What's new

I may have a silly question regarding VPN and XT8 - please be nice

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I would give Nord another shot and use the Nordlynx (WG) instead for faster speeds. I tested a bunch of different providers last year when I was up for renewal and Nord had the best speeds and least amount of fuss for their app vs the others. OVPN is a legacy bloated protocol and while it worked fine for speeds up to 100mbps it can't handle the speeds we have today.

I use it on my DIY router to protect the whole network. If you don't want to go full DIY you can probably piece together a SFF PC to run the VPN from and redirect all traffic to pass through there for protection and speed. I would put Linux on it and setup the app to autoconnect when booted. On the devices you want protected just set their gateway to the IP you assign to it. Or use the app on each device individually as needed. $2/mo isn't a bad option to keep your privacy. Use Rakuten or RetailMeNot to get 20-30% back.
 
I don't know if I elaborated on my NordVPN experience. I read reviews they were the fastest - and the price was right. I purchased - installed and connected to a server near me (VA) - I don't know if NV suggested it. Speeds were atrocious. So I switched to NY. Speeds were okay Down - but Up was terrible. So I decide to connect with online support. I was on support for 1 hour - they had me test 10 different servers - 4 out of 10 I could connect - the remaining servers gave me an error on download - but mostly upload. The support person had me change my DNS settings - had me test each server - then asked for a screenshot of all my installed apps. That's when I canceled. It seemed like we were turning around in circles. My experience with Free ProtonVPN - signup up for free - DL SW - See servers in my area - connect to one - and speeds were fast. PV even has a button - Fastest - and yes it chooses the fastest server in my area. The issue with free - one connection - not the fastest servers - streaming services - not supported. NordVPN App interface was horrible - finding a server was a nightmare - servers lists were not numerically sorted - I had to use the search feature to find the servers Support Person recommended. IF NordVPN recommends a server - and they suck - this concerns me. Oh and yes I tried OpenVPN - and then their Nordlynx. Nordlynx was slower. I could have spent the next few days trying all sorts of connection - options - etc... I like quick and easy. At the moment - at least initially - ProtonVPN wins. Though they are more costly. I'm thinking about PIA or CyberGhost. PIA is in USA so that is concerning - ProtonVPN is in Switzerland (they claim to protect your data) and CG is in Romania. I know Nord is in Panama. For me - SPEED!!!!! then cost his most important. I don't do illegal things in my home - so I guess Country of Origin isn't that important - it would be nice to have a no spying/logging policy.
 
https://api.nordvpn.com/server - this is the page that gets pulled by the client app to select servers.

I tested CG, Torguard, and a couple of others primary focus on WG providers for the speed. Speeds weren't awful but they weren't great and the app on some wouldn't launch until there was a login. Well, my server is headless and I don't login to it and use it like a normal PC. This would have required setting up an auto login function post-boot to launch the app and connect. I didn't want to leave the server w/o a login prompt though on boot. Other apps were just a PITA to deal with or wouldn't configure / setup / install due to running beyond their preferred kernel / version written into their setup scripts. I hacked the scripts on a couple to get them installed and tested.

Another top contender w/ privacy as a focus is Mullvad but, they're double the cost of Nord @ 5 euros/mo.

I didn't test PIA though for some reason I don't recall specifically. It's possible it was price or lack of WG at the time. Maybe their privacy location of incorporation?

If VA / NY servers aren't fast enough which is a total possibility on Nord try other regions like Dallas / LA / SEA. When I run a test on servers for load / top 10 it typically spits back servers in LA for some reason being under utilized. Letting the app pick a server is a 50/50 gamble of getting good BW IME. I use the command line to connect which after documenting speedtesting results allows to specify easily which server to connect to. Also, Nord changes servers / IP / ISP's constantly for better performance.

For me a couple of the fastest servers are - us9159 / us8099 / us9170

On my list tough I have at least 25 servers that give line speed throughput using WG. The only issue I run into with some of them is with banks not allowing access from some but allowing it from others.
 
I posted the on another forum:

So what's worth here's an ongoing Speedtest from PCMag for a number of different VPNs:

https://www.pcmag.com/reviews/mullvad-vpn

Look further down the article.

