Posts posted by Royee
This sounds very interesting.
On the moment I have a 150 Mb/s - 20 Mb/s ISP connection and my max speed over VPN is 7Mbps
So I am astonished that it is possible to have 140Mbps; that's 20 times more!
I thought it was not possible and that the air vpn servers were the bottleneck.
But now I am not so sure anymore about that...
I was hitting around similar with my Asus tomato router, I ignored a few comments about people saying you wont get faster but sadly they were all right.
Eventually routers are just too slow. Even the latest netgear router with dual core 1ghz cpu wont do much more then around 20meg under an VPN with AES encryption.
So its time to build a pfsense. Many pfsense guys I noticed have just used an old pc or got a cheap pc of ebay and converted it into an router and I prefer this. However trying to get a low powered and low wattage AES compatible CPU and one with 2-4 ethernet ports which are all compatible with pfsense is slightly tricky. But check Knickers hardware I feel he has got it bang on.
I would have loved to use one of those tiny pcs that consume 15-20watts but I don't feel that is happening since they lack AES or ethernet ports.
Shame Shutlle DS61 V1.1 did not upgrade to a haswell system, some core i3s @ 55watts and some cpus with 35watts even about....
Hi yeah that is awesome speeds regardless. At least once all runs thru a VPN your safe as can be
I look forward to following the guide soon !
I'm not a P2P user but I was curious; on their "Why IVPN" page: https://www.ivpn.net/whyivpn
4. We're not a P2P downloading service.
How do they accomplish that, Is it a matter of them not forwarding ports?
How can a VPN provider call itself a provider if it can't offer p2p services ?
Would have loved some AirVPN black friday options like 1 year package or Cyber discounts sounds better
Hi knicker a question are you able to max out your 200m/b line on pfsense airvpn openvpn client under that xeon cpu ?
I know you hit 132 meg with the celeron but high cpu usage.
I am still saving up for my pfsense box build hope to do it real soon so will follow and run this guide soon !
I have attempted to follow Airvpns Comodo guide but was unable to follow it even on step 3 sadly.
I found the guide is out of date and incomplete and seems to skip many settings, I managed to find the options and settings for most of it but was then lost with all the rules and allow rules etc
I think since Comodo firewall has changed the interface and options it really does require a complete updated guide with the new comodo firewall version.
It would be really fantastic if Air or Air user could update the comodo firewall guide but detail each and every click and step of the way?
VPNcheck pro is another option.
Works with any openvpn and just about all vpn companies use it. Air does also.
Has options to kill not only the internet connection it can also cut off torrent or any app like firefox. I tried the demo and it was pretty good and worked firefox and Vuze cut off straight away once Air got disconnected.
I think its cheap also like 25 dollars or something like that.
How about VPN chaining 3-4+ VPN providers to be totally 100% sure?
One could then run Whonix with Tor
Or VPN with Tor, it will be much slower but at least your IP will not be given up to Air at all however I believe Tor network will see your IP ?
I still feel vpn chaining a few decent VPN providers gives you that speed advantage and I believe you do not give up your real IP when on tor network since you are VPN chained to 3-4 + providers.
Not connecting to the internet is the safe option but then again its not an option !
DD-WRT and tomato routers are great, however always remember even the fastest routers out there including netgears new 1ghz router, you will still hit 16-20meg max.
If you got a broadband connection that is 30meg or 60meg or 120meg+, your router will aways hit 16-20meg.
I had an Asus RT-N16 router, one of the most popular routers even on flashrouters company, but you can only hit around I believe inbetween 8-12meg.
On mine I hit 8-10meg despite having a 14-15ish meg connection.
Alternative option is listed here:
Thanks Knicker will use all this info for my pfsense build
Very good point about the cpus nickspam, yeah openvpn client is sadly still single core I believe when the 3.x version of openvpn client arrives it will be dualcore enabeled, although hopefully they just make it mulitcore.
I have played around with pfsense under virtual box with just a single lan and yet to get it 100% running, with this guide I can however make it!
But I think ill get a dedicated pc and turn it into a pfsense router box like knicker and many people do. Im going to get one of those hp intel 4 x gigabit 364 nics you see on ebay all the time. I think for OpenVPN this is the only soloution and best choice, no router would ever come this close.
May just stick with my 4ghz dual core AMD cheap cpu with AES instructions for my pfsense build... that should in theory have much less bottlenecks
Knicker: Very nice low cpu use, are you able to max out your 200m/b line on pfsense airvpn openvpn client ?
Thanks Knicker & Nickspam
More question for both you guys, since pfsense users are rare here!
