So those were his results… what is a typical overhead percentage?
Hi Matt - I don’t think there is a set percentage of overhead and a lot depends upon what server you are connecting to. The closer you are the better generally speaking.
1 Like
Could this potentially be used to route DNS requests (and DNS requests only) over the VPN to the DNS server?
Hello @brightwolf,
You can use outbound policies to direct DNS traffic over the VPN.
Happy to Help,
Marcus 
@mldowling Thanks for suggesting, I was looking into outbound firewall rules but indeed, outbound policies seem to be what I need.
I have now acquired the OpenVPN WAN license and connected it to AirVPN. However, the status remains disconnected, it tries to reconnect every few seconds but apparently fails to do so.
How could I debug this? The event log is showing nothing.
@brightwolf, can you submit a ticket and attention to @TK_Liew so we could look into your situation?
1 Like
I was able to resolve this by generating an ovpn file on AirVPN’s Config Generator specifying OpenVPN version “>= 2.5” and data cipher “automatic”. With this ovpn file uploaded to the Peplink router AirVPN connected.
Note that these settings become visible only when selecting “Advanced Mode” in the config generator. Apparently, AirVPN’s default (version: “>=2.4”) does not work with the Peplink OpenVPN WAN client.
3 Likes
Hss anyone gotten inbound traffic to work on the OpenVPN WAN? I configured a Site2Site OpenVPN server on a pfSense and built a config for the Peplink. Everything connects and from the Peplink I am able to reach anything behind the pfsense. However from the pfSense side I am unable to get to any resources behind the Peplink. I am able to ping the OVPN and LAN interfaces of the Peplink but nothing connected behind it. I do have an outbound policy configured on the Peplink and I have set both firewalls to allow any to any for everything but still unable to get any traffic through. I have attached the ovpn config.
OVPN config:
dev tun
persist-tun
persist-key
resolv-retry infinite
explicit-exit-notify
verb 3
client
#Use TLS packet to open port.
remote-cert-tls server
#Encryption Algorithm
cipher AES-256-GCM:AES-128-GCM
data-ciphers-fallback AES-128-CBC
#Auth digest algorithm
auth SHA256
#Below 2 lines is where to connect to and how
remote 10.1.1.1 1194 udp4
proto udp
#Change the below IPs to match the tunnel. First IP will need to be this device.
ifconfig 10.32.1.2 10.32.1.1
#Compression type of Server
compress
#Keep-alive every X seconds, Restart after X seconds
keepalive 10 60
ping-timer-rem
<ca>
CA goes here
</ca>
<cert>
cert goes here
</cert>
<key>
key goes here
</key>
key-direction 1
<tls-auth>
tls key goes here
</tls-auth>Were you able to get this resolved? I am having a very similar issue (OpenVPN Cloud).
Sort of, I got it working by selecting the little I next to NAT on the OpenVPN WAN and then changing it to ip forward. OpenVPN WAN for Site to Site - #3 by richard.vit I still had issues where if the Peplink disconnected for any reason the far end server would crash and I would have to restart it. Peplink support told me site-2-site via OpenVPN was not supported though so I haven’t messed with it much more.
Will the OpenVPN WAN License be available for the AP-One-AX? I am using the AP-One-AX as my main router and would love to have it.
@Gran, OpenVPN WAN is available in SD-WAN products only. AP One AX is categorized as WIFI product - Access Point.
2 Likes
Is the OpenVPN WAN License provide the means of making a Peplink Balance 20X serve as a Connector for CloudConnexa/OpenVPN?
Please note: I am specifically asking about Connectors. Not about OpenVPN in general. Thank you.
