go558a83nk

Sorry, I don't.

So what is it you're trying to accomplish? You have a server on the router you're trying to make available remotely?

if you're using downloaded configs there's no backend that's polling the manifest update server....how would the openvpn client you're using know what servers are best? I think you'd have to write your own code to use the API that Air provides.

If you're using the last two releases then I believe the default setting is to use the WFP not the windows firewall. You'll have to check in your settings. If it's set to use WFP then it makes sense you won't see any changes in firewall rules.

Is the router itself 192.168.1.1?

you might have better luck posting this in the actual pfsense setup thread.

change the scoring rule selection on the bottom of the window to latency, not speed, and the USA servers will be ranked higher.

Online Members: 15245 - BW: 50873 Mbit/s

it's fairly simple to control the route to IP address or IP address range (Eddie has this built in) but it's not trivial to control route based on application. That's just the way networking works, not a weakness of AirVPN.

https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses/

I first noticed that my linux box erred when updating the Eddie repo. Then, I looked to see if something had changed in the Linux client section. That's when I see that the page isn't working to download Eddie for windows, mac, nor linux. working now

That isn't what I want at all. Just because I'm emotionally hard-headed about it doesn't mean I intend to argue with you and run you off. I appreciate very much the time you took to talk about it with me.

I'm not sure what you edited but I'll take your word for it. Also, re-read my line in the OP about the other VPN service I use and the routing to their servers in Dallas and Atlanta. There's nothing random about it. It's a purposeful screwing up of routes. I do want to hit on the last paragraph more. You imply by saying "end points in the Comcast network or data center get high priority" that the cogent router 38.88.50.34 is in Comcast's network or datacenter and that's why that trace has better routing. In fact it's 4 hops out of comcast's network. Can you explain what you meant by that?

Residential service. Business is outrageously priced (more than double) for the same speed. My opinion on the matter is that route quality/priority based on end point should be considered anti net neutrality. Also, there's nothing random about it. Routing may change from time to time but not randomly or depending on time of day (load).

are you running squid proxy?

if you've got crazy routing too then you're most welcome to post! just don't make me jealous by posting awesome routing.

