I bought a new, fast, powerful router (1 ghz chip) recently.
Prior to installing vpn, I checked my wired and Ethernet connections via the router. I got download speeds of 25 mbps and uploads of around 10 mbps.
After I installed vpn using Toronto-based server, and using just one gadget connected to the router, I checked the speeds. Downloads slowed down to 10 mbps. UpLoads still OK at around 10 mbps.
Not sure why DL speed would decrease by 50%.
I am in the West coast of Canada and tried other servers but the speeds were even slower.
Should I change anything on my dd wrt settings to improve the speed?
I used the settings suggested in the instructables guide to setting vpn on a dd wrt router.
I went down this path. 50 Mbps fiber to my house. I had a DD-WRT capable router. I got a VPN service. Connected the router as a client, and speeds plummeted to 8-10 Mbps.
Ok, that was quite an old router. I got a new router with great specs, and VPN speed went all the way up to 10-12 Mbps. I tried stock firmware, updated that, DD-WRT, and Tomato (Shibby?), and they were all about the same.
Consumer router hardware just can’t handle the VPN encryption decryption at high speed. Look at the CPU usage with the VPN transferring data. If it’s at or near 100%, that’s your bottleneck.
So, then I found out about PfSense. /r/pfsense It’s a distribution of BSD that’s customized and hardened to be a firewall/router. It runs on just about any old PC. I got a used Core2Duo SFF PC for about $50 and it is more than enough. At full VPN load, the CPU is only at ~5%.
I have followed the advice of my vpn but to no avail:
Router MTU - decrease to between 1350 - 1450 (done)
Change host by selecting one that is fast based on speed test (done)
Change host by indicating its IP address rather than host name (done)
Change UDP port to either 1194, 8080, 53, etc. (done - tried all)
Check if ISP throttles. (done). I did a direct connection from wall to laptop and my speed went back to the full 25++ mbps.
Have a powerful router. They said 400 mhz chipset is weak. Mine is 1 ghz. Netgear r7000.
It really appears my vpn company is the problem. After experiencing 13 mbps DL the past 2 days, my speed dropped to <1 mbps this evening. It is painful and terrible.
So for starters you are on the west cost and using a Toronto server. It’s better idea to find a VPN with Vancouver server but I know it is more common for VPNs to only have Canadian servers in either Montreal or more commonly Toronto. Most probably your issue here is that the router doesn’t have enough processing power to handle the VPN. This means either buy a better router that handles VPNs much better or do as other comment said and use pfSense. In the meantime you can always just run VPN on your computer it’s self. Also using L2TP (make sure your also have IPSEC used or else L2TP won’t be encrypted) and it may preform better on your router. Also (if your VPN supports it) using a smaller key length means less computing power is needed for the VPN (eg. Use AES 128 bit instead of 256 bit and RSA 2048 bit instead of 4096 bit).
I have an Asus RT-AC87U running DD-WRT and I get 30-40Mbps down when the built in OpenVPN client is connected. Most consumer routers can’t handle VPN encryption and decryption for high speed traffic, but some can. Even at full speed, the router CPU usage doesn’t go above 50%, so I think I’m just running at the max speed of the available connection.
I am not an expert so I read a bit as well as checked the available settings.
Basically… I have wpa1 and wpa2 (both aes) …and wep. I don’t see an aes128 and aes 256. I understand wpa involves 256 encryption. I am hesitant to put it to wep.
Okay. I figured it out. My cipher encryption used to be Blowfish CBC.
I changed it to AES-128-CBC as you had recommended. I assume this has no adverse negative impact on my security settings.
Unfortunately, when i did this, I lost internet connection. So I had to revert to Blowfish CBC. Not sure why I lost internet connection (via wireless).
That sounds like your WiFi encryption - which won’t change much.
I was referring to the openVPN settings that you use to connect to PIA - If you’re using openVPN to connect (you should since the NSA has programs to eavesdrop on L2TP/IPSec + PPTP).
Okay. I figured it out. My cipher encryption used to be Blowfish CBC.
I changed it to AES-128-CBC as you had recommended. I assume this has no adverse negative impact on my security settings.
Unfortunately, when i did this, I lost internet connection. So I had to revert to Blowfish CBC. Not sure why I lost internet connection (via wireless).
Okay. I figured it out. My cipher encryption used to be Blowfish CBC.
I changed it to AES-128-CBC as you had recommended. I assume this has no adverse negative impact on my security settings.
Unfortunately, when i did this, I lost internet connection. So I had to revert to Blowfish CBC. Not sure why I lost internet connection (via wireless).
