go558a83nk
-
Content Count
2093 -
Joined
... -
Last visited
... -
Days Won
37
Posts posted by go558a83nk
-
-
This is likely bufferbloat, packets start getting dropped, and it's especially bad with TCP. UDP would work better because packets don't have to arrive in order and no ack is required from the other side.
-
You can always check server status on this web site.
-
2 hours ago, Clodo said:Version 2.19.1 (Sat, 18 Apr 2020 11:14:36 +0000)
- [bugfix] Linux - Fix issue with Network Lock IPv6-only incoming whitelist
- [bugfix] - http-100-continue issue
- [bugfix] - Special condition elevation checks (may resolve "Unable to start (no-socket)" issues).
- [change] - Removed curl binary dependencies
- [new] Linux - New Network Lock with nftables (if nft is present, it is used by default in "Automatic" mode)
- [new] Windows - New option "Use wintun driver (OpenVPN>=2.5)" under "Preferences -> Advanced" automates ovpn directive
For the wintun option do I need to install openvpn 2.5 (thus the wintun driver) manually or does this version of eddie install it automatically? -
try entry IP 3 and 4 in the protocols section. try different UDP and TCP ports.
-
Just turn on DHT and PEX in your torrent client.
-
They haven't worked regularly for me for years. You're lucky that they did for the VPN servers you use. This is just the tracker blocking VPN servers. There may be nothing that Air can do about it.
DHT and PEX still work. -
I've seen from other VPN that it's qbittorrent that's at fault. Rollback to older qbittorrent and things start to work again.
-
2 hours ago, Adzkii said:how can i install wintun? https://www.wintun.net/
i found it for anyone who wants to test wintun > http://staging.openvpn.net/openvpn2/ -
4 hours ago, tester.user said:
I succeeded to connect to AirVPN as configurations you have mentioned, but I couldn't connect to OpenVPN !!!!!
How OpenVPN is blocked everywhere? and why? I don't understand.
is that means I couldn't connect to OpenVPN through AirVPN ???!!!!!
I registered to your VPN only to connect to OpenVPN !!!!!!
How can I solve this problem and connect to OpenVPN ?????
When you use Eddie, AirVPN software, you ARE using openvpn. But if you must use openvpn software that doesn't give you the security of the network lock like Eddie does then generate a config as AirVPN staff said above. -
what's listening on port 80 to respond to the queries?
-
7 minutes ago, snrtd said:I get 100 % CPU usage at around 20 MBytes/s with CHACHA20; with AES-256-GCM I get 100 % usage at around 40 MBytes/s. Is that to be expected on a i5-7200U CPU @ 2.5 GHz?
yes. AES is accelerated by AES-NI while chacha20 isn't. chacha20 is for CPU without AES-NI like mobile. -
5 hours ago, bluesjunior said:Eddie -> Settings -> OVPN directives -> Custom directives, add "windows-driver wintun".
Is the add "windows-driver wintun" directive added with or without the " " 's?.
yes, without the quotesbluesjunior reacted to this -
Firefox is showing this web site as tls 1.2 now.
Also, SSL Labs scan of airvpn.org shows tls 1.3 isn't supported.
https://www.ssllabs.com/ssltest/analyze.html?d=airvpn.org&s=5.196.64.52
Edit: A couple hours later and it looks like you've got it fixed now. Thanks! -
If wintun doesn't give you significantly more speed than the old TAP then you have something else limiting your speed. That's my thought. It could be some hardware or software on your PC or in your network somewhere. Or it could be something with your ISP.
-
but what network cards?
Also, any testing of the other options such as mssfix and tun-mtu? -
22 minutes ago, AtariSoul said:Thanks metog I will try tls-crypt first and if that doesn't help I will try your suggestion.
Many Thankssocket-flags TCP_NODELAY; auth-nocache; mlock; key-direction 1; tls-version-min 1.2; key-method 2; tls-timeout 2; remote-cert-tls server; mssfix 0; tun-mtu 20000; explicit-exit-notify 5;
That is what's in my custom options.
I find mssfix 0 works best for me. And tun-mtu 20000 may seem crazy but it works for me. I've read results of others testing and they find that for high speed openvpn setting a high tun-mtu value helps.
Also, test the GUI setting for buffer. A higher buffer may help get you max speed but there's obviously something else going on that's clamping you way down. I'm curious what tls-crypt does but I don't have high hopes. I think something else is going on and I really don't have an answer because we're talking orders of magnitude difference.
