High packetloss with VPN
-
I'm in the same boat. I've recently upgrade to 2.5.1 from 2.4.5 CE and my VPN connection to PIA (Private Internet Access) is behaving similarly to your issue. As soon as traffic began to saturate the vpn connection, the packet loss starts to climb and vpn connection eventually shows offline as soon as the packet loss went above 50%. If I stopped the high traffic going to the vpn gateway, the packet loss % slowly decrease then the vpn gateway shows it's back online and packet loss back to 0% again. I've tried using different servers and switching between tcp/udp tunnels but it still exhibits the same behavior.
I've reverted back to 2.4.5 and the vpn connection worked correctly and did not go offline with the enormous amount of packet loss as in 2.5.1. So at this point, I have my main pfsense box running on 2.4.5 since the vpn connection seems to be more stable on that version. I have 2.5.1 loaded on another box so I can tinker with the settings and do some testing to see if anything will eliminate this issues!
-
I have been having packet loss issues as well. I used to maintain 4 client connections for failover purposes but there is so much packet loss that it's unusable. Are you experiencing extreme lag on the web interface as well?
-
Hi all
I have a resolution of sorts but I'm not sure its going to help you guys.
It turns out I have a line fault on my new fibre connection, something about the fault is causing the VPN to lose packets and eventually drop but the WAN connection apparently stayed connected, sneaky.
So it has come to pass, I have transferred from Virgin, they of the two bob modems, to Plusnet, home of the riddled fibre. That said Plusnet customer service was spot on and they promise a fix tomorrow so I may forgive them.
If you are with Virgin in the UK its not impossible the original issues in my post above are affecting you, their superhub is indeed shite.
-
I'm also facing the similar issue after upgrading to 21.02.2 on Negate SG-5100 device. I have setup for two opnvpn clients from a VPN provider. After upgrade only one VPN client is working and other VPN client is not passing any traffic even it's status is up, i did client setup again and changed the cipher setting but nothing helped to resolve this issue. I also tried recovering my back from old version, but that also didn't helped.
Seems downgrading the Pfsense version or waiting for fix from Netgate is only option.
Gian
-
@gianeshwar0201 I wish more people with issues related to this would chime in so the problem will be acknowledged. At this point the only way they will fix it is if it's by accident. When I attempted to submit it as a bug last week it was dismissed for not having enough information. I've rolled back to 2.4.5p1 myself.
-
In my case, the lag increases as the packet loss increases. Once the packet loss gets too high , everything stop working and the VPN status shows offline. If the vpn gateway is not saturated, all traffic flows normally with no packet loss or lag.
This issues is definitely tied to OpenVpn on 2.5.1 and not the VPN provider. I've signed up for a NordVPN account to see if it's PIA that is the the culprit but it behaved the same on both providers. However, both VPN service had no issues with packet loss on my box running 2.4.5.
So at this point , I'm wondering if there is incompatibility issue with the OpenVPN version running on 2.5.1 and what the VPN providers are running. Does anyone else use a different VPN provider other than PIA and NordVPN with similar issues, please chime in.
I'm still doing more tests on the 2.5.1 box and shifting through the log files so I'll post here if I see something.
-
@ibquan I'm having issues with opnvpn clients setup for Surfshark VPN provider. Prior to update to pfsense+ 21.02.2 /2.5 all clients worked fine.
Gian
-
Hi! I’ve had TorGuard openvpn running with multiple connections and policy based routing when I was on pfsense 2.5.0. Once I setup the monitoring up correctly it was pretty stable. It was running for days without a glitch. But being 2.5.0 I had unbound problems and off course the big port-forwarding-is-kaput-on-multi-wan, so I went back to 2.4.5 -p1. I suggest you do the same and secure wipe 2.5.x, nuke the installer and burn the usb you used to install it. Joking
, but 2.5.x releases are headache. -
@ibquan for me the OpenVPN issues started after 2.5.1.r.20210403.0300 I'm not sure when the new version of OpenVPN was added to the mix but it being an OpenVPN issue seems quite possible.
-
Update - after downgrading to Pfsense+ 21.02.P1 version my VPN issue is resolved. I'll do more tests on Pfsense test box if i'm able to resolved issue with 21.02.02 version. I didn't do any configuration changes to resolve this issue other than installing prior version.
Gian
-
@gianeshwar0201 Every solution I've seen has been to roll back. I don't think this issue is even on Netgate's radar until someone can successfully convince them that this is a problem and it's submitted on pfsense Bugtracker. I tried but it was dismissed. I believe these forums rely on user helping user so I'm not sure if they even monitor what's going on here.