Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-3100 Slow OpenVPN Speeds <20Mbps

    Official Netgate® Hardware
    3
    4
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Shadowfeonix
      last edited by

      Howdy,

      I have an OpenVPN connection through Torguard on my network.

      I've setup my SG-3100 to use the VPN but can't seem to get it to go above 20Mbps.

      With the VPN off I can get my rated speeds of 165/30.

      If I use the app on my laptop I can get 130/25 so I expect some slow down, but I can't understand the almost 100Mbps loss.

      To head off a few questions:

      I have tried:

      • TCP and UDP
      • Port 80, 995, 1194
      • Encryption: BF-CBC, AES-128-CBC, AES-256-CBC, AES-128-GCM
      • Hardware Crypto On/Off in both OpenVPN and Advanced settings
      • Every compression option available
      • custom options:
        • fast-io;
        • sndbuf 524288; and higher and lower
        • rcvbuf 524288; and higher and lower

      I reached out to torguard support and they only said it looks like the ARM cpu is slow, but I've been searching high and low and most people's issue with the sG-3100 is they can't break 100Mbps, so I'm really not sure.

      Any thoughts or help would be appreciated.

      G 1 Reply Last reply Reply Quote 0
      • G
        gsmornot @Shadowfeonix
        last edited by

        @shadowfeonix
        The 100mb is when they use the SG-3100 as the server. What you get from a provider can vary. I get about 120mb max on mine but it is the server. More often the cellular network I’m on is the limiting factor. What I mean there is I connect to mine while on cellular so I can make use of pfBlocker while mobile. The SG-3100 is a low power ARM however and its purpose is, well, being low power. Also compact. If you need more then you you might need to get more or build more router. My older PC will provide more speed but it needs like 70 watts to run on average.

        1 Reply Last reply Reply Quote 0
        • S
          Shadowfeonix
          last edited by Shadowfeonix

          Alright, so if I take that response at face value, the Netgate would only operate with decent speeds as a host and never as a client system simply because it is low power.

          And although it is recommended a lot and used by people to access PIA (a competing VPN provider) that they are using the PIA service and providing it as a server and not a Client?

          I say all that because I did a ton of research prior to buying this firewall and what you said just doesn't add up, much like my Netgate not hitting speeds I know it should. Now I'm not saying you're wrong, just that things don't add up.

          And if that is true, I need to start searching again as this is and important aspect of my network as I put it in place. Simply I need a (hardware) system that can handle the speeds I pay for, and recommendations would be appreciated if this isn't it.

          1 Reply Last reply Reply Quote 0
          • chrismacmahonC
            chrismacmahon
            last edited by

            I would look into using IPSEC instead of the OpenVPN client connection you are using, you will see a speed improvement.

            My unit's getting around 100Mbps when on AES-128-CBC (UDP), adding SHA1 auth drops me to ~80Mbps.

            Same link using IPSec (IKEv2, AES-128-GCM), I get around 150Mbps

            Need help fast? Our support is available 24/7 https://www.netgate.com/support/

            Do Not PM For Help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.