Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    (SOLVED) There are moments when OpenVPN is extremelly slow with good connections

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • SipriusPTS Offline
      SipriusPT
      last edited by

      Hello guys,

      I have been noticing that some times users got slow connections from client to side, but each connection is 100/10 Fiber or 21/21 4G. There is no bottleneck between each point.

      From several random connections that I have made from 4G, some times I got some kind of bottleneck in Upload or Download, and dont know why.

      When I noticed some bottleneck in VPN connection, just to confirm, I made speed tests and exit the connection and then made another speed test.

      There are some imgs attached, with some tests that I have made using the same connection.

      In system logs, there are no errors as well as in user sides.

      I am able to share the openVPN server config if want.

      Anyone knows or have saw this problem before?
      Screenshot_2017-05-28-22-20-01.png
      Screenshot_2017-05-28-22-20-01.png_thumb
      Screenshot_2017-05-28-22-20-48.png
      Screenshot_2017-05-28-22-20-48.png_thumb
      Screenshot_2017-05-31-00-57-44.png
      Screenshot_2017-05-31-00-57-44.png_thumb
      Screenshot_2017-05-31-00-58-29.png
      Screenshot_2017-05-31-00-58-29.png_thumb

      1xSG-4860-1U
      1xSG-3100
      2xpfSense Virtual Machines

      1 Reply Last reply Reply Quote 0
      • SipriusPTS Offline
        SipriusPT
        last edited by

        Those users with issues are using Windows.

        At first I have set openVPN server without forcing that tunnel to be used as a internet gateway, and I had users(I set 3 users to be my beta testers, two windows and one linux) saying that sometimes they was losing the capability to use internet and connect to devices in the other side of the tunnel. Just Windows users had report this problem. In both server and client sides logs, there was no errors.

        From tests that I have made with the previous server config, I tested from another network in this router who is doing the openVPN server, and never encounter such problem, and I have used it for weeks. I have also use it in two laptops and my smartphone at home, simultaneous and I have not found any problem.

        For this purposes I was thinking that could be an issue with DNS's, so I activated this tunnel to be used as internet gateway.

        After this I start to pay more attention with my android and notice that sometimes, like 1 in 5 attempts, I had a problem with connection speed.

        I have just noticed this issue in android. Right now I will use another device with 3G to use as a client, and see if I can repeat this failure point, but in windows.

        In this server there is no lack of resources, at least with 1 connection doing a speedtest, CPU usage doesnt pass from 10%.

        Router Firewall: Netgate SG-4860

        OpenVPN server config:

        UDP

        tun

        DH Parameter: 1024

        Encryption Algoritm: AES 128 CBC

        Auth digest algoritm: SHA256

        Hardware crypto: BSD cryptodev engine

        Cert depth: One

        Compression: Adaptive compression

        Duplicate connection: yes

        Block Outside DNS: yes

        Force DNS cache update: no
        OpenVPN client config:

        dev tun

        persist-tun

        persist-key

        cipher AES-128-CBC

        auth SHA256

        tls-client

        client

        resolv-retry infinite

        remote x 1194 udp

        lport 0

        verify-x509-name "x" name

        auth-user-pass

        pkcs12 pfSense-udp-1194-fabio.p12

        tls-auth pfSense-udp-1194-fabio-tls.key 1

        ns-cert-type server

        comp-lzo adaptive

        1xSG-4860-1U
        1xSG-3100
        2xpfSense Virtual Machines

        1 Reply Last reply Reply Quote 0
        • SipriusPTS Offline
          SipriusPT
          last edited by

          So I have finally discovered the source of this problem. And I would like to share with you, if you encounter the same issue.

          Seems like one ISP was doing traffic shape, and from what I have saw seems like they are targeting UDP packages. I have not test it to be sure because I have changed both UDP to TCP and also the port number to another non official.

          In Portugal I have tested this VPN with MEO, NOS and Vodafone, and the ISP that I am talking belongs to Vodafone.

          1xSG-4860-1U
          1xSG-3100
          2xpfSense Virtual Machines

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.