• SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Good openvpn router

loady

Senior Member
My plight is I am talktalk UK and have Thier WiFi hub, the signal I get upstairs is useless, I have an N66U that I had had working as a repeater and now have it wired to the ISP router by power lines, I have a server connected to the N66U and need openvpn, I can get it working but the limitation on bandwidth is not acceptable for me, internet traffic is severely reduced, where I would get 40mbs whilst ovpn server is not connected, when it is the speed is around 7mbs on the device running the client connecting to N66U.

It's been suggested my router doesn't have the power to run ovpn well, someome suggested the Netgear r7800 and would be much better, I would like suggestions of routers that will perform well with opvn running Asus Merlin , also would be nice to have the option to put DD-wrt on it, I'm looking to spend around £150
 
Powerline
You mention that the TalkTalk modem-router and your RT-N66U upstairs are connected by powerlines, which limit the speed to 40Mb/s. Inevitably, any server connection using OpenVPN could never exceed this speed.

Much better would be to run an ethernet cable but you probably already thought of this and dismissed the idea as too difficult in your building.

OpenVPN
If you have a server upstairs and want to access it remotely while travelling, you will need to set up OpenVPN server. The RT-N66U is generally considered underpowered for this.

Much better would be the Asus RT-AC86U which has very good performance when using OpenVPN. If you are in the UK, I saw it advertised this morning for GBP159.

I look after 3 RT-AC86U's, all running OpenVPN server. The performance is limited by the *upstream* speed of the connection to the respective ISP, so in some cases it is not fantastic but it is sufficient for my needs. (This is a limiting factor of the connection, nothing to do with the RT-AC86U or OpenVPN itself.)

Some on the forum have reported problems with the radios on this model - all I can say is that I look after 3 RT-AC86U's and have not have any problems. Mine were manufactured in 2017, 2018 and 2019.

Unless I am mistaken, OpenVPN server can be set up on the RT-AC86U only if you have it in router mode (not Access Point).

Configuration
What I would be tempted to do would be to switch the TalkTalk home hub (modem-router) into bridge mode (so it does not do any address translation). Then, install the new RT-AC86U (in router mode) right next to it and connect a LAN port to the RT-N66U upstairs which you can then put in Access Point mode. If you can run ethernet from your server to the RT-N66U, so much the better.

But do you have line land phones connect to the TalkTalk home hub ? You would have to check if they could still be used if you put the home hub into bridge mode.

If not, then you would have to leave the TalkTalk home hub in router mode. You would have a double NAT situation and would have to change the port forwarding settings on the TalkTalk home hub to forward incoming VPN traffic to your RT-AC86U.
 
So you both selected the same router, would you say that it would out perform the Netgear R7800 ?, I read that R7800 had radio issues to.

In answer to your config, I have done bridge mode on the the last isp router but I heard that this WiFi hub no longer let's you, I've not tried again as I was getting limited bandwidth before, my upload is 10mbs here and ample enough to stream a film remotely. I also had a much older RT N16 as the repeater and was wirelessly connected to the ñ66u which was attached right next to previous ISP router which was in bridge mode, I didn't want three routers running, at least with an Asus I can use the merlin firmware and ddwrt if I want to tinker.
 
AFAIK there's no version of DD-WRT for the RT-AC86U because it has an encrypted boot-loader.

You mention that the TalkTalk modem-router and your RT-N66U upstairs are connected by powerlines, which limit the speed to 40Mb/s.

Powerline speeds depend greatly on an individuals particular setup. In a similar setup to the OP I get 110Mbps depending on which ring main the socket is connected to. That's using the "old" style 500Mbps adapters.
 
So you both selected the same router, would you say that it would out perform the Netgear R7800 ?, I read that R7800 had radio issues to.


I don't have experience of the Netgear equipment, but so far I have owned 6 Asus routers and liked them. None gave me any problems (looks for large block of wood to touch). Asus also keeps supporting its products (firmware revisions) longer than the average router vendor.

Another advantage of Asus is that you can load RMerlin's firmware, which is generally more stable than the stock Asus, and has some cool features. Merlin is based on the stock Asus formware (but with improvements), so length of manufacturer's support is still relevant, even if you load the Merlin firmware instead.

For me, all of the above are more important than raw performance, so I never investigated that angle. There are performance tests elsewhere on the forum.


In answer to your config, I have done bridge mode on the the last isp router but I heard that this WiFi hub no longer let's you


If your TalkTalk home hub (modem-router) cannot be put in bridge mode, you will have a double NAT situation. In this case, you will need to set up a DDNS service with a DDNS provider, so you can find out your TalkTalk modem-router's public IP address while travelling. The later versions of Merlin-AsusWrt have a cool feature whereby the public IP address *of your TalkTalk modem-router* is notified to your DDNS provider, rather than the WAN address of the Asus. (Select "external" on the WAN/DDNS configuration page.)

You will also have to set up your TalkTalk modem-router so that it always gives the same IP address to the WAN port of your Asus, and you will have to set up port forwarding on the TalkTalk modem-router so that incoming VPN traffic is forwarded to this address.

Hopefully both these features are available on your TalkTalk modem-router :-)
 
AFAIK there's no version of DD-WRT for the RT-AC86U because it has an encrypted boot-loader.



Powerline speeds depend greatly on an individuals particular setup. In a similar setup to the OP I get 110Mbps depending on which ring main the socket is connected to. That's using the "old" style 500Mbps adapters.

Speeds on my network are not the issue, my top speed is 40mbs from isp and download is 10mbs so the N66U handles it no problem, the problem i was getting was connecting to ovpn on say a laptop at another address, the internet speed was throttling, but as you mentioned, it would seem all my internet traffic was passing through ovpn, i really like the simplicity of asus Rmerlin.

Is support for the asus you suggested still going strong, firmware updates etc
 
I don't have experience of the Netgear equipment, but so far I have owned 6 Asus routers and liked them. None gave me any problems (looks for large block of wood to touch). Asus also keeps supporting its products (firmware revisions) longer than the average router vendor.

Another advantage of Asus is that you can load RMerlin's firmware, which is generally more stable than the stock Asus, and has some cool features. Merlin is based on the stock Asus formware (but with improvements), so length of manufacturer's support is still relevant, even if you load the Merlin firmware instead.

For me, all of the above are more important than raw performance, so I never investigated that angle. There are performance tests elsewhere on the forum.





If your TalkTalk home hub (modem-router) cannot be put in bridge mode, you will have a double NAT situation. In this case, you will need to set up a DDNS service with a DDNS provider, so you can find out your TalkTalk modem-router's public IP address while travelling. The later versions of Merlin-AsusWrt have a cool feature whereby the public IP address *of your TalkTalk modem-router* is notified to your DDNS provider, rather than the WAN address of the Asus. (Select "external" on the WAN/DDNS configuration page.)

You will also have to set up your TalkTalk modem-router so that it always gives the same IP address to the WAN port of your Asus, and you will have to set up port forwarding on the TalkTalk modem-router so that incoming VPN traffic is forwarded to this address.

Hopefully both these features are available on your TalkTalk modem-router :)

Is that DDNS service to be set on the talktalk router ?..i have DDNS setup on N66u currently, anyhow those option are available on this talktalk router
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top