What network cards are in your pfsense box and what are you network interfaces settings in system_advanced_network.php ? -
33 minutes ago, metog said:A couple difference between my config that you might try:
Custom options:
sndbuf 524288;rcvbuf 524288;client;remote-cert-tls server;persist-key;persist-tun;keysize 256;key-method 2;key-direction 1;explicit-exit-notify 5;mlock;keepalive 5 30;prng sha512 64;
Send/Receive Buffer:
2.00 MiB
NCP Algo:
AES-256-GCM
AES-256-CBC
^ mine are just in different order
Many of your custom options are redundant since they are already set automatically or through GUI settings.
For example, having sndbuf and rcvbuf in the custom options and the send/receive buffer in the GUI set is setting the same options. I don't know which ends up getting set - you'd have to look at your logs.
-
Have you tried TCP? Or have you tried UDP with tls-crypt config?
-
19 hours ago, busolof said:But use Asus RT-AX56U think is an bug in openvpn client but found on https://www.asuswrt-merlin.net/
tested that beta says is connecting
But will buy an netgear r9000 and is no problem with that routers what iknow
Will try fix my asus router first
Have you tried to get help in the Merlin Asus forum? There's a thread specifically for the new build that supports your router.
https://www.snbforums.com/threads/beta-asuswrt-merlin-384-16-beta-and-384-13_5-are-available.62699/ -
34 minutes ago, arteryshelby said:@Staff
Is this server realy located in berlin?
the latency and traceroutes say frankfurt.
I have the same latency towards the vpn exit then to servers in frankfurt (not even +1ms) that seems unrealistic if the server is located in berlin.
records show it's in Berlin. the latency difference between Frankfurt and Berlin would be very small. See the link and scroll down to the IP address range Cujam belongs to. It says Berlin infrastructure.
https://bgp.he.net/AS9009#_prefixes -
The default network lock setting in windows is not firewall rules anymore. It uses the windows filtering platform. I do not know how to get the information you'd need to re-create the WFP rules. https://docs.microsoft.com/en-us/windows/win32/fwp/using-windows-filtering-platform
-
43 minutes ago, viry said:SO about the whole opnsense vs pfsense, the behaviour he described is about the ceo of pfsense registering the domain opnsense.com to discredit opnsense.
The main reason why I choose opnsense over pfsense is that it is more modern, it has a better webgui and the backend uses a MVC framework, it supports more hardware due to not needing aes-ni extensions and uses hardened bsd.
Not to mention the two factor auth is a big plus but of course this comes with a cost no pfblockerng
pfsense doesn't require AES-NI. that requirement was removed. -
Change the scoring to be based on latency not speed. Its at the bottom of the Eddie window.
-
46 minutes ago, hvihavai said:Thanks for the new server near me.
Problem is that I'm getting terrible route and ping to the server from Finland. I'm going to contact my ISP, but just wanted to inform you. I'm seeing route finland->amsterdam->hamburg->stockholm->tallinn.|------------------------------------------------------------------------------------------|
| WinMTR statistics |
| Host - % | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
| 192.168.100.1 - 0 | 15 | 15 | 0 | 0 | 6 | 6 |
| XXX.XXX.XXX.XXX.elisa-laajakaista.fi - 0 | 15 | 15 | 16 | 16 | 17 | 16 |
| 213.192.186.78 - 0 | 15 | 15 | 18 | 21 | 27 | 18 |
| 213.192.186.77 - 0 | 15 | 15 | 17 | 19 | 33 | 19 |
| 213.192.184.254 - 0 | 15 | 15 | 38 | 38 | 44 | 44 |
|hu0-4-0-5.ccr21.ams04.atlas.cogentco.com - 0 | 15 | 15 | 38 | 38 | 44 | 44 |
| be3458.ccr42.ams03.atlas.cogentco.com - 0 | 15 | 15 | 38 | 38 | 44 | 44 |
| be2816.ccr42.ham01.atlas.cogentco.com - 0 | 15 | 15 | 47 | 47 | 49 | 47 |
| be2282.ccr22.sto03.atlas.cogentco.com - 0 | 15 | 15 | 69 | 70 | 75 | 75 |
| be3741.rcr51.tll01.atlas.cogentco.com - 0 | 15 | 15 | 70 | 71 | 77 | 77 |
|be2160.nr11.b069785-0.tll01.atlas.cogentco.com - 0 | 15 | 15 | 71 | 71 | 76 | 76 |
| estnoc.demarc.cogentco.com - 0 | 15 | 15 | 74 | 75 | 80 | 80 |
| 185.195.237.205 - 0 | 15 | 15 | 71 | 71 | 76 | 76 |
|________________________________________________|______|______|______|______|______|______|
WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud Provider
I hate it when that happens.
EstNOC, AS206804, can be reached by many networks so it's unfortunate your ISP uses Cogent.
Port forwarding & VPN Configured on router
in General & Suggestions
Posted ...
Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is.