go558a83nk

depends heavily on what operating system you're using.  then your CPU.

yes, it's normal

auth digest needs to be SHA1 if using entry IP 1 or 2.
auth digest needs to be SHA512 if using entry IP 3 or 4 (tls-crypt config)

I'd ask the merlin forum about this too.  It seems the problem isn't with AirVPN but with your router creating network configuration needed for openvpn to work.
https://www.snbforums.com/forums/asuswrt-merlin.42/

Neither.  I'd build my own pfsense box with x86 (64bit) CPU so that openvpn is accelerated.  Neither of the routers you've mentioned are known to support very fast openvpn.  I assume you want better since you have a gigabit connection.

It's not showing our real IP.  For giganerd it was something entirely different and it's the same for me.  I have suddenlink as my ISP and am using Dallas AirVPN servers.  The IP address it thinks I'm at is 40.77..x.x which seems to belong to ARIN https://bgp.he.net/AS8075#_prefixes

18 hours ago, giganerd said:

It won't in the near future.
The developer wanted to add AirVPN to the supported providers as a courtesy, and "if it took him a day". Seeing as there is no easy way of using AirVPN with third-party clients wanting to use the forum login instead of being based on certificates he decided to get back to his roadmap. He was not particularly keen about all the work he had to do to get it working via login.

He also made it clear that money won't add it, either. Ergo, no AirVPN support for now. You can still use certs, though.

On 10/3/2019 at 2:00 PM, Staff said:

Hello!

The problem got solved but it's the second time it occurs in just 10 days. A high volume router check-up has been scheduled for the next working day as the problem could be sorted out only by rebooting that router in both cases. Please do not hesitate to report again any malfunction in Dallas in the meantime.

Kind regards
 

Dallas servers are just fine.  I just got 269mbit/s with testmy.net (speed test server in Dallas) which uses only a single stream for testing.  That's quite good.

I'm running openvpn on a pfsense box.

Are you using entry IP 3 or 4?

change algorithm to latency, not speed.  Air has never answered why they rate servers in this way for USA users.

13 hours ago, joebywan said:

Thanks for that, worked.

What's the DNS server we're supposed to be using?  Status>OpenVPN says it's up, but I can't do the dnslookup to airvpn.org

This is really nice to see.  Acceptable speed from a consumer device with firmware that is powerful but easy to use.  Thanks for posting.

57 minutes ago, joebywan said:

Followed the guide, and the VPN isn't coming up.

The status page shows reconnecting; process-push-msg-failed

Below I've pasted the logs.  I had to remove the custom options the guide had listed because it was freaking out about them.

I don't know what's missing that you can't connect with tls-crypt configs.

Make sure that:
auth digest = sha512
TLS control channel security = encrypt channel


Getting those streaming services working has nothing to do with the above obfuscation but rather making sure your DNS isn't leaking.  If DNS isn't leaking they still may be sniffing you out some other sneaky way or just blocking IP addresses of the VPN.

To make sure DNS isn't leaking make sure the setting
Accept DNS Configuration = exclusive

Test for DNS leaks at ipleak.net

Again, it doesn't matter to those streaming services what port and protocol you use .  They just block IPs.  Use UDP if you can.  Only use TCP if your ISP heavily throttles UDP.

3 minutes ago, moogleslam said:

I've been reading and understanding a little more about your recommendations.  Considering what you suggested indeed.   Would an RT-AC68U be sufficient, though?

Yes, you could use a single router and still have some devices go through the VPN and others not.

I'm telling you, a cheap option will not be satisfactory with regard to speed.

I'll not even entertain using another VPN provider.

no cheaper option unless you want to be crippled by a poor CPU.

 

Just get an asus AC86 and run merlin firmware.  With that you can do policy routing....routing some clients to the WAN and others through the VPN.  No need for two routers.

I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory.

it could be that some protocols are still blocked even if allow local is on.

Staff will have to say for sure.

I do know other people have had problems with blocked local assets even with allow local on and I've read of the same problem with other VPNs that also use the windows filtering platform.

Allow local network in the settings.

preferences>network lock>allow lan/private

4 hours ago, giganerd said:

I'd say, show some patience. Eventually all servers will support it. For now, resent to testing it on the servers which are there to see if there are issues. The faster we know all is well, the faster it gets widespread implementation.

It looks like some of the requests for experimental servers were declined (UK, Switzerland) but I'll go ahead and request a Dallas server just to see.

Could we have a Dallas experimental server for chacha20?  Thanks.

I think they fixed something because the last couple of days they've been slow but now they seem good again.

26 minutes ago, nzxtd said:

The latest version of OpenVPN is 2.4.7 released on 2019-2-21.
It includes several bugfixes and security improvements.

The current version is completely outdated and it's a shame no new versions come out despite the many requests.

For me it's goodbye AirVPN

I have an idea. It's your network.  AirVPN didn't just stop working.  Nothing's changed with AirVPN.