-
-
@JKnott said in Upstream very low compared with downstream traffic with OpenVPN Client.:
I have a 75/10 Mb package. If my VPN were connected to someone else with the same configuration, that VPN would be limited to 10 Mb in both directions,
What about 5 Mb/sec ?
I imagine something like this :
Someone from the outside world connects to your 75/10 Mb VPN server.
This some one executes a speed test, available on the net.
This connection comes in over the "75Mb/sec" VPN pipe, using the WAN interface.
And goes out over the same WAN interface pipe, over the 10Mb/sec pipe to the speed test server.
Then comes back over the 75Mb/sec WAN pipe.
Goes over the VPN 10Mb/sec pipe to the "some one".The 75 and 10 pipe will get used each twice.
In theory, 10 Mb/sec will be cut in half. (right ?)True, (VPN) compression could help here. And VPN traffic control will add some overhead.
No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
If you are in fact going in and out through the same interface twice, then yes throughput will be cut in half.
-
Hi @Gertjan
In that situation is correct but in my case I have two WAN with 250Mb/250Mb. The clients connect to WAN1 an goes to Internet trought the WAN2 or viceversa.
Regards
-
So,
Client -> OVPNWAN1 -> OVPNWAN2 -> ???
Better draw a clear diagram...
-
Most tests only test in one direction at a time so whilst that traffic has to go in and out at the VPN server the reply traffic the other way is minimal so I would expect somewhere close to the line rate. But, yeah, any reply traffic there is will reduce the potential test rate.
Steve
-
@Pippin this's the diagram:
Case 1.- Client -> Internet -> OVPN-WAN1 -> WAN2 -> Internet
Case 2.- Client -> Internet -> OVPN-WAN2 -> WAN1 -> Internet
Regards
-
Assuming the Client is at a remote location, maybe the client VPN software is limiting the speed ?
-
Hi @pwood999
I think that no because OpenVPN Client is installed by default and I think that isn't limited in any direction.
-
So to be clear you're seeing the same throughput when connecting via either WAN?
Steve
-
-
If the Server has 250Mb/250Mb. and the Client side has 300Mb/300Mb then the issue must be either server or client performance, unless you have some other limiters configured.
-
Hi @pwood999
This is clear, but what can I do?. This is the question...
Do I need to change any OVPN parameter?
No, I haven't configured any limiter on any side.
Regards
-
@ramses-sevilla said in Upstream very low compared with downstream traffic with OpenVPN Client.:
I don't understand the question.
You showed two connection cases, connecting via WAN1 or connecting via WAN2.
Do you see the same throughput restriction in both cases?
Steve
-
What hardware are your HA PfSense pair running on ?
Are you using physical or virtual machines ?
What CPU & OS does the client PC use ?Might be worth posting your OpenVPN configs (excluding public IP & secrets).
Also maybe this thread should be moved to OpenVPN forum ?
-
-
@pwood999 said in Upstream very low compared with downstream traffic with OpenVPN Client.:
What hardware are your HA PfSense pair running on ?
Are you using physical or virtual machines ?
What CPU & OS does the client PC use ?Might be worth posting your OpenVPN configs (excluding public IP & secrets).
Also maybe this thread should be moved to OpenVPN forum ?
Hi @pwood999
I am using two physical machines Supermicro SuperServer 5018D-FN8T.
The Client is a I5 with UBUNTU 18.04LTS.
Can you tell me where is the text OpenVPN Server config file in pfSense?
Regards and thanks
-
@ramses-sevilla said in Upstream very low compared with downstream traffic with OpenVPN Client.:
Can you tell me where is the text OpenVPN Server config file in pfSense?
The info you entered on the GUI config is used to create this OpenVPN server config file(s).
So, you know what's in it ;) Bcause you entered that info - or accepted default values.Look here :
/var/etc/openvpn/You'll find serverx.* files where x is the OpenVPN server number, typically 1.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.