Jump to content
Not connected, Your IP: 34.200.219.10

Recommended Posts

Hi, I'm new to the VPN scene and it seems I need some major help to get the most out of it. I also suspect that I'm slightly different from the majority of users here in that I'm using this for better gaming connectivity rather than security and privacy (basically, Playstation Network hates my non-vpn connection because it's NAT type 3, which is out of my control, so the VPN is to bypass that, which it has done).

 

My connection is shared through my appartment complex and does dhcp assignment. No way to open ports on that end as management want to enable residents to just plug into the wall and go with no requirement to buy a router, so they won't slack on security. Admirable, but annoying for me.

 

The setup: Linksys E4200 running DD-WRT v3.0-r27490 (07/06/15) mega, CAT-5 to the wall and the previously mentioned appartment complex-controlled fiber connection. 1 desktop pc connected by cable, one laptop and a playstation 4 as well as a phone on wi-fi. Speeds are the same wired or on wi-fi.

 

My speed without connection to Air is in the 80-100 Mbps range, with Air (client or set up in the router, which is the end goal) 6-9 Mbps. I'm expecting a drop in speed, but this is a little extreme.

 

Tried various combinations of servers and protocols, main two servers I've been switching between for testing have been Acubens (Sweden) and Aquilae (Germany), started with UDP on port 443, then TCP on the same port. Speeds were virtually identical, have cycled through both on port 80, 53 and 2018 as well. All setup done following the guide from AirVPN, no extra rules or setup done since I wouldn't have an idea where to start.

 

I've seen suggestions in other threads to increase the buffer sizes for people using the Air client, is this possible in DD-WRT, and if so how would I do it?

 

I've tried with and without QoS enabled, didn't seem to make a difference, but open to suggestions on tweaks there. UPnP is on, which seems to help with getting connected to Playstation Network, but have tried disabling it too.

 

Any general suggestions to optimize for speed? The safety of firewall rules dropping connection if the cpn connection goes etc are nice, but I am willing to give them up for a fast, efficient way to connect to what I want to connect to.

 

Because of the playstation, using the Air client and ICS isn't an option, I'm not moving the computer into the living room. So I really need to make it work on the router.

 

I'm not sure what info people will need to be able to help me with this, but to start with, here's the latest opvenvpn log from the router. Anything else you need, just ask and I'll get it to you.

 

