Some questions please
-
I thought you said you were getting a public IP.
"I went again to my provider and asked about the DDNS, and they made me a better offer."
-
@jknott said in Some questions please:
I thought you said you were getting a public IP.
"I went again to my provider and asked about the DDNS, and they made me a better offer."
Yes I am getting (already have) a Public IP address (1.4.x which shows both in the Wan Section of the ISP Router and in What's my IP), but the question from @johnpoz was about them putting the ISP modem in Bridge Mode so that the Pfsense can handle everything and that they refused to do that.
Edit: Or do you mean something else?
-
Sorry of this is off topic, remove if it is.
Question, about connecting to a remote server through a VPN when the local network subnet address is the same as the remote network.
My friend started to get enthusiastic what I am trying to do with the pfsense. His network is identical as mine (so 10.0.0.0/24 for the lan same as mine)
When setting up the VPN server in his ASUS when connecting with an iPhone via 4G it works great, but when connecting with the PC in my House I can't connect.
VPN is connected and it also shows in the Asus that I am connected.
My Guess it has something to do with that the local network subnet address is the same as the remote network. (Both 10.0.0.0/24)
Correct or am I missing something here?
-
@iammike said in Some questions please:
Correct or am I missing something here?
Your not... Why would traffic go down a vpn tunnel to get to 10.0.0.X if 10.0.0 is the local network..
Use something different than 10.0.0, its COMMON! Just like 192.168.0 or 192.168.1 are.. Use 10.42.0/24 for example for your network.
Then you don't have a problem except for the idiots using 10/8 for their local network ;)
-
Thx for the confirmation.
Now I have to start arguing with my friend on who is going to change their network
Thx again, really appreciated.
-
There are ways around it with nat.. But why, when you both should change to something not so "common"
-
@johnpoz said in Some questions please:
There are ways around it with nat.. But why, when you both should change to something not so "common"
Thx, but no I don't want that (read: ways around it). I am just experimenting with this (on the ASUS) till the pfsense arrives, and this exercise was a good learning experience.
And using the pfsense for this will be the goal (and I think my friend is going to order one as well) and the ASUS will end up being only a Wifi AP.
So any range in the 10.0.0.0 would do?
For example
Me 10.124.0.0/24 and him 10.95.0.0/24 ?
Ps: Why these numbers they are our house numbers
-
ASUS routers get regular updates as well as pfsense.
They have WIFI built in andcan do MESH which is important if you have a multistory house.
Pfsense is a homelab/small business firewall and nothing else.
-
@cool_corona said in Some questions please:
ASUS routers get regular updates as well as pfsense.
They have WIFI built in andcan do MESH which is important if you have a multistory house.
Pfsense is a homelab/small business firewall and nothing else.
Thx for your comments, but
-
I think the pfsense is a better firewall then the Asus (and it also has more options for example the ASUS VPN server only has PPTP and OpenVPN) and reading the threads on here, I think I am right about this!
-
I will keep the Asus but only as a WIFI AP (and my RT-Ac58u though it supports OpenWrt (and the installation goes way over my head (this requires soldering a pin header on the router PCB.) https://openwrt.org/toh/asus/rt-ac58u
-
Even if the Pfsense is only a small business firewall I don't mind spending the 179 USD (exclu Shipping) to try to know a bit better or I could have saved 179 USD and bought something on AliExpress but Id rather have the real deal to tinker with.
Maybe it's not right for me but I really don't mind the learning experience in doing so! And thanks to @johnpoz and @JKnott and the whole forum I think I am getting my monies worth
-
-
Do yu plan to use many VPN services at any given time?
ASUS supports OpenVPN and it doesnt fit your purpose?
-
@cool_corona said in Some questions please:
Do yu plan to use many VPN services at any given time?
ASUS supports OpenVPN and it doesnt fit your purpose?
Maybe not, but am I not allowed to use the pfsense for this and must I use the Asus just because I have it?
Just want to expand my experience/knowledge
-
@iammike said in Some questions please:
just because I have it?
Yes - your not allowed to switch your devices. Once you buy X, your locked in to using X forever. You can never switch brands, you can never move to more feature rich anything..
