go558a83nk

No, I didn't know that existed. I'll have to check it out when I get a chance.

With wireguard on pfsense setting each wireguard interface I create to 1420 MTU and MSS seems to result in no problems and good performance.

simply just outdated geolocation databases cause errors like this. When I trace to the IP, I can see that it's in Brussels or nearby that, although there is a PTR error at line 14 because it claims to be in Los Angeles. |------------------------------------------------------------------------------------------| | WinMTR statistics | | Host - % | Sent | Recv | Best | Avrg | Wrst | Last | |------------------------------------------------|------|------|------|------|------|------| | 10.128.0.1 - 0 | 4 | 4 | 7 | 7 | 8 | 7 | | 23.103.107.254 - 0 | 4 | 4 | 8 | 8 | 8 | 8 | | Request timed out. - 100 | 1 | 0 | 0 | 0 | 0 | 0 | | be2978.ccr41.dfw03.atlas.cogentco.com - 0 | 4 | 4 | 8 | 8 | 8 | 8 | | be2763.ccr31.dfw01.atlas.cogentco.com - 0 | 4 | 4 | 8 | 8 | 9 | 9 | | be2432.ccr21.mci01.atlas.cogentco.com - 0 | 4 | 4 | 18 | 39 | 62 | 60 | | be2831.ccr41.ord01.atlas.cogentco.com - 0 | 4 | 4 | 30 | 30 | 30 | 30 | | be2717.ccr21.cle04.atlas.cogentco.com - 0 | 4 | 4 | 121 | 121 | 122 | 121 | | be2889.ccr41.jfk02.atlas.cogentco.com - 0 | 4 | 4 | 124 | 124 | 125 | 125 | | be2317.ccr41.lon13.atlas.cogentco.com - 0 | 4 | 4 | 123 | 124 | 127 | 123 | | be12194.ccr41.ams03.atlas.cogentco.com - 0 | 4 | 4 | 123 | 123 | 124 | 123 | | be3676.rcr21.bru01.atlas.cogentco.com - 0 | 4 | 4 | 124 | 127 | 135 | 124 | | 149.11.170.218 - 0 | 4 | 4 | 119 | 120 | 124 | 119 | | vlan2909.as02.lax1.us.m247.com - 0 | 4 | 4 | 131 | 133 | 139 | 131 | | vlan2911.as01.bru1.be.m247.com - 0 | 4 | 4 | 120 | 120 | 120 | 120 | | 155.251.187.194.in-addr.arpa - 0 | 4 | 4 | 119 | 119 | 120 | 119 | |________________________________________________|______|______|______|______|______|______| WinMTR v1.00 GPLv2 (original by Appnor MSP - Fully Managed Hosting & Cloud Provider)

https://www.gl-inet.com/products/gl-ax1800/ look into that. it'll run wireguard plenty fast.

Why not just try it and come tell us. If the router supports wireguard, it supports wireguard.

I've used /32 for multiple pfsense clients and it works fine. Not sure why /10 is in the configs.

Just type "ifconfig" at the ssh command line to see a list of the network interfaces to see which one your openvpn client is using. Your port forwarding rules don't seem to be following this guide. XXXXX isn't a port and the to-destination IP is just an IP not IP and port like you have it. If you change XXXXX to 32400 things will probably work since that's plex's default port.

It looks like this is a case of them blocking IP addresses they don't want accessing their server.

sorry, which seedbox company is this referring to?

re the openvpn setup 1) set accept DNS configuration to something like yes or exclusive. that way you use AirVPN DNS. 2) AirVPN does not use compression so the two different compression settings you're using need to be gone. 3) I don't see anywhere that you're choosing the auth digest algorithm. Is there another openvpn config page we're not seeing? If you're using a tls-crypt config then you need to choose something different at "tls control channel security" and use sha512 for auth digest algorithm. If using only tls-auth config then you have tls control channel security correct but auth digest is sha1. 3) I don't think your policy routing rule is correct but I've never used that OS. It looks like you'd need to enable it at least.

ah, yeah. just change the net mask to 32 instead of 10. it worked for me on pfsense.

Please make sure everything is going through the VPN. Without Eddie's windows filtering platform rules you have more potential for leaks.

I'm on 2 dallas servers 24/7 and they perform well almost always. The owner of the datacenter is quick to fix problems and has messaged me privately to make sure things are working well for me. I like that. I hope they don't move away from those servers!

those are internal and on different servers so it doesn't really matter. it's like the fact that so many people in the world have a home router at 192.168.1.1. but if you want them different then make new devices and setup your wireguard tunnels using the new device info....when you use the config generator you choose what device you want the config for. https://airvpn.org/devices/

the OISD Full blocklist contains metrics.lowes.com and smetrics.lowes.com. I wonder if blocking those is preventing the whole site from loading?