Jump to content
Not connected, Your IP: 44.200.26.112

go558a83nk

Members2
  • Content Count

    2076
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    37

Posts posted by go558a83nk


  1. 2 hours ago, d0gb0y23 said:

    My buffer is set to 512kb... its weird because shortly after I posted that message I did get 120meg speeds... via Chow... it is, however, inconsistent, and I can't tell if its Virgin or AirVPN or both... Because the speeds can deviate over the course of a minute or two, its hard to check [I jump between Wifi networks, one is a clearnet]

    Is it worth me sticking with a single Air server? Currently I use the UK address which I believe dynamically assigns the server.

    I'll try increasing the buffer size when I return home... I've always had problems with Virgin at this address, the speeds fluctuate massively....

    Thank you for your advice folks... much appreciated

    Nick


    If you're connected to a server with plenty of bandwidth left and you get intermittent good speed then any speed fluctuation is your ISP.  I see it too and it's all down to my ISP changing routes or something along the way being congested. 

  2. 42 minutes ago, Lee47 said:

    Worth trying to adjust send/receive buffers on the openvpn config page like mentioned above, I had to put mine to 512k and even try 1 or 2 MiB with my VM connection and it was fine hitting full download speeds.

    Worth also trying the settings found on the original
    pfsense guide from pfsensefan (https://airvpn.org/forums/topic/17444-how-to-set-up-pfsense-23-for-airvpn/)
    :

    Encryption Algorithm = [ AES-256-CBC (256 bit) ▼]

    Auth Digest Algorithm = [ SHA1 (160 bit) ▼]


    Also delete the advanced configuration>custom options box at bottom of openvpn config page and try it without anything in the box and then save and then try it again with the custom settings, see if that makes any difference.

    Also try different UK airvpn servers, some perform better than others so try all of them Manchester, London, generally it's the ones closest to you which are best but not always I found.

    Sometimes speed test sites are not going to show the full speed due to servers, vpn use etc so try downloading 3 Ubuntu iso torrent files with your torrent app or que up several free public torrents from here:

    http://bt.etree.org/

    This should max out your speed within minutes, I found these type of test much more reliable then speed test sites.

    you can also try a file speed test here with large file button:
    https://www.thinkbroadband.com/download

    Really there is no reason why your 2ghz AES cpu can't max out your Virgin Media BB connection I hit over 200meg+ easily with my pfsense with 2.4ghz aes cpu, usually I found it was settings on the openvpn config page or the UK server I was using holding me back. Also to note Virgin media has been having major network issues across the UK this week its still down for many, and during lock down peroid the speeds have been up and down, I live in a high utilization area so can get capped by 50% at random times and usually after 6pm-10pm will auto get 50% capped (not sure if its same for yourself) so best to do heavy downloads in morning or early hours ie after 11.59pm midnight or 1am morning.
     


    those are old settings.  AES-256-GCM is faster. and SHA512 is for tls-crypt configs.

     

  3. 1 hour ago, deguito18090 said:
    I'm noticing that if I use Eddie I obtain one DNS IP, if I use instad openvpn I obtain 69 DNS IP from the same server in ipleak.net.

    I think it's better if my workstation change DNS ip 69 times instead to use the same IP. Correct?

    not at all.  what that's showing, and it's normal when using openvpn GUI on windows, is that when you use openvpn GUI instead of Eddie you have a DNS leak which is ruining some of the privacy you gain by using a VPN.

    you want just the one (or two with ipv6) airvpn servers showing up as DNS servers.

  4. 2 hours ago, deguito18090 said:

    Hello,

    I reconnected to AirVPN and for the first time ipleak.net show me only one DNS server, I have the confirm that is an AirVPN server but all the other times I got over 50 different DNS.

    Why this difference?

    Thanks


    You should never have gotten 50 if you were using Air DNS.  2 at the most, one ipv4, another ipv6.  anymore and that's no Air DNS.

  5. Mine pfsense setup is very fast

    What I have is in System>Advanced>Miscellaneous>Cryptographic Hardware AES-NI and BSD Crypto Device is Chosen.  You must reboot after changes to this setting.

    Then in the openvpn configuration hardware crypto option I have BSD cryptodev engine selected.  There is no AES-NI option there because as long as AES-NI is enabled on the system openvpn uses it automatically. 


  6. 1 minute ago, Av3ngeme said:
    9 minutes ago, go558a83nk said:

    Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
     


    Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

    You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is.


    Yes, when I was using asus I had to re-input every boot.  But for me that was very rare.

  7. Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
     


    Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.


  8. 2 hours ago, Clodo said:

    Version 2.19.1 (Sat, 18 Apr 2020 11:14:36 +0000)

    • [bugfix] Linux - Fix issue with Network Lock IPv6-only incoming whitelist
    • [bugfix] - http-100-continue issue
    • [bugfix] - Special condition elevation checks (may resolve "Unable to start (no-socket)" issues).
    • [change] - Removed curl binary dependencies
    • [new] Linux - New Network Lock with nftables (if nft is present, it is used by default in "Automatic" mode)
    • [new] Windows - New option "Use wintun driver (OpenVPN>=2.5)" under "Preferences -> Advanced" automates ovpn directive

    For the wintun option do I need to install openvpn 2.5 (thus the wintun driver) manually or does this version of eddie install it automatically?

  9. 4 hours ago, tester.user said:

    I succeeded to connect to AirVPN as configurations you have mentioned, but I couldn't connect to OpenVPN !!!!!
    How OpenVPN is blocked everywhere? and why? I don't understand.
    is that means I couldn't connect to OpenVPN through AirVPN ???!!!!!
    I registered to your VPN only to connect to OpenVPN !!!!!!
    How can I solve this problem and connect to OpenVPN ?????

    When you use Eddie, AirVPN software, you ARE using openvpn.  But if you must use openvpn software that doesn't give you the security of the network lock like Eddie does then generate a config as AirVPN staff said above.

  10. If wintun doesn't give you significantly more speed than the old TAP then you have something else limiting your speed.  That's my thought.  It could be some hardware or software on your PC or in your network somewhere.  Or it could be something with your ISP.


  11. 22 minutes ago, AtariSoul said:
    Thanks metog I will try tls-crypt first and if that doesn't help I will try your suggestion.

    Many Thanks

    socket-flags TCP_NODELAY;
    auth-nocache;
    mlock;
    key-direction 1;
    tls-version-min 1.2;
    key-method 2;
    tls-timeout 2;
    remote-cert-tls server;
    mssfix 0;
    tun-mtu 20000;
    explicit-exit-notify 5;

    That is what's in my custom options.

    I find mssfix 0 works best for me.  And tun-mtu 20000 may seem crazy but it works for me.  I've read results of others testing and they find that for high speed openvpn setting a high tun-mtu value helps.

    Also, test the GUI setting for buffer.  A higher buffer may help get you max speed but there's obviously something else going on that's clamping you way down.  I'm curious what tls-crypt does but I don't have high hopes.  I think something else is going on and I really don't have an answer because we're talking orders of magnitude difference.

    What network cards are in your pfsense box and what are you network interfaces settings in system_advanced_network.php ?
×
×
  • Create New...