Starting this topic as a way for me to vent and perhaps see that I'm not the only one to see crazy routing by my ISP. The topic has come up in other threads, with knowledgeable people confirming my belief that ISPs relegate VPN traffic to very low priority. Route testing shows that this low priority isn't based on packet inspection but simply the destination of the traffic (and, I assume, the source). In other words, traffic both directions between us and the server is affected. Trace to Draco, primary IP address 2 [7922] [COMCAST-22] xe-3-1-3-sur02.east.tx.houston.comcast.net (68.85.252.81) 8.8ms 3 [7922] [COMCAST-22] ae-9-ar01.bisbee.tx.houston.comcast.net (68.85.246.65) 7.9ms 4 [7922] [COMCAST-16] be-33662-cr02.56marietta.ga.ibone.comcast.net (68.86.92.89) 30.7ms 5 [7922] [COMCAST-16] hu-0-12-0-6-pe01.56marietta.ga.ibone.comcast.net (68.86.89.18) 24.4ms 6 [7922] [iBONE-CCCS-2] 50.242.148.190 30.9ms 7 [174] [NET-154-54-0-0] be2847.ccr41.atl01.atlas.cogentco.com (154.54.6.101) 42.4ms 8 [174] [NET-154-54-0-0] be2687.ccr41.iah01.atlas.cogentco.com (154.54.28.70) 28.8ms 9 [174] [NET-154-54-0-0] be2441.ccr21.dfw01.atlas.cogentco.com (154.54.41.66) 30.1ms 10 [174] [NET-154-54-0-0] te0-0-0-0.agr12.dfw01.atlas.cogentco.com (154.54.31.114) 41.1ms 11 [174] [NET-154-24-0-0] te0-0-2-3.nr11.b000821-1.dfw01.atlas.cogentco.com (154.24.19.222) 37.1ms 12 [174] [COGENT-A] 38.88.50.34 35.6ms 13 [15003] [NETBLK-NOBIS-TECHNOLOGY-GROUP-06] [target] 64.120.63.90 32.1ms Note it goes all the way to Atlanta, then back to Dallas through Houston on Cogent. Why on earth do they send it to Atlanta to get on Cogent's network? Dallas is only 4 hours drive from Houston and as you'll see from the next trace, Comcast has a connection to Cogent right in Houston. Trace to Draco, alternate IP address 2 [7922] [COMCAST-22] xe-3-1-2-sur03.east.tx.houston.comcast.net (68.85.251.245) 7.7ms 3 [7922] [COMCAST-22] ae-18-ar01.bearcreek.tx.houston.comcast.net (68.85.246.69) 8.6ms 4 [7922] [COMCAST-16] be-33662-cr02.dallas.tx.ibone.comcast.net (68.86.92.61) 15.6ms 5 [7922] [COMCAST-16] be-12493-pe01.houston.tx.ibone.comcast.net (68.86.84.158) 20.4ms 6 [7922] [CBC-COMCAST-1] 173.167.59.42 20.5ms 7 [174] [NET-154-24-0-0] te0-0-1-0.rcr12.iah02.atlas.cogentco.com (154.24.26.89) 21.0ms 8 [174] [NET-154-54-0-0] be2145.ccr41.iah01.atlas.cogentco.com (154.54.1.85) 24.1ms 9 [174] [NET-154-54-0-0] be2441.ccr21.dfw01.atlas.cogentco.com (154.54.41.66) 20.1ms 10 [174] [COGENT-NB-0000] te0-0-0-0.agr11.dfw01.atlas.cogentco.com (66.28.4.50) 21.0ms 11 [174] [NET-154-24-0-0] te0-0-2-0.nr11.b000821-1.dfw01.atlas.cogentco.com (154.24.15.50) 21.7ms 12 [174] [COGENT-A] 38.88.50.34 24.2ms 13 [15003] [NETBLK-NOBIS-TECHNOLOGY-GROUP-06] [target] 64.120.63.92 20.4ms Amazingly, the trace gets to Dallas in the 4th hop, but then heads right back to Houston to get on Cogent's network. It makes zero sense unless you realize that Comcast are doing this crap on purpose. I have rarely seen a route that heads directly to the VPN server upon reaching Dallas, finding Cogent's network there instead of having to get back to Houston. Understand that this is normal, everyday behavior. I have another VPN provider with servers in Dallas and Atlanta. Amazingly, all the Atlanta servers route through Dallas, and all the Dallas servers route through Atlanta. So, the routes are available, but purposely screwed up. Finally, check this out. Instead of tracing the route to Draco, I instead trace the route to Cogent's router at 38.88.50.34, seen in hop 12 above. Check out the premium routing I get now. 2 [7922] [COMCAST-22] xe-3-1-3-sur03.east.tx.houston.comcast.net (68.85.251.249) 10.2ms 3 [7922] [COMCAST-22] ae-18-ar01.bearcreek.tx.houston.comcast.net (68.85.246.69) 9.1ms 4 [7922] [COMCAST-16] be-33662-cr02.dallas.tx.ibone.comcast.net (68.86.92.61) 14.1ms 5 [7922] [COMCAST-16] be-12495-pe03.1950stemmons.tx.ibone.comcast.net (68.86.85.194) 13.7ms 6 [7922] [iBONE-CCCS-3] 50.248.118.246 13.0ms 7 [174] [NET-154-54-0-0] be2763.ccr21.dfw01.atlas.cogentco.com (154.54.28.73) 14.1ms 8 [174] [NET-154-54-0-0] te0-0-0-0.agr12.dfw01.atlas.cogentco.com (154.54.31.114) 13.8ms 9 [174] [NET-154-24-0-0] te0-0-2-3.nr11.b000821-1.dfw01.atlas.cogentco.com (154.24.19.222) 15.2ms 10 [174] [COGENT-A] [target] 38.88.50.34 13.6ms

Avoid the AirVPN client, Eddie, why? It would do what you want with a click of a button using the same iptables you'll use anyway.

That's a 6 year old router and now two generations of wifi standard behind. AD routers are being sold now as AC is already old tech. 1) depending on the openvpn client interface you may just need to change the server IP address, click save. or does stock firmware not give you that option? if not, you may just have to download a config file for each server/port/protocol combination and then upload that to the router. 2) don't expect much speed at all from that router. the CPU is single core and too weak to crunch openvpn fast enough. I'm guessing 10mbit/s max.

Staff, if you're going to replace Tonatiuh with a new server, have you checked out the Houston area? I don't know if these guys meet your specs but, just for example, https://www.datafoundry.com/data-centers/houston-2/

yes, I'd lock current if that server is working for you.

actually, you're connecting just fine. it's the route checking that's failing. if you're using the network lock then you'll be safe to disable the route checking feature. Then it should stay connected.

the other Dallas servers aren't good? Unfortunately, Tonatiuh has just been withdrawn. It had some problems over its short life but for me and many it had the best routing. Sounds like it was best for you too.

Yes. crap. I know it had more problems than usual but it was the only one with good routing for many of us. USA ISPs are horrible.

has Tonatiuh been withdrawn?