go558a83nk

I'm using qbittorrent on windows.

I don't think the torrent address checker requires any port be open for incoming connections. It's just letting you know what IP address and port the torrent client is advertising to the world to make sure it's correct. I just tested it and the torrent address checker worked for me.

To be more precise, it's not possible with the AirVPN app. It is possible on something like pfsense using a gateway group and a downloader that makes multi threads of a download like the old downthemall extension...or 10 simultaneous downloads via ftp.

I don't know what this means. Would doing what you say explain why everytime I test the airvpn port it times out? Can you walk me through how to fix going over each step in detail? Don't worry about it. The default behavior when creating a port forward with windscribe is that they're the same port remote and local. The rest of what I said above matters.

Main thing you want to do in qbittorrent is turn *off* NAT-PMP and UPnP. Make sure the port you've forwarded with AirVPN is the same port for the local section and the remote and set qbittorrent to use that port. If the port is still blocked then perhaps you didn't allow qbittorrent to create firewall bypass rules? OR maybe you've got some other "security" software running. That's often the problem.

Network lock is the only way you can be sure that you aren't "leaking" outside the VPN tunnel. I would bet that in your case you are leaking outside the VPN tunnel when torrents work. Some mis-configuration somewhere is keeping the torrent from working properly through the VPN.

gigabit fiber with latency to server at around 7ms, low server use, ISP and other transit cooperates, I can achieve 800+ Mbit/s with wireguard on pfsense. I've seen openvpn manage about 600mbit/s but it's much more rare in my experience.

I didn't know any VPN providers also have public DNS servers. Which ones do?

Using something like TCP 443 is slower than 5mbps? Do you have another choice of ISP?

If you're using merlin asus and set the openvpn config in policy routing mode there's an option to not allow traffic if the VPN goes down. I'd use policy routing mode, set the DNS option in the openvpn config to exclusive and not put AirDNS in the WAN settings.

*if* you're using IP address in the VPN server field instead of a domain then putting 10.4.0.1 in the WAN DNS setting might be OK. Because there's no domain to resolve the router doesn't need to reach 10.4.0.1 prior to connection.

for Asus merlin set WAN DNS to something other than the VPN DNS (10.4.0.1) and in the openvpn configuration set the DNS setting to exclusive. Then it'll switch to VPN DNS when the VPN connects. 10.4.0.1 won't work unless you're connected to VPN because 10.4.0.1 is only accessible through the VPN not from public.

See threads like this one for help.

The one (?) valid problem I've seen with m247 is evidence (in this forum) that some of their servers aren't actually where they say they are.

looks like this is all confusion around which entry IP are tls-crypt and which are tls-auth. tls-auth entry points use sha1. tls-crypt entry points use sha512 and tls encryption+auth. so, keep an eye on which config you make. details matter.