Jump to content
Not connected, Your IP: 3.237.205.144

go558a83nk

Members2
  • Content Count

    1895
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    24

Posts posted by go558a83nk


  1. 1 hour ago, deguito18090 said:
    I'm noticing that if I use Eddie I obtain one DNS IP, if I use instad openvpn I obtain 69 DNS IP from the same server in ipleak.net.

    I think it's better if my workstation change DNS ip 69 times instead to use the same IP. Correct?

    not at all.  what that's showing, and it's normal when using openvpn GUI on windows, is that when you use openvpn GUI instead of Eddie you have a DNS leak which is ruining some of the privacy you gain by using a VPN.

    you want just the one (or two with ipv6) airvpn servers showing up as DNS servers.

  2. 2 hours ago, deguito18090 said:

    Hello,

    I reconnected to AirVPN and for the first time ipleak.net show me only one DNS server, I have the confirm that is an AirVPN server but all the other times I got over 50 different DNS.

    Why this difference?

    Thanks


    You should never have gotten 50 if you were using Air DNS.  2 at the most, one ipv4, another ipv6.  anymore and that's no Air DNS.

  3. Mine pfsense setup is very fast

    What I have is in System>Advanced>Miscellaneous>Cryptographic Hardware AES-NI and BSD Crypto Device is Chosen.  You must reboot after changes to this setting.

    Then in the openvpn configuration hardware crypto option I have BSD cryptodev engine selected.  There is no AES-NI option there because as long as AES-NI is enabled on the system openvpn uses it automatically. 


  4. 1 minute ago, Av3ngeme said:
    9 minutes ago, go558a83nk said:

    Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
     


    Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

    You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is.


    Yes, when I was using asus I had to re-input every boot.  But for me that was very rare.

  5. Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
     


    Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.


  6. 2 hours ago, Clodo said:

    Version 2.19.1 (Sat, 18 Apr 2020 11:14:36 +0000)

    • [bugfix] Linux - Fix issue with Network Lock IPv6-only incoming whitelist
    • [bugfix] - http-100-continue issue
    • [bugfix] - Special condition elevation checks (may resolve "Unable to start (no-socket)" issues).
    • [change] - Removed curl binary dependencies
    • [new] Linux - New Network Lock with nftables (if nft is present, it is used by default in "Automatic" mode)
    • [new] Windows - New option "Use wintun driver (OpenVPN>=2.5)" under "Preferences -> Advanced" automates ovpn directive

    For the wintun option do I need to install openvpn 2.5 (thus the wintun driver) manually or does this version of eddie install it automatically?

  7. 4 hours ago, tester.user said:

    I succeeded to connect to AirVPN as configurations you have mentioned, but I couldn't connect to OpenVPN !!!!!
    How OpenVPN is blocked everywhere? and why? I don't understand.
    is that means I couldn't connect to OpenVPN through AirVPN ???!!!!!
    I registered to your VPN only to connect to OpenVPN !!!!!!
    How can I solve this problem and connect to OpenVPN ?????

    When you use Eddie, AirVPN software, you ARE using openvpn.  But if you must use openvpn software that doesn't give you the security of the network lock like Eddie does then generate a config as AirVPN staff said above.

  8. If wintun doesn't give you significantly more speed than the old TAP then you have something else limiting your speed.  That's my thought.  It could be some hardware or software on your PC or in your network somewhere.  Or it could be something with your ISP.


  9. 22 minutes ago, AtariSoul said:
    Thanks metog I will try tls-crypt first and if that doesn't help I will try your suggestion.

    Many Thanks

    socket-flags TCP_NODELAY;
    auth-nocache;
    mlock;
    key-direction 1;
    tls-version-min 1.2;
    key-method 2;
    tls-timeout 2;
    remote-cert-tls server;
    mssfix 0;
    tun-mtu 20000;
    explicit-exit-notify 5;

    That is what's in my custom options.

    I find mssfix 0 works best for me.  And tun-mtu 20000 may seem crazy but it works for me.  I've read results of others testing and they find that for high speed openvpn setting a high tun-mtu value helps.

    Also, test the GUI setting for buffer.  A higher buffer may help get you max speed but there's obviously something else going on that's clamping you way down.  I'm curious what tls-crypt does but I don't have high hopes.  I think something else is going on and I really don't have an answer because we're talking orders of magnitude difference.

    What network cards are in your pfsense box and what are you network interfaces settings in system_advanced_network.php ?

  10. 33 minutes ago, metog said:

    A couple difference between my config that you might try:

    Custom options:
    sndbuf 524288;rcvbuf 524288;client;remote-cert-tls server;persist-key;persist-tun;keysize 256;key-method 2;key-direction 1;explicit-exit-notify 5;mlock;keepalive 5 30;prng sha512 64;

    Send/Receive Buffer: 
    2.00 MiB

    NCP Algo:
    AES-256-GCM
    AES-256-CBC
    ^ mine are just in different order



    Many of your custom options are redundant since they are already set automatically or through GUI settings.

    For example, having sndbuf and rcvbuf in the custom options and the send/receive buffer in the GUI set is setting the same options.  I don't know which ends up getting set - you'd have to look at your logs.

     

  11. 19 hours ago, busolof said:

    But use Asus RT-AX56U think is an bug in openvpn client but found on https://www.asuswrt-merlin.net/  
    tested that beta says is connecting
    But will buy an netgear r9000 and is no problem with that routers what iknow
    Will try fix my asus router first
     


    Have you tried to get help in the Merlin Asus forum?  There's a thread specifically for the new build that supports your router.

    https://www.snbforums.com/threads/beta-asuswrt-merlin-384-16-beta-and-384-13_5-are-available.62699/

  12. 34 minutes ago, arteryshelby said:
    @Staff
    Is this server realy located in berlin?

    the latency and traceroutes say frankfurt.

    I have the same latency towards the vpn exit then to servers in frankfurt (not even +1ms) that seems unrealistic if the server is located in berlin.

    records show it's in Berlin.  the latency difference between Frankfurt and Berlin would be very small.  See the link and scroll down to the IP address range Cujam belongs to.  It says Berlin infrastructure.

    https://bgp.he.net/AS9009#_prefixes
×
×
  • Create New...