Router Recomendation For VPN Use

[Xentrk]

I use PIA and when using the windows client I see speeds of around 250 Mbps down 450 up. With my 86U I get around 220 Mbps both ways. I'm using UDP on port 1198 with the following settings:
Data encryption: AES-128-CBC
Data authentication: SHA1
Handshake: RSA-2048

Any reason why you are not using the AES-128-GCM cipher? It will be faster than CBC. But your speeds are already some of the fastest OpenVPN speeds I have seen on the net.

 

[doczenith1]

At one point I tried to set the router vpn client to use GCM and couldn't get it to connect. Could have been user error. I know that the PIA Android app now supports GCM. With the 5/22/2018 version of PIA's windows client under data encryption they offer AES-128 and AES-256 with no mention of CBC or GCM and then for Data Authentication they offer SHA1 and SHA256. On the Android app when selecting one of the GCM encryption methods the data authentication can no longer be changed and states "AEAD ciphers like AES-GCM use an integrated authentication mechanism. This leads me to believe that they are not using GCM with the Windows client. I factory reset after updating to 384.5 and have not setup the vpn client again. Perhaps I'll give it another shot.

 

[doczenith1]

I setup the vpn client again. The first screenshot are the defaults from the ovpn file. I was able to connect just fine.

I then made the following changes and it appears to connect but I'm unable to access the internet. I tried both "default" , "SHA1" and "none" for the Auth digest with no luck.

I added :AES-128-CBC to the list of negotiable ciphers and that didn't help. I then added AES-128-CBC to the legacy/fallback cipher and it started working.