Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Point to Point VPN Becomes VERY Slow After Hours or Days - Service Restart Fixes

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 974 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Spiffster
      last edited by

      We have four locations using pfSense (OpenVPN) to connect to our main location (Star Topology). We have a strange issue where the connection goes to crap after anywhere from a few hours to a few days. A simple restart of the client service fixes the problem every time. There are no errors shown in the OpenVPN logs.

      Each location is running a VM of pfSense 2.1.5.
      Each location is connected via Comcast Business Internet at 100/15
      When things are running like crap over the VPN, the internet connection is still full speed according to Ookla / Xfinity Speed test.

      Over the VPN I see speeds drop from 100 Mb/s to 1-2 Mb/s

      Any idea what could be causing this? Obviously its an issue with the OpenVPN client since a restart fixes things.

      Some more details:
      Shared Key
      UDP
      tun
      Interface: (Gateway Group)
      AES-128-CBC
      No Hardware Acceleration
      LZO Compression Turned ON

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Don't see any such thing ever.  Are you sure it's not lovely comcast doing shenanigans with a long-established session?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • S
          Spiffster
          last edited by

          @Derelict:

          Don't see any such thing ever.  Are you sure it's not lovely comcast doing shenanigans with a long-established session?

          I suspect this is the most likely scenario. It hasn't happened in a while now at least.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.