Bypass isp throttling and blocking

ariban99

Hi
I live in hawaii and have hawaiian telecom fiber.
They seem to be throttling or blocking stuff.
I have an openvon site to site from hawaii connected to my office in las vegas with a dedicated fiber connection.
Is there a way to use this openvpn connection yo pass all internet through my office and bypass my isp throttling?
If yes, how do i do that?

viragomann

@ariban99
No idea, what the trigger for the throttling is, but yes you can route all upstream traffic over the VPN and circumvent blocking of certain protocols at least.

ariban99

@viragomann Thank you. does anyone know how to do this?

RobH 0

@ariban99 I would say lots of people do. Lawrence Systems has a great video on YouTube for setting up OpenVPN to a VPN service.

But, a VPN connection isn't going to help with throttling after a data cap is hit.

ariban99

@robh-0 do you have their link?
i dont have data cap in hawaii. but we do have throttling by our ISP. and luckily i have a dedicated fiber in las vegas and a netgate sg-3100 there and its already setup and connected with my hawaii sg-1100 via ssl site to site openvpn, i just need to know how to tell my local hawaii connection to go through my main server sg-3100 in vegas and bypass the throttling that my isp has on my connection.

RobH 0

@ariban99 It is pretty simple, go to YouTube and search on Lawrence Systems OpenVPN.

You said above they are throttling. Why else would they throttle other than data usage? Data usage is data usage. It won't matter what the exit point is, only what's going in through their service.

ariban99

@robh-0 not sure if the right word is throttling, basically netflix wont stream very well, they do something after 5pm nightly. or its simply because we are in hawaii and its about 200ms latency and maybe the vpn will help? im not sure i do want to try

RobH 0

@ariban99 It won't do a thing. If you are throttled down, you are throttled down. Feel free to try, if nothing else you'll get some more hands-on experience.

Maybe you should also look at Lawrence System's video on Bufferbloat. Again just search YouTube for those terms.

Gertjan

This is the key issue :

@ariban99 said in Bypass isp throttling and blocking:

bypass my isp

that can be done only by choosing another ISP.

Looking at web pages encrypted by TLS ( aka : https ) is not very different as traffic to some other server using TLS, aka OpenVPN, Wiregiard, etc
Your ISP can see to who you connect, and how much you send.
No less, no more.
Your ISP owns your local connection, from the fibre wall socket up into their equippement. Then they use a line all over the bottom of the ocean. They actually rent some capacity over this cable, as they don't own it. And if this pipe, the bandwidth they rented, is full, well, things get throttled down.
When you pay an ISP, you pay a bit for the local access, their equipment, general costs and a big part goes into what is called the peering into the Internet which is nothing more as a couple of interconnections to other big players : network owners, other ISPs etc.

So, instead of thinking about a software solution like VPN, what about the old method : ask around, and when you hear interesting things about throughput, test it with your own equipment / hands / head.
Now you have all the factors to ask the right questions, and the answers will follow.

Hawai <-> vegas : there is one constant you can't change : the speed of light.

viragomann

@ariban99
On the LA box you have to add an outbound NAT rules for the Hawaiian local networks. Firewall > NAT > Outbound.

If it is in automatic mode select hybrid and save this at first.
Then add a rule:
interface: WAN
source: <Hawaiian local network>
destination: any
translation: interface address

If there are multiple subnets enter a rule like this for each.

On the Hawaiian box go to the OpenVPN settings, empty the "Remote networks" box, go down to the Custom options and enter

redirect-gateway def1

Ff you also need to route IPv6 to the remote site also enter

redirect-gateway ipv6

Consider the separate multiple options by semicolons.

Ensure that the firewall rules on the LA OpenVPN interface allow the traffic to the internet.

ariban99

@viragomann said in Bypass isp throttling and blocking:

@ariban99
On the LA box you have to add an outbound NAT rules for the Hawaiian local networks. Firewall > NAT > Outbound.

If it is in automatic mode select hybrid and save this at first.
Then add a rule:
interface: WAN
source: <Hawaiian local network>
destination: any
translation: interface address

If there are multiple subnets enter a rule like this for each.

On the Hawaiian box go to the OpenVPN settings, empty the "Remote networks" box, go down to the Custom options and enter

redirect-gateway def1

Ff you also need to route IPv6 to the remote site also enter

redirect-gateway ipv6

Consider the separate multiple options by semicolons.

Ensure that the firewall rules on the LA OpenVPN interface allow the traffic to the internet.

Thats amazing and simple, thank you

ariban99

@gertjan Thank you for teaching me, i will look into throughput more