Jump to content
Not connected, Your IP: 3.137.171.71

go558a83nk

Members2
  • Content Count

    2136
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    39

Everything posted by go558a83nk

  1. Air servers are known for their speed so it's likely an issue of the different route taken to the Air server you're using vs the CS server you were using. Try different servers, different ports and protocols, mssfix values, and send/receive buffers.
  2. If you live in a place where you can buy computer parts cheap you can build a machine quite suitable for running pfsense and the like for much less than a high powered consumer router costs...and yet have so much more control and the ability to run openvpn at high speed due to an AES-NI CPU. Then just use your current wifi router as an access point and control which gateway devices use on the gateway itself via NAT and Firewall rules. It's all done via a nice web GUI and there's a great guide on this forum.
  3. On the status page click on any server name and their page will come up with use graphs and other info, such as openvpn version. I'd like to hear from you what speed increase you get. For a theoretical test, try this https://airvpn.org/topic/18322-how-to-quicly-test-theoretical-openvpn-throughput/?hl=%2Btheoretical+%2Bopenvpn+%2Bthroughput, using both AES-256-CBC (as it's written) but also AES-256-GCM.
  4. I know pfsense can, but that's not what you're asking for I'm guessing.
  5. Those web sites are using MTU and 2 way ping not DPI.
  6. Test other ways. The test on this website seems to be biased low.
  7. AES-256-GCM with HMAC-SHA384 for authentication with openvpn 2.4.x is in the specs page. So, does that mean we should be able to use SHA384 for auth digest? I'm just seeing this updated specs page today since I recently updated my mint machine to openvpn 2.4.3 and saw some new ciphers being used in logs. However, I can't connect with "auth sha384" in the config.
  8. I was just about to post how I'd managed to work it out myself..I did something similar: 1. created an alias with the IP addresses I wanted to bypass the VPN 2. created outbound rules so those IPs could use the WAN (put at the bottom of the list) 3. created a firewall rule on AIRVPN_LAN where for my alias to use the WAN gateway (under advanced) not the AIRVPN_WAN gateway Ideally for 3 I would have preferred to use floating rules so I can traffic shape, but I couldn't get it to work with floating rules. One for the future Yep, Alias is the way to do it. Glad you figured it out. It's good for understanding how it all works.
  9. Of course. This, policy routing, has been discussed plenty in this forum and in this thread in particular. Just read the previous several pages of this thread. Thanks - to save others time, check out post 71 Sorry, it wasn't as easy as I'd hoped. I went to interfaces but I couldn't see how to create another LAN interface - is this because I've only got 2 NICs? Is there a way to route non-VPN traffic with only 2 NICs? Thanks No, you don't create another interface. See this post. https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/?p=61027
  10. @Monkeh, have you followed this guide, or the other guide for pfsense 2.3? The guide for pfsense 2.3 is different from this one and I'm confident that port forwarding has been discussed in that long thread.
  11. Network lock uses iptables on Mac OSX. for ipad use openvpn connect from the itunes store and install your AirVPN config by visiting the airvpn website from your ipad and going to config generator.
  12. Hi, the only issue is that I used to have to have some detailed rules put into Comodo which would shut down traffic outside of the vpn. Will pressing the network lock button be as secure as Comodo? I really don't want to risk any traffic going out over my IP address obviously. I've read things on this forum that I shouldn't use Comodo with the network lock as they would conflict, etc. So I just wondered if there was a latest post which would explain clearly the best set up to ensure there are no leaks if the VPN drops. thanks Older versions of Eddie (Airvpn software) used the windows firewall for the network lock on windows OS. Obviously, network lock wouldn't work if the windows firewall was disabled because a 3rd party firewall was being used. Recently Eddie was changed to use the windows filtering platform (WFP) instead of the firewall. This allows use of 3rd party firewall and network lock together. In Eddie settings just make sure the network lock is set to use WFP.
  13. Of course. This, policy routing, has been discussed plenty in this forum and in this thread in particular. Just read the previous several pages of this thread.
  14. I don't understand why the answer isn't obviously the network lock.
  15. are you using the latest version of Eddie and configuring it to use WFP for network lock, not windows firewall?
  16. I don't know about your other problem. nl.vpn.airdns.org resolves to one of the NL servers, the "best" at the time. So, you wouldn't want to keep using that IP because it'll always point to the same server. You need to research how to do "remote random" within pfsense.
  17. You can add many VPN client setup and it will connect to all that are enabled. That is not the way to get a random server. Getting a random server isn't the same as using nl.vpn.airdns.org. That address gets you the least busy NL server at the time.
  18. All, maybe you didn't see this tweet https://twitter.com/airvpn/status/865895863041785857 regarding a throughput record. It is possible to max out a server but it'll only be 500mbit/s to the end user because the corresponding 500mbit/s inbound to the server counts against the 1gbit/s max. Of course, some servers may actually have higher capabilities but 1gbit/s is what's guaranteed by the datacenter. And, you're hitting against the maximum capabilities of the encryption unit. The 4mbit/s guarantee by AirVPN is based on statistics of their overall system as I understand it. It doesn't guarantee that all users of a given server will be able to get 4mbit/s always. There's no way they could make that promise because every user is on a local system and using an ISP with many various problems of their own. What it does guarantee is that if all customers were on at once AirVPN has the worldwide bandwidth to be able to offer all customers 4mbit/s. But, it's up to the customer to pick the server with bandwidth available and up to the customer to have all problems on their end solved.
  19. Looks like "crisis" averted? Anyway, Draco isn't an Enzu server so perhaps that's why it wasn't listed.
  20. seems you already answered your own question.
×
×
  • Create New...