Yes, regarding the realteks nics... I hear many on pfsense forums say its hit or miss with connection drop outs or poor speeds... I too was also eyeing that "Intel HP NC360T PRO/1000 Dual Port Server NIC PCI-e GB" since its cheap and plenty available, but was unsure if it works so thanks nickspam I think I would need 2 of them!
Regarding the hard drive and size, was not aware of pfsense packages existed but just read a bit on squid sounds great to have.... but I prefer my privacy I never save history, cache, cookies etc in my browser or computer. I would have thought squid vs hdd stored cache would have made it slower? not unless it does many other things better ? If there were pfsense packages such as rtorrent/utorrent/p2p and Nzb that would have really made my day but don't see any.
Yes thanks again Knicker I saw your other 2 guides of leaking dns/port forwarding I will save and bookmark them ! Its a must feature for me since I worry if AirVPN stops.... but then I don't
Great point regarding the xeon cpu, they are more designed for 24/7 use, still I have used an intel quad 6700 cpu 24/7 for 5 years and never without issue. I feel with an core i3/i5 if you can get one with AES it could still proove just as good if not cheaper.... I originally considered an intel nuc or amd sapphire mini pc, but these little boxes are limited by 1 nic ! Using mini pic-e network cards is possible but then no one seems to have attempted it, otherwise I felt an intel nuc with low power and with either mini-pcie network card or vlan switch would have done the job, but then the price and power still adds up sharply over a custom AMD or intel build.
Your shuttle is very nice and small and mini itx. I still feel an AMD 4ghz dual core with AES which is cheap and a micro-atx with 1-2 pci express slots offer more connectivity and flexibility then an mini itx build. Power should not be that much more either and its cheaper to pick up micro-atx mobo and cheap AMD cpu with 4ghz/AES but maybe wrong on this...
1-2 previous guys have hinted to me AES on the cpu does help but not drasticly, ie like 20-30% less.... but I feel it was all theory talk and no one had actually tried to see the difference. I guess in theory AES instructions should reduce the cpu overhead big time but not sure.
Nickspam what is your current pfsense hardware build consist off or are you running pfsense via virtualbox ?
First of all just have to say Thank you very much !
I have attempted to install pfsense dozens of times in the past and failed, I posted up help a few post down regarding pfsense Airvpn settings but was still lost with the settings and I pretty much gave up on it untill I saw this post !
I hope Airvpn staff leave this thread open for debate since it will help a great deal of Air Customers.
I have a few questions before I attempt from your guide but am also planning on building a mini itx system soon with pfsense since it would be at least 5x more powerful and better then a router.
1) Did you have any issues with the 2x Lans ? I hear realtek lans are pretty poor and can be unreliable
2) How did you get 60meg on your Linksys router under OpenVPN ? Even the latest 1ghz dual core routers would not get that much !
3) You picked an 60gig SSD when an 8gig ssd would have done... are you running pfsense under virtualbox alongside windows/linux ? I ask since you mentioned about the torrents hitting 93% or was it just the torrents via another machine causing that much cpu strain ?
4) You mentioned "Note 2" about if the default gateway drops, then so does your internet connection. Is this not a very good option to have ? This would prevent your real IP or DNS leaks from occurring. I had iptable rules in my old Asus tomato router which switched off the internet if AirVPN dropped or did not allow internet if it was not connected. Not unless you have a better alternative to this ?
I find it very tricky to get the hardware for pfsense right, intel low powered cpus are so poor and never support AES, and it does not help openvpn client is single core supported. When openVPN 3x comes out I hope all software/clients upgrades since dual cores would have given you 200meg+. I have however noticed AMD low end cpus even the 2 or 3ghz ones support AES and very cheap and 65watt low powered so may build it around AMD parts and a 2nd hand 4 way pci-express intel lan card for increased connections and reliability.
I believe what you have done is the best option going, at least this way your pfsense box can max out all speeds and other devices are auto AirVPNed if connected to the pfsense box. It sure beats any tomato/ddwrt/opensource or even the fastest dual core 1ghz netgear router that just came out I believe that hits 16-20meg under openvpn limited by single core openvpn and 1ghz cpu only. I hope you chuck in the xeon id like to see the difference.
I will no doubt be back to ask questions and more so once I try the guide out for myself !
Hi thanks for the settings, but those settings I had all entered already.
The interface : I tried Wan but it then complained about an tunnel network address ? So tried internal and seemed to pass it.
Proxy authentication : set to none for now, if I choose anything else it ask for username/password
Server host name resolution: unchecked as Airstaff mentioned
TLS authentication : unchecked - Not sure if Airvpn servers require TLS authentication or not but it asked for a static key otherwise
Tunnel settings : all left blank since no idea
I tried following the guides from a few other vpn providers but there settings are different.
