go558a83nk

do other sites load?

I don't know what kinds of stores are available to you. Where I am I can go to a store that sells all the parts and use their help to find parts that work with eachother within my budget. I simply just use my phone to look up information about parts if I need to. For example, to make sure the CPU I'm looking at has AES-NI. The pfsense store sells hardware that is suitable, but for many people it's out of their budget. I don't know what kind of person you are but there are many who can't see spending more than $100 on something that they intend to use for years. That's crazy in my opinion.

Are they compatible with 3rd party VPN services such as AirVPN? yep, I'd stay away until that question and the actual openvpn aes-256-cbc speed is confirmed.

I read a little about this on the pfsense forums. the point is that you don't need to assign a gateway because the VPN server is already "directly connected" (via VPN). the only way it can be reached is via the VPN so no need to assign a gateway.

this is something that needs to be asked on pfsense forums.

build or buy a machine with a CPU with AES-NI to run pfsense and follow the guide in this forum. keep your wifi router to use as a wifi access point (not router mode).

Username and password are used in Eddie to download your certs and keys. Username and password are not used to connect to a VPN server. The log shows part of the VPN connection process. Therefore, this isn't a username/password problem. If you try the openvpn 2.3.x can you connect?

Staff, the exit IP of the server Tonatiuh seems to struggle from a sordid past (it's on projecthoneypot's list) and incorrect geolocation. This has prevented me from using several web sites. What efforts have been made to correct those problems? Anything I can do to help?

Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA that's in my openvpn log - pfsense 2.3.3. It's not new. I've used it ever since I began using pfsense. just put tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 in the custom options.

if your router doesn't have an openvpn client stock then you'll need third party firmware like dd-wrt or openwrt. don't expect high performance if you end up using it as an openvpn client.

Air tried a server in South Korea and quickly dropped it because of the censorship.

how have you tested DNS speed?

people, disabling IPv6 on your system doesn't matter. what you're seeing is the ipv6 address of the DNS server. Then there is confusion from old/incorrect geolocation databases. Staff have already said they will get it fixed. Just be patient and try some other DNS leak services just to make sure.

it's an error with whatever geolocation database the web sites are using. just try a different server if it's too troublesome for you.

this has already been discussed in other threads. https://airvpn.org/topic/21713-ipleak-showing-2-dns-addresses/ https://airvpn.org/topic/21715-ipleak-test-two-dns-addresses/?hl=ipleak

I'm telling you it's cogent. tonatiuh is the only dallas server that's not reached from comcast via cogent. I'm guessing other providers (if you're not using comcast) are using the same routing...because cogent is known to be cheap. I'm on AT&T at home, and not sure what at work, so I'm not sure if routing is the same or not. But, that really doesn't explain things, since the speed is perfectly normal when not using SSH/SSL on the other Dallas servers. I highly doubt that the routing would be different based on the protocol, nevermind with two different ISPs that I connect from. I'm not saying the routing is different. And I very well could be wrong in my thinking that cogent is to blame. My only thought was that cogent was clamping down on TCP connections. Thus, UDP are faster. I have since tried SSL and SSH to Tonatiuh and they, also, are slow.

Eddie is supposed to allow LAN traffic even with network lock on, there are settings for it. Maybe you disabled them? If not, I suggest you open up a support ticket and give them logs.

make sure you're using the latest version of Eddie on your PC. The only openvpn app on the iphone is openvpn connect. all others are not based on openvpn and use the built in VPN options apple provides. thus, they may behave "better". but, openvpn is the more secure option. any problems you have running openvpn connect have nothing to do with AirVPN and everything to do with the phone and the internet to which it's connected.

Yep, sometimes I have to go restart remote access on my plex server for it to register a new VPN server I'm using, etc. I can't think of any other reason why it only works part of the time for you.

Glad it works but 10.30.0.1 and 10.4.0.1 really point to the same DNS - the server to which you're connected. Not sure why the change. Were you always using Kitalpha?

google thinks Tonatiuh is in Brasil. and it's on the project honeypot list too, probably from previous usage in Brasil.

probably a DNS issue. download new config files using advanced mode in the config generator, and clicking resolved hosts in .ovpn file.

I'm telling you it's cogent. tonatiuh is the only dallas server that's not reached from comcast via cogent. I'm guessing other providers (if you're not using comcast) are using the same routing...because cogent is known to be cheap.

running pfsense 10.3 on a AMD A6-7400K Radeon R5 With advanced settings>miscellaneous>cryptographic hardware>amd geode LX security block openssl speed -evp aes-256-cbc Doing aes-256-cbc for 3s on 16 size blocks: 69228564 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 64 size blocks: 20139141 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 256 size blocks: 5465575 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 1024 size blocks: 1404702 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 8192 size blocks: 176969 aes-256-cbc's in 3.00s OpenSSL 1.0.1s-freebsd 1 Mar 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 369219.01k 429635.01k 466395.73k 479471.62k 483243.35k With advanced settings>miscellaneous>cryptographic hardware>aes-ni cpu-based acceleration openssl speed -evp aes-256-cbc Doing aes-256-cbc for 3s on 16 size blocks: 1524514 aes-256-cbc's in 0.30s Doing aes-256-cbc for 3s on 64 size blocks: 1549608 aes-256-cbc's in 0.22s Doing aes-256-cbc for 3s on 256 size blocks: 1268941 aes-256-cbc's in 0.23s Doing aes-256-cbc for 3s on 1024 size blocks: 739837 aes-256-cbc's in 0.13s Doing aes-256-cbc for 3s on 8192 size blocks: 151301 aes-256-cbc's in 0.02s OpenSSL 1.0.1s-freebsd 1 Mar 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 82163.28k 453371.03k 1386021.96k 6060744.70k 52883532.46k With advanced settings>miscellaneous>cryptographic hardware>aes-ni cpu-based acceleration openssl speed -evp aes-256-cbc -engine cryptodev engine "cryptodev" set. Doing aes-256-cbc for 3s on 16 size blocks: 1526421 aes-256-cbc's in 0.31s Doing aes-256-cbc for 3s on 64 size blocks: 1522099 aes-256-cbc's in 0.27s Doing aes-256-cbc for 3s on 256 size blocks: 1261088 aes-256-cbc's in 0.29s Doing aes-256-cbc for 3s on 1024 size blocks: 739709 aes-256-cbc's in 0.13s Doing aes-256-cbc for 3s on 8192 size blocks: 151291 aes-256-cbc's in 0.02s OpenSSL 1.0.1s-freebsd 1 Mar 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 78152.76k 366736.32k 1116846.80k 5703243.41k 79320055.81k With advanced settings>miscellaneous>cryptographic hardware>none openssl speed -evp aes-256-cbc Doing aes-256-cbc for 3s on 16 size blocks: 72793174 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 64 size blocks: 20266245 aes-256-cbc's in 3.02s Doing aes-256-cbc for 3s on 256 size blocks: 5436363 aes-256-cbc's in 2.98s Doing aes-256-cbc for 3s on 1024 size blocks: 1404736 aes-256-cbc's in 3.00s Doing aes-256-cbc for 3s on 8192 size blocks: 175041 aes-256-cbc's in 2.97s OpenSSL 1.0.1s-freebsd 1 Mar 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 388230.26k 428995.04k 467555.76k 479483.22k 483009.98k It seems enabling for the OS AES-NI, in this test, makes smaller block sizes slower but the larger block size(s) much faster. The question is, what block size is the best representation of internet traffic?

why are you still using the beta?