MTU be set to 1472?

 

thanks

Hello!

 

If you don't see any problem in the logs after some minutes your system is connected to a VPN server, it's not an MTU issue. Try to change connection ports, in particular test ports 80 TCP and 53 UDP. Anyway, we recommend that you read the above linked article, and the two links there included.

 

Kind regards

Share this post


Link to post

I ru-run the config generator (I had forgot it existed) and I am connecting now. Speed is now 7 Mbps down / 1 up (Pavonis). Is this an OK speed?

Share this post


Link to post

I ru-run the config generator (I had forgot it existed) and I am connecting now. Speed is now 7 Mbps down / 1 up (Pavonis). Is this an OK speed?

 

Hello!

 

There are many factors to consider. First of all, it depends on your location and on the peak nominal bandwidth your ISP declares (amongst other factors such as peering and routing). For example, if you have a 10/2 Mbit/s asymmetric line and you are located in Europe, the above performance is fantastic (Pavonis is in the USA). If you have a 100 Mbit/s line and you are in the USA, that performance does not look good, maybe some further tuning is needed, try for example to connect to different ports (especially 53 UDP and 80 TCP). If your ISP is, or is connected to, tier3 providers or worse, that performance can be anyway quite good.

 

Kind regards

Share this post


Link to post

Hi,

I am in Canada on a VDSL line. Connection speed from the ISP is very consistent: 25/2.8 Mbps.

Selecting port 80 (I was using 443) seems to have improved things a bit, especially the upload: 7.2/2.5.

OTOH, selecting port 53 seems to slows things down. All the above is using tcp, with udp I do not seem to have any connectivity at all.

Share this post


Link to post

Hello!

 

Such performance is fine with TCP. It remains to be seen why you don't have connectivity with UDP, please check your system and your ISP.

 

Kind regards

Share this post


Link to post

Hello!

 

Such performance is fine with TCP. It remains to be seen why you don't have connectivity with UDP, please check your system and your ISP.

 

Kind regards

 

OK.. This is a bit vague, I have to say.   I'm happy I could get this to work, for the time being.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...