Any other pfsense air users out there that could do a print screen of there openvpn settings or help ? thx
Hi I am giving pfsense a try, but struggling getting the right settings under openvpn client under pfsense.
I have a windows 7 Pc, vbox > pfsense running with ethernet 1-NAT and ethernet 2-internal settings (network name: test1)
I can access pfsense web gui from another vbox > linux running which is linked to test1 internal network just fine.
However am confused as to the settings to enter.
I entered opennic dns servers, which I think is ok, added my 2 certs and 1 key via copy and paste into cert manager.
Am stuck on OpenVPN Client settings below:
Server node : peer to peer (SSL/TLS or shared key)
protocol : udp or tcp
device mode: tun or tap
interface : wan/lan/local host/any
local port: ?
server host : I entered AirVPN entry ip server
Server port : AirVPN port number
proxy host: left blank
proxy port: left blank
proxy authentication type:ntlm or basic
infinitely resolve server: tick or uncheck
tls authentication:tick or uncheck
peer certificate authority: Airvpn
client certificate: webconfig in use
encryption algorithm: AES-256-CBC
hardware crypto: no hardware selected/BSD/RSAX
IPv4 Tunnel network: left blank
IPv6 Tunner network:
IPv4 Remote networks:
IPv6 Remote networks:
Limit outgoing bandwith:
compression:/compress tunel packets with LZO: Left unticked
type of service:set TOS IP header value of tunnel packets to match encapsulated packet value : Left unticked
I managed to get the server & port settings and UDP/Tun/AES 256-CBC settings from the airvpn config files, I searched for pfsense guide on here but none
Any ideas with the other settings? Perhaps someone can copy n paste my settings above and bolded the right setting? Cheers
thanks staff clears it up nicely
Just a thought, I read a few times on Air forums, once you disconnect from your VPN. Your connection logs and details are deleted from the system.
So is it best to disconnect regular?
what if someone has a dedicated Router which is always left on and connected to the AirVPN does this not increase the risk more ?
Instead of using a credit card, why not just pay with bitcoin? You would be surprised at how easy it is to pay that way.
Too complicated to set up bitcoins
More so for new starters. Even myself I attempted to follow newbie guides on starting with bitcoin, gave up after few hours of scratching my head !
Worked fine for someone on another forum last month, he used a prepaid prime IDT mastercard but was from the UK I think
Name on card was Mr Cash card lol
Regarding the above, recently I was considering getting a better bb connection and this 8-9meg limit is what is causing a great problem (didn't take long!)
Now I see why many folk are using pfsense instead of tomato/ddwrt/high end routers.....
Netgear have a new R7000 router which is the most powerful & fastest router currently out there, even has a 1ghz dual core, its over twice the cpu speed of the Asus RT-N16 (480mhz) and more 2x in dual core, but even then I was thinking this may in theory only give 16-18meg tops which is still pretty bad.
I am attempting to get a proper answer in regards to R7000 routers speeds under OpenVPN but the DDWRT firmware is buggy and not many people seem to be using VPN clients so I cant get a proper answer as to what speeds one may get !
Either way openvpn is a single core app so speeds will be pretty poor, I assume it will not be nearly enough really.
Am considering a pfsense diy router build with openvpn as the main use to fix this openvpn bottleneck issue.... but have not yet done so yet. Need to get some answers on hardware and if openvpn client/pfsense would allow 50meg or 100meg bb connections without the speed loss with vpn !
Question for Asus RT-N16 users, Its been suggested on here before when using tomato routers and openvpn support the max speeds you will ever get is around 7-8meg download.
Other say this is due to the 480mhz cpu speed or cpu speed of the router holding it back.
Is this true? I only ask since I may try and get a faster line and am worried if I got say 100meg I will only get 8meg max speeds with my tomato openvpn air setup!
So we can add Proxy.sh and hide my ass and earthvpn to the bad list ? All 3 of them have had issues with giving up customers details or monitoring them or reporting them to authorities, then they still advertise privacy on the front of their own websites!
I too would like an update on the matter, were all aware that one can use Tor. I do not use Tor simply since its quite slow, considered VPN tunneling and adding a 2nd VPN to the mix, but then as someone on here suggested, all your data is still able to be monitored by VPN provider 1 anyhow. I also think connecting to Tor and then airVPN could be dangerous as in your ISP can then see your connecting to Tor network and then all of a sudden your encrypted, this may cause alarm bells id imagine !
I have heard of cases from other VPN providers they sometimes give up the customers IP and Details to the authorities when they are connected to a data center in the US, is it therefore better to connect to a country where the laws are better like Europe servers like Netherlands ?
UK National Lottery
in Blocked websites warning
try alternative UK VPNs I find this fixes the issue when trying to connect to some UK sites that get this issue.
Same applies for US websites.