Poor VPN performance



  • Ok so I got a Asus ac66u_b1 wireless router. Overall very good, handles all the 9/10 devices nicely on my FTTC 70/20 service.

    But having trouble when using a VPN. Configured a OpenVPN client connection on the router and only get 25-30 dl speed. Been reading up and it seems the router can't capable of anything more.

    Soooooo. Anyone know of any routers that are capable of 70mb+ speeds. Reading some posts have hardware accelerate crypto chip thingies.

    Requirements are
    Wireless Router AC (2.4 & 5ghz)
    Budget $200 (might be willing to go up a bit)
    Not to big (around the size of the current one)



  • Should a EdgeRouterX be capable of
    SHA256
    AES-256-CBC

    At full speeds? Got one at work I could try then add a 5gh AP separate



  • Looks like the RT-AC86U should be capable of 100 or more



  • @hobbit666 said in Poor VPN performance:

    Should a EdgeRouterX be capable of
    SHA256
    AES-256-CBC

    At full speeds? Got one at work I could try then add a 5gh AP separate

    No. OpenVPN is not able to be offloaded. So throughput with OpenVPN is always a CPU issue.

    The device does not matter. EdgeRouter, ASUS, or anything else.

    The best way to get OpenVPN at high speed is pfSense on a desktop or something.



  • @jaredbusch said in [Poor VPN performance]

    No. OpenVPN is not able to be offloaded. So throughput with OpenVPN is always a CPU issue.

    The device does not matter. EdgeRouter, ASUS, or anything else.

    The best way to get OpenVPN at high speed is pfSense on a desktop or something.

    Yeah that's what I'm seeing from other forums. Basic routers are just a no go.



  • @hobbit666 said in Poor VPN performance:

    @jaredbusch said in [Poor VPN performance]

    No. OpenVPN is not able to be offloaded. So throughput with OpenVPN is always a CPU issue.

    The device does not matter. EdgeRouter, ASUS, or anything else.

    The best way to get OpenVPN at high speed is pfSense on a desktop or something.

    Yeah that's what I'm seeing from other forums. Basic routers are just a no go.

    I picked up a refurbished HP Elite 8300 SFF for $300 about 4 years ago. I loaded the free offering from Sophos and have been running it without issue. It uses OpenVPN for remote access. I also have an IPSEC tunnel setup for work.
    I did have to buy two NICs. Since it is SFF, I had to make sure that low profile brackets were included.



  • @hobbit666 said in Poor VPN performance:

    @jaredbusch said in [Poor VPN performance]

    No. OpenVPN is not able to be offloaded. So throughput with OpenVPN is always a CPU issue.

    The device does not matter. EdgeRouter, ASUS, or anything else.

    The best way to get OpenVPN at high speed is pfSense on a desktop or something.

    Yeah that's what I'm seeing from other forums. Basic routers are just a no go.

    I would definitely use pfsense or opnsense for OpenVPN.

    You could also setup a small VM and use VyOS.
    https://wiki.vyos.net/wiki/OpenVPN



  • @black3dynamite said in Poor VPN performance:

    I would definitely use pfsense or opnsense for OpenVPN.

    You could also setup a small VM and use VyOS.
    https://wiki.vyos.net/wiki/OpenVPN

    Don't have a home lab/computer at home. Only use my phone and tablet. Then if I need to do anything tasking I'll get the work laptop out.



  • @scotth said in [Poor VPN performance]

    I picked up a refurbished HP Elite 8300 SFF for $300 about 4 years ago. I loaded the free offering from Sophos and have been running it without issue. It uses OpenVPN for remote access. I also have an IPSEC tunnel setup for work.
    I did have to buy two NICs. Since it is SFF, I had to make sure that low profile brackets were included.

    Was thinking this but could I add a WiFi card and make it into a Access Point as well. Since it for home the less kit taking power the better



  • @hobbit666 said in Poor VPN performance:

    @scotth said in [Poor VPN performance]

    I picked up a refurbished HP Elite 8300 SFF for $300 about 4 years ago. I loaded the free offering from Sophos and have been running it without issue. It uses OpenVPN for remote access. I also have an IPSEC tunnel setup for work.
    I did have to buy two NICs. Since it is SFF, I had to make sure that low profile brackets were included.

    Was thinking this but could I add a WiFi card and make it into a Access Point as well. Since it for home the less kit taking power the better

    I don't think it will let you create an AP. I grabbed a bottom of the line AP from Ubiquity. Works fine