go558a83nk
Members2-
Content Count
2136 -
Joined
... -
Last visited
... -
Days Won
39
Everything posted by go558a83nk
-
DNS Servers for AirVPN on Asus Router
go558a83nk replied to cfinley's topic in Troubleshooting and Problems
If in the openvpn config page you are selecting exclusive or preferred to the option to use VPN DNS then while connected to VPN the router automatically obeys the push message from the VPN server as to what DNS to use. That'll override the DNS settings you enter in the WAN setup page. -
Router Suggestion that can do >= 150 Mbps over VPN
go558a83nk replied to Similiar's topic in General & Suggestions
Yes, as the others have suggested a pfsense machine will do the job. But the reason i suggest the AC86 is because it and a few others routers have a CPU that has AES-NI for fast openvpn. So you have a little more user friendly way to get pretty good speeds. -
Router Suggestion that can do >= 150 Mbps over VPN
go558a83nk replied to Similiar's topic in General & Suggestions
The AC86 (eightysix) would be the choice, with Merlin Asus firmware. -
Slow vpn speed after Asus WRT merlin update
go558a83nk replied to PeKa's topic in Troubleshooting and Problems
What data cipher is being used now? Which one was being used? I mean, look in the system log to see what actually happened. It sounds like you have an ac86 or one of the asus routers with AES-NI. So, you maybe need to make sure to use an AES encryption though chacha20 (available with openvpn 2.5) may be fast too. Is it possible that AES-NI acceleration has been disabled? Have you asked this in Merlin support forum? -
Ipleak.net shows real ip adress.
go558a83nk replied to ria76z's topic in Troubleshooting and Problems
Use the network lock in Eddie also. What do you mean the option to bind to TAP adapter isn't available to you? The adapter isn't there or the option doesn't exist at all? -
More speed for more money suggestion
go558a83nk replied to superuser1970's topic in General & Suggestions
You're not artificially being throttled by Air. That's just the way things are with openvpn with limitations by CPU, network, internet, etc. A client on the usual 1gbit/s server will see only about 500mbit/s download max because the server throughput limit is 1gbit/s inbound and outbound combined. Air does have at least 1 server that's 10gbit/s. Try it to see if it's any better for you. -
Connecting to the same server from the same router
go558a83nk replied to Jamertol's topic in Troubleshooting and Problems
You can get around this limitation by creating a new device, one device for each device you connect. I do think you'll have to log out and log back into eddie for it to see the new device options. https://airvpn.org/devices/ -
No, the problem is with you unable to follow directions. In the tutorial, the first directive in the "generate AirVPN certificates" section is to enable advanced mode. Have you turned on advanced mode in the config generator?
-
The guide is for a tls-crypt setup where those settings are what work. What you're missing is that you need to connect to an entry IP 3 or 4. The guide actually says " please double check you select an appropriate ‘tls-crypt, tls1.2’ end point. This is a common source of problems."
-
Also, now that pfsense has openvpn 2.5 you might try a switch to chacha20 as "data encryption algorithm" as it might be faster for you than what you were using. Even on my system that was fast with AES-256-GCM because of AES-NI, chacha20 is for some reason faster. I think it has more to do with networking and not CPU ease.
-
TLS 1.3 supported on AirVPN web servers
go558a83nk replied to Staff's topic in News and Announcement
Your web server is back to TLS 1.2 again. https://www.ssllabs.com/ssltest/analyze.html?d=airvpn.org&s=5.196.64.52&hideResults=on -
Route Plex Remote Outside VPN
go558a83nk replied to uscskelly's topic in Troubleshooting and Problems
Can you post documentation on how to do this - this sounds like something I need to do. in the settings of Eddie there should be a section for adding routes...in the VPN tunnel or outside the VPN tunnel. -
How To Set Up pfSense 2.3 for AirVPN
go558a83nk replied to pfSense_fan's topic in General & Suggestions
sha1 is what you use with entry IP 1 and 2. sha512 (and tls encryption and authorization) is used for entry IP 3 and 4 configs. -
ANSWERED pfsense / SSL Tunnel specific guide?
go558a83nk replied to spookygoy's topic in General & Suggestions
I'd say that your stunnel isn't actually running or your openvpn setup is not pointing to the port at which stunnel is listening. -
Slowdowns related to DNS server
go558a83nk replied to protopyre's topic in Troubleshooting and Problems
There's no need to manually set 10.4.0.1. Just tell set your VPN client settings to use the pushed DNS exclusively. It'll change it automatically upon connect. Use OpenNIC for the DNS settings in the WAN section. That'll allow you to resolve domains when the VPN isn't connected and for devices that don't go through the VPN if you use the policy routing option. -
Yes, this is what I do for downloading big files. It's rare that I'm able to hit that 500+ mark from a single connection both because my ISP and intermediate networks just aren't "allowing" it, or because the VPN server isn't up to it. But when spread out it's much easier. That said, some endpoint servers won't allow you to multi wan and it won't help with bittorrent either.
-
I disagree, but I'm open to suggestions, please advice on the configuration I would need to max out my 500 Mbit connection with OpenVPN. I built a pfsense box with an AMD A6-7400K CPU back in 2015 for $121. Later I added an intel dual NIC for another $40 or so since the realtek NICs I was using weren't the best. It does 600mbit/s openvpn from a single server in a multi threaded download, if the network "allows" it.
-
It doesn't take much actually. An x86 processor with AES-NI in pfsense can do it if the network between you and the vpn server allows. Most of the time though the network will be the limiting factor, not the CPU.
-
Network-Lock comparison on the router.
go558a83nk replied to cwtokyo's topic in Other VPN competitors or features
I already explained it. It doesn't matter what openvpn service you use. It's an option that Merlin Asus firmware has for openvpn clients. -
Network-Lock comparison on the router.
go558a83nk replied to cwtokyo's topic in Other VPN competitors or features
That network lock is for their own routers with their own software on it. But likely it's nothing more than a set of iptables rules which are nothing special. Use the very nice merlin firmware for asus routers and its policy routing with "kill switch" and you can use it with whatever VPN provider you like and don't have to pay extra for an express vpn branded router. -
pfsense connection problem I can't resolve
go558a83nk replied to danioj's topic in Troubleshooting and Problems
You're using the wrong entry IP. You're setting up to use tls-crypt so you need to use entry IP 3 or 4 and make sure you have a tls-crypt config for the proper tls key. For Triangulum that's 185.200.116.133 and 185.200.116.134. I'd also leave key direction at default, use AES-256-GCM, set comp-lzo yes though compression will be turned off via the push from the server, turn on UDP fast I/O, turn on explicit exit notify, and increase the send and receive buffers from default. -
ha! No need to explain. I do the same thing in pfsense. I just have never heard of it being done in windows and I didn't know you could run multiple instances of wintun.
-
What is "side-by-side triple mode" ?
-
Mullvad intercepts DNS packets
go558a83nk replied to NaDre's topic in Other VPN competitors or features
have you tested any other vpn?