go558a83nk

change algorithm to latency, not speed. Air has never answered why they rate servers in this way for USA users.

10.4.0.1 is the DNS but I can't get dns resolver or forwarder to use that and it's especially a pain if you have policy routing - some clients using the VPN and others not. What I do is turn off resolver and forwarder in pfsense and use DHCP to assign the DNS I want to use to clients. I use firewall rules to enforce that clients use the DNS I want them to use.

This is really nice to see. Acceptable speed from a consumer device with firmware that is powerful but easy to use. Thanks for posting.

You just need to add AES-256-GCM to your list of allowed ciphers in the NCP algorithms section.

I don't know what's missing that you can't connect with tls-crypt configs. Make sure that: auth digest = sha512 TLS control channel security = encrypt channel Getting those streaming services working has nothing to do with the above obfuscation but rather making sure your DNS isn't leaking. If DNS isn't leaking they still may be sniffing you out some other sneaky way or just blocking IP addresses of the VPN. To make sure DNS isn't leaking make sure the setting Accept DNS Configuration = exclusive Test for DNS leaks at ipleak.net Again, it doesn't matter to those streaming services what port and protocol you use . They just block IPs. Use UDP if you can. Only use TCP if your ISP heavily throttles UDP.

What speed are you wanting through the VPN? The AC68U will struggle to do 30mbit/s. The AC86 can do on the order of 200mbit/s because of AES-NI.

Yes, you could use a single router and still have some devices go through the VPN and others not. I'm telling you, a cheap option will not be satisfactory with regard to speed. I'll not even entertain using another VPN provider.

no cheaper option unless you want to be crippled by a poor CPU.

Just get an asus AC86 and run merlin firmware. With that you can do policy routing....routing some clients to the WAN and others through the VPN. No need for two routers. I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory.

it could be that some protocols are still blocked even if allow local is on. Staff will have to say for sure. I do know other people have had problems with blocked local assets even with allow local on and I've read of the same problem with other VPNs that also use the windows filtering platform.

Allow local network in the settings. preferences>network lock>allow lan/private

There's no impatience and people are more likely to test if the servers is more useful to them.

It looks like some of the requests for experimental servers were declined (UK, Switzerland) but I'll go ahead and request a Dallas server just to see. Could we have a Dallas experimental server for chacha20? Thanks.

I think they fixed something because the last couple of days they've been slow but now they seem good again.

You may be overreacting a bit. For example, pfsense stable is still on openvpn 2.4.6 and another VPN provider I use is still using 2.4.6 with their app. I don't know why that is but it seems to me that devs aren't in a hurry to move to the 2.4.7 version.