Jump to content
Not connected, Your IP: 18.225.55.42

go558a83nk

Members2
  • Content Count

    2136
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    39

Everything posted by go558a83nk

  1. 10.4.0.1 is the DNS but I can't get dns resolver or forwarder to use that and it's especially a pain if you have policy routing - some clients using the VPN and others not. What I do is turn off resolver and forwarder in pfsense and use DHCP to assign the DNS I want to use to clients. I use firewall rules to enforce that clients use the DNS I want them to use.
  2. This is really nice to see. Acceptable speed from a consumer device with firmware that is powerful but easy to use. Thanks for posting.
  3. You just need to add AES-256-GCM to your list of allowed ciphers in the NCP algorithms section.
  4. I don't know what's missing that you can't connect with tls-crypt configs. Make sure that: auth digest = sha512 TLS control channel security = encrypt channel Getting those streaming services working has nothing to do with the above obfuscation but rather making sure your DNS isn't leaking. If DNS isn't leaking they still may be sniffing you out some other sneaky way or just blocking IP addresses of the VPN. To make sure DNS isn't leaking make sure the setting Accept DNS Configuration = exclusive Test for DNS leaks at ipleak.net Again, it doesn't matter to those streaming services what port and protocol you use . They just block IPs. Use UDP if you can. Only use TCP if your ISP heavily throttles UDP.
  5. What speed are you wanting through the VPN? The AC68U will struggle to do 30mbit/s. The AC86 can do on the order of 200mbit/s because of AES-NI.
  6. Yes, you could use a single router and still have some devices go through the VPN and others not. I'm telling you, a cheap option will not be satisfactory with regard to speed. I'll not even entertain using another VPN provider.
  7. no cheaper option unless you want to be crippled by a poor CPU.
  8. Just get an asus AC86 and run merlin firmware. With that you can do policy routing....routing some clients to the WAN and others through the VPN. No need for two routers. I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory.
  9. it could be that some protocols are still blocked even if allow local is on. Staff will have to say for sure. I do know other people have had problems with blocked local assets even with allow local on and I've read of the same problem with other VPNs that also use the windows filtering platform.
  10. Allow local network in the settings. preferences>network lock>allow lan/private
  11. There's no impatience and people are more likely to test if the servers is more useful to them.
  12. It looks like some of the requests for experimental servers were declined (UK, Switzerland) but I'll go ahead and request a Dallas server just to see. Could we have a Dallas experimental server for chacha20? Thanks.
  13. I think they fixed something because the last couple of days they've been slow but now they seem good again.
  14. You may be overreacting a bit. For example, pfsense stable is still on openvpn 2.4.6 and another VPN provider I use is still using 2.4.6 with their app. I don't know why that is but it seems to me that devs aren't in a hurry to move to the 2.4.7 version.
  15. I have an idea. It's your network. AirVPN didn't just stop working. Nothing's changed with AirVPN.
  16. NAT>port forward> create a rule such that interface is your AirVPN openvpn client destination is AirVPN address port and what IP it redirects to is up to you make sure it creates the associated filter rule automatically
  17. no problems for me using the app on phone.
  18. Yes, that's why you run openvpn on pfsense - so that all devices in your local network go through that one tunnel. Or, you can do policy routing and route some devices to clear internet. As far as helping you figure out this setup, I'm not much help. I followed the guide in this forum years ago and have kept that going until now.
  19. I think in android in the settings you select TLS mode as tls-crypt. That's the same as entry IP 3 or 4 I was talking about. You definitely want to try to use UDP either way.
  20. On my Shield TV the difference in speed was a matter of 45mbit/s vs 35mbit/s. Not that significant a speed increase with chacha20. This using the same speedtest server, same VPN server, same port and protocol. Only thing that changed was stream cipher. AES-256-GCM vs chacha20. But, perhaps my speed from that VPN server just never will be that high anyway.
  21. I've got pfsense working to redirect all DNS requests to 10.4.0.1 but still roku and shield tv Netflix does not work on Equuleus. Apple TV netflix does work. Somehow they are sniffing things out and I've confirmed that no DNS requests other than to 10.4.0.1 are sent by looking at my states table.
  22. TCP causes too much latency. Try UDP ports but using Entry IP 3 or 4.
×
×
  • Create New...