Jump to content
Not connected, Your IP: 3.229.123.80

Recommended Posts

I really love the ability tunnel all the openvpn traffic through ssl or ssh. I'm not sure which is more secure or faster. I normally use ssl tunnelling and do most of my daily browsing and I've no problem other than a bit of latency sometimes. 

 

Thank you for your thoughtful and very important service. 

 

 

Share this post


Link to post

OpenVPN over SSL has such an impact on performance that it is recommended only when absolutely necessary, for example when OpenVPN connections are disrupted. If you can connect over OpenVPN directly, do not use OpenVPN over SSL or over SSH, unless it is a proof a concept, technical/didactic curiosity etc. With OpenVPN over SSH as well to port 22, you might get better performance (simply because SSH is "more efficient" than stunnel).


Hope the above might help.It's the answer from Staff that I got regarding OpenVpn over SSL/SSH.

Regards,

Flex

Share this post


Link to post

I use it because I like the idea of my web traffic enveloped in multiple encrypted tunnels. I don't mind the performance hit, it is a real benefit post PRISM knowledge.

 

EDIT: My last speed test was 6.30mbps down and 1.23mbps up, that's more than what I need for normal web traffic. Got a good 140ms ping as well. Love this service.

Share this post


Link to post

Hi, I have been trying AirVPN over SSH, it appears to work with no big drop in speed. Can I just check, because the VPN is now forced to use TCP not UDP is the VPN still encrypted? I only ask becaue when I look at wlan0 and tun0 in wireshark the wlan0 shows SSH encrypted, but the VPN appears as port 80...

Am I missing omething here?  Thanks

Share this post


Link to post

Hello,

 

that's correct. SSH connects to our servers and OpenVPN connects to SSH (it's OpenVPN over SSH). Once OpenVPN packets are encrypted again (the previous unencrypted header becomes part of the new encrypted by ssh payload, the previous encrypted header and payload are again encrypted and become part of the new encrypted payload; the new cleartext header is by SSH) and encapsulated, your SSH "client" sends them to our servers.

 

In your system outgoing/incoming traffic, OpenVPN fingerprint is therefore never visible.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...