Jump to content
Not connected, Your IP:


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by go558a83nk

  1. not at all. what that's showing, and it's normal when using openvpn GUI on windows, is that when you use openvpn GUI instead of Eddie you have a DNS leak which is ruining some of the privacy you gain by using a VPN. you want just the one (or two with ipv6) airvpn servers showing up as DNS servers.
  2. You should never have gotten 50 if you were using Air DNS. 2 at the most, one ipv4, another ipv6. anymore and that's no Air DNS.
  3. Mine pfsense setup is very fast What I have is in System>Advanced>Miscellaneous>Cryptographic Hardware AES-NI and BSD Crypto Device is Chosen. You must reboot after changes to this setting. Then in the openvpn configuration hardware crypto option I have BSD cryptodev engine selected. There is no AES-NI option there because as long as AES-NI is enabled on the system openvpn uses it automatically.
  4. You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is. Yes, when I was using asus I had to re-input every boot. But for me that was very rare.
  5. Maybe I misunderstand the problem but I think this is what you are needing and is all you need. Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is.
  6. This is likely bufferbloat, packets start getting dropped, and it's especially bad with TCP. UDP would work better because packets don't have to arrive in order and no ack is required from the other side.
  7. You can always check server status on this web site.
  8. For the wintun option do I need to install openvpn 2.5 (thus the wintun driver) manually or does this version of eddie install it automatically?
  9. try entry IP 3 and 4 in the protocols section. try different UDP and TCP ports.
  10. Just turn on DHT and PEX in your torrent client.
  11. They haven't worked regularly for me for years. You're lucky that they did for the VPN servers you use. This is just the tracker blocking VPN servers. There may be nothing that Air can do about it. DHT and PEX still work.
  12. I've seen from other VPN that it's qbittorrent that's at fault. Rollback to older qbittorrent and things start to work again.
  13. When you use Eddie, AirVPN software, you ARE using openvpn. But if you must use openvpn software that doesn't give you the security of the network lock like Eddie does then generate a config as AirVPN staff said above.
  14. what's listening on port 80 to respond to the queries?
  15. yes. AES is accelerated by AES-NI while chacha20 isn't. chacha20 is for CPU without AES-NI like mobile.
  16. Firefox is showing this web site as tls 1.2 now. Also, SSL Labs scan of airvpn.org shows tls 1.3 isn't supported. https://www.ssllabs.com/ssltest/analyze.html?d=airvpn.org&s= Edit: A couple hours later and it looks like you've got it fixed now. Thanks!
  17. If wintun doesn't give you significantly more speed than the old TAP then you have something else limiting your speed. That's my thought. It could be some hardware or software on your PC or in your network somewhere. Or it could be something with your ISP.
  18. but what network cards? Also, any testing of the other options such as mssfix and tun-mtu?
  19. socket-flags TCP_NODELAY; auth-nocache; mlock; key-direction 1; tls-version-min 1.2; key-method 2; tls-timeout 2; remote-cert-tls server; mssfix 0; tun-mtu 20000; explicit-exit-notify 5; That is what's in my custom options. I find mssfix 0 works best for me. And tun-mtu 20000 may seem crazy but it works for me. I've read results of others testing and they find that for high speed openvpn setting a high tun-mtu value helps. Also, test the GUI setting for buffer. A higher buffer may help get you max speed but there's obviously something else going on that's clamping you way down. I'm curious what tls-crypt does but I don't have high hopes. I think something else is going on and I really don't have an answer because we're talking orders of magnitude difference. What network cards are in your pfsense box and what are you network interfaces settings in system_advanced_network.php ?
  20. Many of your custom options are redundant since they are already set automatically or through GUI settings. For example, having sndbuf and rcvbuf in the custom options and the send/receive buffer in the GUI set is setting the same options. I don't know which ends up getting set - you'd have to look at your logs.
  21. Have you tried TCP? Or have you tried UDP with tls-crypt config?
  22. Have you tried to get help in the Merlin Asus forum? There's a thread specifically for the new build that supports your router. https://www.snbforums.com/threads/beta-asuswrt-merlin-384-16-beta-and-384-13_5-are-available.62699/
  23. records show it's in Berlin. the latency difference between Frankfurt and Berlin would be very small. See the link and scroll down to the IP address range Cujam belongs to. It says Berlin infrastructure. https://bgp.he.net/AS9009#_prefixes
  • Create New...