Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Odd openVPN speed difference

    OpenVPN
    2
    3
    1515
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shizam last edited by

      I have a speed issue that makes no sense to me. I am using IPVanish and connecting as a client with the intention of having all the house computers go through the VPN.
      When Connecting to my ISP, with no VPN, I get 75Mbit down and 35Mbit upload speed. If I run the app from IPvanish on one of my PCs, I get around 40Mbit down and 25up.
      When I use my pfsense box to connect I am currently getting 19Mbit down and 25 Mbit UP!

      My system is net- modem -pfsense box -router as accesspoint -computers.

      I followed the setup  from http://forum.pfsense.org/index.php/topic,66467.0.html

      I have also changed  net.inet.ip.fastforwarding IP Fastforwarding (1)

      Which seems to help with the upload speed.

      Are these kind of speed drops normal or am I missing something in the setup out of utter noobocity? If I can get the pfsense to match the performance of the windows app I will be more than happy. Any suggestions ?
      Thanks
      S

      This is my config file.
      fast-io;route-delay 2;tun-mtu 1500;persist-key;persist-tun;persist-remote-ip;auth-user-pass /conf/ipvanish.auth;verb 3;auth SHA256;keysize 256;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA;

      This is my openvpn logfile from a manual restart (its upside down)

      Apr 5 02:04:11 openvpn[88160]: Initialization Sequence Completed
      Apr 5 02:04:11 openvpn[88160]: /sbin/route add -net 128.0.0.0 172.20.32.1 128.0.0.0
      Apr 5 02:04:11 openvpn[88160]: /sbin/route add -net 0.0.0.0 172.20.32.1 128.0.0.0
      Apr 5 02:04:11 openvpn[88160]: /sbin/route add -net 103.16.26.193 192.168.0.1 255.255.255.255
      Apr 5 02:04:09 openvpn[88160]: /usr/local/sbin/ovpn-linkup ovpnc1 1500 1570 172.20.32.127 255.255.248.0 init
      Apr 5 02:04:09 openvpn[88160]: /sbin/route add -net 172.20.32.0 172.20.32.127 255.255.248.0
      Apr 5 02:04:09 openvpn[88160]: /sbin/ifconfig ovpnc1 172.20.32.127 172.20.32.127 mtu 1500 netmask 255.255.248.0 up
      Apr 5 02:04:09 openvpn[88160]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
      Apr 5 02:04:09 openvpn[88160]: TUN/TAP device /dev/tun1 opened
      Apr 5 02:04:09 openvpn[88160]: TUN/TAP device ovpnc1 exists previously, keep at program end
      Apr 5 02:04:09 openvpn[88160]: ROUTE_GATEWAY 192.168.0.1
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: –ip-win32 and/or --dhcp-option options modified
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: route-related options modified
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: route options modified
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: –ifconfig/up options modified
      Apr 5 02:04:09 openvpn[88160]: Socket Buffers: R=[65536->262144] S=[65536->65536]
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: –sndbuf/--rcvbuf options modified
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: explicit notify parm(s) modified
      Apr 5 02:04:09 openvpn[88160]: OPTIONS IMPORT: timers and/or timeouts modified
      Apr 5 02:04:09 openvpn[88160]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.32.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.32.127 255.255.248.0'
      Apr 5 02:04:09 openvpn[88160]: SENT CONTROL [hkg-c01.ipvanish.com]: 'PUSH_REQUEST' (status=1)
      Apr 5 02:04:06 openvpn[88160]: [hkg-c01.ipvanish.com] Peer Connection Initiated with [AF_INET]103.16.26.193:443
      Apr 5 02:04:06 openvpn[88160]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
      Apr 5 02:04:06 openvpn[88160]: Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Apr 5 02:04:06 openvpn[88160]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Apr 5 02:04:06 openvpn[88160]: Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
      Apr 5 02:04:06 openvpn[88160]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Apr 5 02:04:06 openvpn[88160]: VERIFY OK: depth=0, C=US, ST=FL, L=Winter Park, O=IPVanish, OU=IPVanish VPN, CN=hkg-c01.ipvanish.com, emailAddress=support@ipvanish.com
      Apr 5 02:04:06 openvpn[88160]: VERIFY OK: depth=1, C=US, ST=FL, L=Winter Park, O=IPVanish, OU=IPVanish VPN, CN=IPVanish CA, emailAddress=support@ipvanish.com
      Apr 5 02:04:06 openvpn[88160]: WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
      Apr 5 02:04:06 openvpn[88160]: TLS: Initial packet from [AF_INET]103.16.26.193:443, sid=6a5c053c ab493169
      Apr 5 02:04:06 openvpn[88160]: UDPv4 link remote: [AF_INET]103.16.26.193:443
      Apr 5 02:04:06 openvpn[88160]: UDPv4 link local (bound): [AF_INET]192.168.0.2
      Apr 5 02:04:05 openvpn[87825]: Socket Buffers: R=[42080->65536] S=[57344->65536]
      Apr 5 02:04:05 openvpn[87825]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
      Apr 5 02:04:05 openvpn[87825]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
      Apr 5 02:04:05 openvpn[87825]: WARNING: file '/conf/ipvanish.auth' is group or others accessible
      Apr 5 02:04:05 openvpn[87825]: MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
      Apr 5 02:04:05 openvpn[87825]: OpenVPN 2.3.2 i386-portbld-freebsd8.3 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 27 2014
      Apr 5 02:04:05 openvpn[97253]: SIGTERM[soft,exit-with-notification] received, process exiting
      Apr 5 02:04:05 openvpn[97253]: /usr/local/sbin/ovpn-linkdown ovpnc1 1500 1570 172.20.32.127 255.255.248.0 init
      Apr 5 02:04:05 openvpn[97253]: Closing TUN/TAP interface
      Apr 5 02:04:05 openvpn[97253]: /sbin/route delete -net 128.0.0.0 172.20.32.1 128.0.0.0
      Apr 5 02:04:05 openvpn[97253]: /sbin/route delete -net 0.0.0.0 172.20.32.1 128.0.0.0
      Apr 5 02:04:05 openvpn[97253]: /sbin/route delete -net 103.16.26.193 192.168.0.1 255.255.255.255
      Apr 5 02:04:00 openvpn[97253]: SIGTERM received, sending exit notification to peer
      Apr 5 02:04:00 openvpn[97253]: event_wait : Interrupted system call (code=4)

      1 Reply Last reply Reply Quote 0
      • A
        a934456 last edited by

        What version of pfsense are you using?

        Just tried with the latest version 2.1.1-RELEASE and its not working with IP vanish. It gets an IP address fine but  nothing more.

        1 Reply Last reply Reply Quote 0
        • S
          shizam last edited by

          using the current 2.1.1, originally setup on 2.1.0. both connect ok.

          Try following the tutorial I linked above.

          I am having an issue with speeds and also an odd time out fail to reconnect issue.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post