Recent content by cosmoxl

a box with a CPU with AES-NI running pfsense will do high speed openvpn. mine will theoretically do 347mbit/s with AES-256-CBC. You can still use your wifi router as an access point behind such a router/gateway. credit goes to: https://forum.pfsense.org/index.php?topic=105238.msg616743#msg616743

if the AirVPN config is putting the explicit exit notify line in the custom config, remove it. it causes problems even though Merlin has tried to work out those bugs.

if using policy based routing and the option to block routed clients if the tunnel is down the "kill switch" works. when setup like this if you turn off the VPN client manually VPN tunnel routed clients will be unable to access the internet. if it's not working that way there's a problem...

I couldn't connect to my cable modem because of an openvpn client policy routing rule forcing all LAN clients through the VPN. I had to create a separate rule allowing lan clients to reach 192.168.100.1 via the WAN.

remember you can insert IP ranges e.g. 192.168.178.0/24 to route to either the WAN or VPN. then rules for individual IP addresses to create exceptions to the IP range rule.

then on the router you use the openvpn client. for the best results you'll want to purchase a quality VPN service. you then use the openvpn client on the router to connect to the servers of the service you purchased.

are you using openvpn server on the router?

I have not used it from China. But, there are some who do in their forum. It's a gamble whether it will work or not. I think some VPN IP addresses are blocked so you won't even be able to connect. But, you should be able to get a free trial so you can test.

you might give AirVPN a try. They offer openvpn through an SSL tunnel. Since we can install entware you can then install stunnel to run the SSL tunnel. just download config files for linux, not router.

are you using the test build which is the subject of this thread?

there, made a siggy. :)

I'm still using 378.55 which doesn't have that option. I've been waiting for the wifi kinks of the AC68 firmware to get worked out.

yes, backup and restore the jffs scripts. I guess there is an automated tool that does this but I just do it manually.

I just wanted to chime in here speaking with regard to CTF and openvpn client usage on my AC68. I disabled CTF long ago because when enabled I noticed that I was getting lots of "leaks" around the VPN tunnel. These "leaks" were connections that were established prior to VPN tunnel creation...

somebody else would have to answer this. I don't know.