go558a83nk

do you mean openvpn client for iOS? as far as I know the only openvpn app for iOS is openvpn connect. any other VPN app uses L2TP.

according to some tests that try to point to a theoretical max for CPUs running openvpn the N3150 should be able to do about 125mbit/s. if I understand correctly some people are consistently hitting that limit which makes my wonder why yours isn't a little faster. https://forum.pfsense.org/index.php?topic=105238.msg616743#msg616743 https://forum.pfsense.org/index.php?topic=115673.0 I have an AMD A6 7400K http://cpuboss.com/cpu/AMD-A6-7400K and my theoretical limit (according to the links above) is 329mbit/s but my line speed is only ~115mbit/s. Your CPU is http://cpuboss.com/cpu/Intel-Celeron-N3150

Yes. But i also tried it with 'NONE' choosed. The other option would be the AMD encryption, which of course would not make any sense for my celeron at all. With the Intel CPU i would have also the choice to use 'Intel RDRAND', but i have read, that this Intel method is untrustworthy. http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/ So i normaly would use BSD Cryptodev. But it does not matter, neither with RDRAND, with BSD Cryptodev or disabled, i get the same speedresults, meaning my speed is on average about 85mbit/s. Without VPN the system is fine and reaches 260mbit/s (10mbit/s more than my provider should provide :-) ) So i am quiet disappointed with this quadcore celeron that cant even manage half of my connection. Beside that, it is strange, that it shows me the CPU never uses more than 35% of its capacity. I followed this guide to set up, so i dont understand why the CPU is not working hard over 35% but stil i dont get more speed. My old pfSense router i also did with this guide and it works fine. what version of pfsense are you using? perhaps your speed is being limited by something else, not the pfsense machine?

so when is this update supposed to come out?

Oh, that is sad. But thanks for the information. I just buyed a Intel Celeron N3150 MiniPC and thought with its quadcore i would have enough power for my 250mbit internetconnection. But it looks like an avarage of 85mbit/s is possible with this CPU =(. It says it supports AES-NI but nothing changes if i disable the hardware encryption in OpenVPN. Thats why i asked if it is possible to choose 128bit. Thanks for the reply and the fast clearing of my answer before. so on the system_advanced_misc.php page of your pfsense machine you are setting cryptographic hardware to AES-NI? What are your choices there? and in the openvpn client setup page for hardware crypto you are choosing what? Mine says BSD cryptodev engine, but I have an AMD chip. I don't know if it's different for an Intel CPU.

what's so hard about installing openvpn connect from the apple app store?

might as well get used to it.

A VPN will not hide how much data you receive/transmit.

a router can't run in repeater mode and do openvpn. it has to be in router mode. it would still work in router mode for the devices behind it but the double NAT complicates other things. check out an Asus AC68 for a good option that has a stock openvpn client.

router doesn't take any effort depending on what you buy. some have stock firmware with an openvpn client. then all you have to do is load up your config file.

it's 192.168.x.x , under the WebRTC section, correct? If so, that's nothing to worry about.

you don't browse the internet within the AirVPN software. get connected with the AirVPN software, then use your usual web browser, etc.

this would have the same problem as using your own VPS as a VPN server - it's got your info all over it.

It's easy to know you're using a VPN by your IP address if they've done their homework and logged all exit IP addresses of known VPN providers. maybe Amazon are in the midst of blocking VPN providers but the last time I tried Amazon video over VPN it worked. That was a few weeks ago.

not only that but in my experience NAT acceleration would "leak" by allowing connections made prior to the VPN connection to continue to exist instead of forcing everything through the VPN tunnel.

are you using merlin's build?

OK, fixed the problem! Specifying outgoing gateway on the general settings page now works. what i had to do was change the NAT rules for localhost outgoing to VPN and WAN to be "this firewall", not 127.0.0.0/8. Will this cause an additional problem somehow?

I'll look into this. Thanks! Edit: tested and doesn't work. Rebooted just to make sure. But, getting DNS requests out the WAN still. Edit #2: since I'm looking at routes I realize now that specifying a gateway on the general settings page adds a static route, same as the system_routes page. But, it seems that Unbound ignores it. I have made sure that my NAT settings allow 127.0.0.0/8 to access the VPN tunnel. But, still, no luck.

Sorry, I forgot to mention that I've tried specifying the outgoing gateway on the general setup page and it's ignored when using Unbound in forwarding mode. I can test by connecting to a far away VPN server and testing for DNS "leaks". The servers that are shown are both local and near the VPN server. This is due to me having to allow Unbound to use the WAN for outgoing in the Unbound settings. From what I've read the outgoing gateway is only obeyed when not in forwarding mode. But, as I wrote previously, that presents other problems.

pfsense_fan, how would you setup DNS if you had some devices routed to WAN, other devices through VPN? My setup: 1) all regular devices on my network have static leases 2) I have some devices routed to WAN 3) I changed the DNS forwarding rule that prevents alternate DNS to allow those WAN routed devices to use whatever DNS 4) Unbound was still only allowed the VPN interface for outgoing requests. There wasn't a problem until recently. Now my streaming TV service (Vue) is really picky about things it seems. It won't work unless I allow Unbound outgoing WAN as well. I assume the IP address querying DNS must match my WAN address? This poses a problem for me because I want my VPN devices to also use public DNS but make sure the requests go through the VPN tunnel. I like public DNS because I get geo-optimized content and they are faster. But if I went with these settings my VPN devices would be doing DNS requests out the WAN and VPN. So, I've had to resort to using Air DNS to get things working properly. I use AirDNS in the general settings page, and put in public DNS in the static lease settings of the WAN routed devices. Things work, but I'd like to be able to use public DNS for everything, just out the respective interfaces. I've tried using resolver mode (unticking forwarding mode in unbound settings) but this seems to force the use of the VPN DNS and ISP DNS and ignores my settings on the general setup page. I've tried using the forwarder (dnsmasq). It obeys my DNS settings on the general settings page but other problems cropped up for some reason - Vue stopped working again.

how are you controlling DNS usage per interface? Just curious since I use pfsense too. Do WAN interface devices also use Air DNS? Air DNS is slower than huge corporate DNS, I can testify to that. Maybe that's the slowness you're seeing?

if latency is poor then choose a closer server. latency has nothing to do with the server but with your route to the server.

have you rebooted your computer?

Kind regards interesting. PIA have a win-win scenario. If their audit finds problems - they look like heroes not only because they found problems but because they are probably still using some ancient hacked version of openvpn that they can claim is SAFE!. If their audit doesn't find problems they still take credit in marketing for the wonderful work they've done.

I can't find anything either. But, I do see that M247 was bought by Metronet UK in October.