Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    astrill open-vpn

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 2 Posters 1.3k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      art godknow
      last edited by

      hi all,
      A PFsense newbie here.
      normally i was able to establish astrill vpn connection with ddwrt under astrills app and aslo with openvpn protocol.
      according to this document "https://www.astrill.com/wiki/Astrill_Setup_Manual:Setup_OpenVPN_on_pfSense"
      everything went ok. i was able to connect astrill server, the problem starts. when ive get connected ive lost my connection. is there something i missed? do i have to create route or something?
      any help would appreciated.
      thnx
      ast.jpg

      V 1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann @art godknow
        last edited by

        @art-godknow
        An outbound NAT rule. Not clear, why the doc doesn't mention.

        Also you should assign an interface to the client instance. Interface > Assignments.
        Und "available network ports" select the client instance (e.g. ovpnc1), hit Add. Then open the new interface, enable it and enter a meaningful name. Save.

        Go to Firewall > NAT > outbound. Enable the hybrid mode and save it.
        Add a new rule:
        interface: that one you've assigned to the vpn client
        source: your LAN network
        destination: any
        translation: interface address

        A 1 Reply Last reply Reply Quote 1
        • A Offline
          art godknow @viragomann
          last edited by

          @viragomann

          Thnx for your reply. ive found another manual which i am able to connect.
          astrill documents unfortunately too old and in accurate.

          maybe silly question but i wonder, i am connecting from windows app and openvpn to same server but pp gets almost 200mbits and pfsense openvpn gets 60mbits
          my fault or thats working style is this?
          thnx

          V 1 Reply Last reply Reply Quote 0
          • V Offline
            viragomann @art godknow
            last edited by

            @art-godknow said in astrill open-vpn:

            maybe silly question but i wonder, i am connecting from windows app and openvpn to same server but pp gets almost 200mbits and pfsense openvpn gets 60mbits
            my fault or thats working style is this?

            What's hardware is pfSense running on?

            Did you configure the same settings as in the Windows .ovpn file?

            A 1 Reply Last reply Reply Quote 0
            • A Offline
              art godknow @viragomann
              last edited by

              @viragomann
              its noname dual nic celeron j1900 small factor pc.
              and yes all setings same ive added custom values too. also tried tcp and udp
              thnx

              setenv FORWARD_COMPATIBLE 1;setenv UV_SERVERID 816;mssfix 1418;link-mtu 1418;ns-cert-type server;tls-version-min 1.2 or-highest;push-peer-info;explicit-exit-notify;mute 20;mute-replay-warnings;max-routes 1000;auth-nocache;block-outside-dns

              V 1 Reply Last reply Reply Quote 0
              • V Offline
                viragomann @art godknow
                last edited by

                @art-godknow
                The CPU sadly doesn't support AES-NI hardware encryption. So you can only use Intel RDRAND at its best, which gives not really much acceleration.

                A 1 Reply Last reply Reply Quote 1
                • A Offline
                  art godknow @viragomann
                  last edited by

                  @viragomann
                  Thnx again, my N5105 is on the way. ill see what would it can do:)
                  regards

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.