go558a83nk

no problems for me using the app on phone.

Yes, that's why you run openvpn on pfsense - so that all devices in your local network go through that one tunnel.  Or, you can do policy routing and route some devices to clear internet.

As far as helping you figure out this setup, I'm not much help.  I followed the guide in this forum years ago and have kept that going until now.
 

Try TCP instead.

I think in android in the settings you select TLS mode as tls-crypt.  That's the same as entry IP 3 or 4 I was talking about.  You definitely want to try to use UDP either way.

On my Shield TV the difference in speed was a matter of 45mbit/s vs 35mbit/s.  Not that significant a speed increase with chacha20.  This using the same speedtest server, same VPN server, same port and protocol.  Only thing that changed was stream cipher.  AES-256-GCM vs chacha20.  But, perhaps my speed from that VPN server just never will be that high anyway.

How can I download the apk?

I've got pfsense working to redirect all DNS requests to 10.4.0.1 but still roku and shield tv Netflix does not work on Equuleus.  Apple TV netflix does work.

Somehow they are sniffing things out and I've confirmed that no DNS requests other than to 10.4.0.1 are sent by looking at my states table.

TCP causes too much latency.  Try UDP ports but using Entry IP 3 or 4.

Is the ubuntu tracker updating, giving you seeds and peers?

Do you have any data to report on ChaCha20 performance on CPUs that *do* support AES-NI?  That is, AES-256-GCM accelerated by AES-NI vs ChaCha20?

The following site suggests that those of us with AES-NI CPU should stick with ciphers that are accelerated by AES-NI.  Do you concur?

https://calomel.org/aesni_ssl_performance.html

Looks like pfsense openvpn directives.  They really have nothing to do with being unable to torrent. 

If the VPN works properly with other activities then there's surely just something wrong with your torrent client setup.  Even if port forwarding isn't setup properly you should still be able to download.

It doesn't matter if the assigned IP are internal.  Keep in mind that security must not only be for network attacks but against physical seizure as well.  If any records exist on a server that can be tied to users it is a serious anonymity breach.

I've wondered the same thing!  Just posting so that I get notified of any real answer.

5 minutes ago, morning.star said:

I am using OpenVPN 2.4.7 and it supports TLS 1.3. When will I able to connect to your servers using TLS 1.3?
 
As mentioned, I am using OpenVPN 2.4.7. Please show me how to connect to your servers using TLS 1.3.

*web* servers, not VPN servers.

Well, you could connect to Tor but the same websites that don't like VPN probably don't like Tor either.

Try moving your static key into the static key section, not tls-auth section, especially since you're not using tls-auth but tls-crypt.

download the most recent apk to a network drive then install it using x-plore.

https://airvpn.org/external_link/?url=https%3A%2F%2Feddie.website%2Frepository%2Feddie%2Fandroid%2F2.3beta1%2Forg.airvpn.eddie.apk

Looks like I'm not the only one to "misread".

My friends, this applies to *web* servers.

Any change to https://airvpn.org/specs/ with this new capability?

LOL, I misread.  Nevermind! 

2 hours ago, dougiepunk said:

I'm a little confused. Is the "seamless tunnel" option in OpenVPN Connect for iOS the same as a kill switch? If not, then what are the differences?

Internet searches are a treasure trove.

https://openvpn.net/vpn-server-resources/faq-regarding-openvpn-connect-ios/

7 minutes ago, kbps said:

Out of interest, who is the Data Center provider?

https://bgp.he.net/AS268581

I believe the 2 way ping thing is something like this.  Your web browser pings the test site and the test site pings the IP you appear to be at (VPN server).

Your browser ping goes from your PC to the VPN server to the test site.  The test site ping is just to the VPN server.  So, there's a good chance the latency of the ping from the browser will be higher.  I'm sure there's some fudge factor that they consider "normal" difference because routes are not always symmetric anyway.  But, a difference beyond the fudge factor is a good indication that a "proxy" is being used.

Please look into your Netflix situation.  I just attempted to watch a video but the speed that could be sustained was so slow the video was unwatchable.  Playback on other video streaming services that worked through the VPN were quite speedy.  Vudu, for example, burst to 300mbit/s to buffer.  Curiousity Stream buffered at 100mbit/s.  Your netflix setup could only manage 5mbit/s.  Not near enough for a 4k stream.

Thanks.

Yep.  My canvas blocker add-on fakes DOMrect readout on this site.

1 hour ago, mrbert said:

I have the openVPN client on the router working but oly when I add a 2nd DNS server to the setings.
I have primary onnect to dns server 10.4.0.1
And the 2nd now to 51.15.98.97
If I use 10.5.0.1 as the 2nd DSN server as suggested on other topics the clien neven connects again.
I alway need the other 51.15.98.97  server or similar other DNS servers form  https://www.opennicproject.org
But I can never connect without the 2nd set to a valid dns server.
How do I make sure my DNS request are also private?


 

The reason is likely because you're using a domain for the AirVPN server which means you need DNS to resolve it.  But you can't access AirVPN DNS servers until  you're connected to the VPN.

Instead use the IP address for the VPN server and you won't need to use public DNS to connect to the VPN.