lient: CONNECTED SUCCESS Local Address: 10.7.0.63 
Remote Address: 10.7.0.63 
Status VPN Client Stats TUN/TAP read bytes 37625622 TUN/TAP write bytes 63862092 TCP/UDP read bytes 67544747 TCP/UDP write bytes 40866705 Auth read bytes 63862604 pre-compress bytes 0 post-compress bytes 0 pre-decompress bytes 0 post-decompress bytes 0
LogClientlog: 
19700101 01:00:18 I OpenVPN 2.3.7 mipsel-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jul 6 2015 
19700101 01:00:18 I library versions: OpenSSL 1.0.2c 12 Jun 2015 LZO 2.09 
19700101 01:00:18 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 
19700101 01:00:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
19700101 01:00:18 W WARNING: file '/tmp/openvpncl/client.key' is group or others accessible 
19700101 01:00:18 W WARNING: file '/tmp/openvpncl/ta.key' is group or others accessible 
19700101 01:00:18 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 
19700101 01:00:18 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
19700101 01:00:18 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
19700101 01:00:18 Socket Buffers: R=[87380->131072] S=[16384->131072] 
19700101 01:00:18 I Attempting to establish TCP connection with [AF_INET]62.102.148.131:80 [nonblock] 
19700101 01:00:19 I TCP connection established with [AF_INET]62.102.148.131:80 
19700101 01:00:19 I TCPv4_CLIENT link local: [undef] 
19700101 01:00:19 I TCPv4_CLIENT link remote: [AF_INET]62.102.148.131:80 
20150729 20:15:39 TLS: Initial packet from [AF_INET]62.102.148.131:80 sid=b7316a64 4cbb8a61 
20150729 20:15:39 N TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 
20150729 20:15:39 N TLS Error: TLS handshake failed 
20150729 20:15:39 N Fatal TLS error (check_tls_errors_co) restarting 
20150729 20:15:39 I SIGUSR1[soft tls-error] received process restarting 
20150729 20:15:39 Restart pause 5 second(s) 
20150729 20:15:44 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
20150729 20:15:44 Socket Buffers: R=[87380->131072] S=[16384->131072] 
20150729 20:15:44 I Attempting to establish TCP connection with [AF_INET]62.102.148.131:80 [nonblock] 
20150729 20:15:45 I TCP connection established with [AF_INET]62.102.148.131:80 
20150729 20:15:45 I TCPv4_CLIENT link local: [undef] 
20150729 20:15:45 I TCPv4_CLIENT link remote: [AF_INET]62.102.148.131:80 
20150729 20:15:45 TLS: Initial packet from [AF_INET]62.102.148.131:80 sid=49a2673c 32b3df6a 
20150729 20:15:45 VERIFY OK: depth=1 C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org 
20150729 20:15:45 VERIFY OK: nsCertType=SERVER 
20150729 20:15:45 NOTE: --mute triggered... 
20150729 20:15:59 6 variation(s) on previous 3 message(s) suppressed by --mute 
20150729 20:15:59 I [server] Peer Connection Initiated with [AF_INET]62.102.148.131:80 
20150729 20:16:01 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 
20150729 20:16:01 PUSH: Received control message: 'PUSH_REPLY redirect-gateway def1 bypass-dhcp dhcp-option DNS 10.7.0.1 comp-lzo no route-gateway 10.7.0.1 topology subnet ping 10 ping-restart 60 ifconfig 10.7.0.63 255.255.0.0' 
20150729 20:16:01 OPTIONS IMPORT: timers and/or timeouts modified 
20150729 20:16:01 NOTE: --mute triggered... 
20150729 20:16:01 5 variation(s) on previous 3 message(s) suppressed by --mute 
20150729 20:16:01 I TUN/TAP device tun1 opened 
20150729 20:16:01 TUN/TAP TX queue length set to 100 
20150729 20:16:01 I do_ifconfig tt->ipv6=1 tt->did_ifconfig_ipv6_setup=0 
20150729 20:16:01 I /sbin/ifconfig tun1 10.7.0.63 netmask 255.255.0.0 mtu 1500 broadcast 10.7.255.255 
20150729 20:16:01 /sbin/route add -net 62.102.148.131 netmask 255.255.255.255 gw 10.44.11.1 
20150729 20:16:01 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.7.0.1 
20150729 20:16:02 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.7.0.1 
20150729 20:16:02 I Initialization Sequence Completed 
20150729 21:15:59 TLS: soft reset sec=0 bytes=108182994/0 pkts=132933/0 
20150729 21:15:59 VERIFY OK: depth=1 C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org 
20150729 21:16:00 VERIFY OK: nsCertType=SERVER 
20150729 21:16:00 NOTE: --mute triggered... 
20150729 21:16:13 1 variation(s) on previous 3 message(s) suppressed by --mute 
20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150729 21:16:13 D MANAGEMENT: CMD 'state' 
20150729 21:16:13 MANAGEMENT: Client disconnected 
20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150729 21:16:13 D MANAGEMENT: CMD 'state' 
20150729 21:16:13 MANAGEMENT: Client disconnected 
20150729 21:16:13 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150729 21:16:13 D MANAGEMENT: CMD 'state' 
20150729 21:16:13 MANAGEMENT: Client disconnected 
20150729 21:16:14 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150729 21:16:14 D MANAGEMENT: CMD 'status 2' 
20150729 21:16:14 MANAGEMENT: Client disconnected 
20150729 21:16:14 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150729 21:16:14 D MANAGEMENT: CMD 'log 500' 
19700101 01:00:00 

ca /tmp/openvpncl/ca.crt cert /tmp/openvpncl/client.crt key /tmp/openvpncl/client.key management 127.0.0.1 16 management-log-cache 100 verb 3 mute 3 syslog writepid /var/run/openvpncl.pid client resolv-retry infinite nobind persist-key persist-tun script-security 2 dev tun1 proto tcp-client cipher aes-256-cbc auth sha1 remote 62.102.148.131 80 comp-lzo yes tls-client tun-mtu 1500 mtu-disc yes ns-cert-type server tun-ipv6 tls-auth /tmp/openvpncl/ta.key 1 tls-cipher TLS-DHE-RSA-WITH-AES-128-CBC-SHA passtos

 

Share this post


Link to post

At least 1000mhz? That's what the Netgear Nighthawks are clocked at, and outside of industrial gear, they're pretty much the fastest out there, so that's basically saying getting tolerable performance is impossible.

 

I'm not looking to get anywhere near 100% of my speed, but getting near half would be nice.

Share this post


Link to post

At least 1000mhz? That's what the Netgear Nighthawks are clocked at, and outside of industrial gear, they're pretty much the fastest out there, so that's basically saying getting tolerable performance is impossible.

 

I'm not looking to get anywhere near 100% of my speed, but getting near half would be nice.

 

get an asus AC56 if greater cost is prohibitive.  those CPU can be overclocked to 1200megahertz.  50mbit/s openvpn is possible.

Share this post


Link to post

Thanks for the tip, will look into it. I've no problem spending what it takes to get decent performance, as long as I know it can actually be made to work.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...