I got the latest RC for 8.1.1 and purchased an OpenVPN license. I’m having some problems. I realize that this is not released yet but someone might have some hints.
I’m trying it with Windscribe which has been working very well for me with WireGuard so I think it’s a reasonably good service.
I got it working and was delighted when I went to speedtest.net and saw pretty good performance through the VPN. But then when I browse to some sites such as CNN it just hangs and times out. That sounds like a MTU issue so I’ve been fiddling with the MTU and got it somewhat better and even managed to reverse which sites work and which don’t but never achieving consistent good performance.
The uplink is cellular on AT&T. Using that directly, I’ve found that MTU 1430 works well. I played around with ping to determine that by trial and error.
A couple of questions:
What should be the relationship, if any, be between MTU on OpenVPN and the uplink? If the uplink is 1430, what should OpenVPN be?
Windscribe gives me the following choices before generating a .ovpn file.
Protocol: TCP or UDP
Port: About 10 in a dropdown list.
Cipher: AES-CBC or AES-GCM
What would be good choices? I’ve mostly been playing with UDP, port 1194, AES-CBC.
Hi @tetranz, I’m not a guru and can’t answer all your questions, but I’ll suggest to start with UDP port 443/1194 using AES-GCM.
I’m using Windscribe as well and the config files work well on another router for both OpenVPN and Wireguard.
However, I haven’t been able to get the same .ovpn config files to work on Surf Soho MK3 with the OpenVPN license. I have factory reset and reinstalled the firmware, but haven’t been successful yet.
When I try AES-GCM the Pepwave reports a .opvn file error. I don’t know if that’s a Pepwave bug or Windscribe generating a non-compliant file.
It’s frustratingly close but not quite there. I’m getting really weird results like I can go to cnn.com on Firefox and it mostly works but Chrome on the same computer completely times out with no connection. I know that doesn’t make much sense from the LAN but that’s what’s happening. It all works well without OpenVPN.
It’s not a critical requirement for me. I was happily using Windscribe and WireGuard with another router so I thought it would be nice to continue with it.
Thanks. That got rid of the error but it still doesn’t work well. It sounds like Windscribe’s OpenVPN might be a bit old or something.
I think I’ll have to give up on this for now. I guess I could build my own OpenVPN server at somewhere like Digital Ocean but if I do that I may as well build a FusionHub server.
I installed OpenVPN on a server that I already have at Linode. That works fine with the Pepwave MAX BR1 MK2 so I guess there is some incompatibility with Windscribe.
That could be a DNS issue. Each web browser can be configured to use a different DNS provider. Then, there is DNS in the OS, then there is DNS from the VPN. To see what DNS servers are being used in each browser, there are tests here
Off-topic. I love the ROBERT feature of Windscribe. To borrow from Jerry Seinfeld - it makes me the master of my DNS domain resolutions.