You can never out grow this device X, and must use it now until the end of time.
Nor can you leverage it anything else but your 1 everything box /S
Did you not read the small print on the EULA you agreed to when you fired it up the first time? hehehe
-
This post is deleted! -
@johnpoz said in Some questions please:
@iammike said in Some questions please:
just because I have it?
Yes - your not allowed to switch your devices. Once you buy X, your locked in to using X forever. You can never switch brands, you can never move to more feature rich anything..
You can never out grow this device X, and must use it now until the end of time.
Nor can you leverage it anything else but your 1 everything box /S
Did you not read the small print on the EULA you agreed to when you fired it up the first time? hehehe
Maybe you should explain that to the other guy
-
We changed my friends local subnet to 10.95.0.0/24 and it works perfectly when connecting from my house. But the speed (for example FTP) is very slow only a max of 3Mib. (FYI: Our internet speeds are way faster than that) So that is barely enough to use Plex :
Maybe this has to do with the Openvpn that is available on the Asus as all our Nics are capable of 1Gib, so can't wait to test the Netgate 1100
-
@iammike said in Some questions please:
is very slow only a max of 3Mib.
What are the speeds of the 2 different connections? If site A upload is X, then site B would only be able to download at X-overhead..
Your speed is going to be limited by many factors, but you can not download faster than what it can be sent at - regardless of your servers local interface speed..
-
@johnpoz said in Some questions please:
@iammike said in Some questions please:
is very slow only a max of 3Mib.
What are the speeds of the 2 different connections? If site A upload is X, then site B would only be able to download at X-overhead..
Your speed is going to be limited by many factors, but you can not download faster than what it can be sent at - regardless of your servers local interface speed..
I understand, but my speed is (+/-) 300/300 and his speed is (+/-) 1000/500! (Both on Fiber)
His upload to for example Onedrive is around 42MiB
Edit: I am regularly downloading stuff from a friends site back in Europe and I sometimes reach speeds of 10MiB+/- (and this was before the speed increase)
edit2: I don't know if it helps, but this is a ping (when the vpn is active) to his router
Pinging 10.95.0.1 with 32 bytes of data:
Reply from 10.95.0.1: bytes=32 time=18ms TTL=64
Reply from 10.95.0.1: bytes=32 time=18ms TTL=64
Reply from 10.95.0.1: bytes=32 time=18ms TTL=64
Reply from 10.95.0.1: bytes=32 time=18ms TTL=64Ping statistics for 10.95.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 18ms, Average = 18ms -
Well the latency is good, and if your speeds are both that high.. Then yeah something else holding it back.. While there is some overhead with vpn, it wouldn't account for such a drastic reduction.
What are the 2 boxes working as the vpn devices in this case - both asus routers?
Take the vpn out of the equation for a test. And just ftp via your normal connection.. This will take your ftp server, disk, and the like out of the equation for what could be slowing it down.
If you get X without vpn, and then only Y with the vpn - then yeah you know its something with the vpn.
-
@johnpoz said in Some questions please:
What are the 2 boxes working as the vpn devices in this case - both asus routers?
Yeah both are ASUS one is RT-AC67U and the other a RT-AC58U
@johnpoz said in Some questions please:
Take the vpn out of the equation for a test. And just ftp via your normal connection.. This will take your ftp server, disk, and the like out of the equation for what could be slowing it down.
If you get X without vpn, and then only Y with the vpn - then yeah you know its something with the vpn.
Will report back, have to test this and need some more port forwarding to do this, because all traffic is going through the VPN now.
Thx
-
Finally had some time to test this.
VPN Server via Asus - FTP download speed around 3Mib
NO VPN Server - Port forwarding Ftp around 5 MibNow we also tried it with a higher spec router (instead of the AC-56U we used a ASUS AC-86U) and the speed were only a bit better.
VPN Server via Asus - Ftp download speed +- 4 MiB
No VPN Server - Port forwarding FTP speed +- 7MibNow I just recently received my package from the US with the SG-1100 and going to set it up at my friends house and put the Netgate in the DMZ of his ISP Router (Non Bridged) and see what that brings us. (speed wise)