PIA is number one - then CyberGhost - then ProtonVPN - Then StongVPN - then Mullvad -then etc...

PIA - $2.03/mo-3 years - hard to find server # on site - google search says 30000 servers - 10 simultaneous connections- USA based

Cyberghost - $2.29/mo - 3 years - 7900 servers - 7 devices - Romania based

ProtonVPN - 6.63/mo - 2 years - 1600 servers - 10 devices - Switzerland

StrongVPN - $2.47/mo - only 1 year - 950 servers - 12 connections - USA

Mullvad - 5 euros (forever?) - 800 servers online - doesn't say number of connection on site - Sweden

I'm sure speed tests can be put into question. So I then would look at cost/number of servers.# of concurrent connections and then I guess Country of Origin. What I fear is purchasing VPN and then finding out speeds suck. Right now ProtonVPN free is awesome.
Pinging your router's WAN ip (which is what pinging the DDNS does) is only going to work if you allow such pings on the firewall configuration, which is normally disabled by default on most firmware. This has NOTHING to do w/ the VPN. But you should be able to ping the router's *LAN* network interface now (e.g., 192.168.1.1), at least if you have specified either LAN only or Both on the OpenVPN server config.
eibgrad,
I connected to VPN using mobile on 5G. I added OpenVPN app + Net Analyzer App. As stated before when I connect using OpenVPN it seems to connect fine - I see my DDNS address - along with my Dynamic DNS address assigned by ISP. When I ping - some packets get through but most fail. So I read that this is maybe due to Firewall settings. So I shutdown my firewall and rebooted - all pings were answered. So I decide to turn on firewall - and enable "Respond ICMP Echo (ping) Request from WAN" most if not all pings are not returned. I don't want you to be my Network Admin - just trying to bounce ideas off you. Do you know what I have to do to reliable ping my DDNS OpenVPN Server in the outside world? When I setup OpenVPN server I enabled :"Push LAN to clients" "Direct clients to redirect Internet traffic" "Respond to DNS" & "Advertise DNS to clients". I would think this is enough to allow remote clients (using my Login?PW) would be allowed access to my LAN. What did I do wrong? Any links/sites/education you can direct me to would be great. Thanks
 
I connected to VPN using mobile on 5G. I added OpenVPN app + Net Analyzer App. As stated before when I connect using OpenVPN it seems to connect fine - I see my DDNS address - along with my Dynamic DNS address assigned by ISP. When I ping - some packets get through but most fail. So I read that this is maybe due to Firewall settings. So I shutdown my firewall and rebooted - all pings were answered. So I decide to turn on firewall - and enable "Respond ICMP Echo (ping) Request from WAN" most if not all pings are not returned. I don't want you to be my Network Admin - just trying to bounce ideas off you. Do you know what I have to do to reliable ping my DDNS OpenVPN Server in the outside world? When I setup OpenVPN server I enabled :"Push LAN to clients" "Direct clients to redirect Internet traffic" "Respond to DNS" & "Advertise DNS to clients". I would think this is enough to allow remote clients (using my Login?PW) would be allowed access to my LAN. What did I do wrong? Any links/sites/education you can direct me to would be great. Thanks

Part of the problem here is your terminology. Statements like "DDNS OpenVPN Server" are confusing. DDNS maintains a dynamic domain name that's constantly updated w/ the public WAN ip of your router. It has nothing to do w/ OpenVPN server. Whether you can ping the WAN ip (as determined by the current DDNS setting) is a function of how the "Respond ICMP Echo (ping) Request from WAN" setting is configured.

Once you're connected to your OpenVPN server, you should be able to access your home network as if you were connected locally (e.g., access the primary router's GUI on its LAN network interface, 192.168.1.1). Or any other LAN devices. BUT, sometimes personal firewalls on your home network will NOT ALLOW access because they see the private network on your OpenVPN server's tunnel (e.g., 10.8.0.0/24) as a threat! IOW, by default they won't allow access from any private network other than the one they are on (e.g., 192.168.1.0/24). Not unless you update their respective personal firewalls to allow it. This is particularly common for Windows PCs. But other devices may behave similarly.

All that said, if some devices are NOT responding consistently (i.e., only some pings succeed), I have no explanation. Things like this are normally binary; they either work all the time, or not at all. Intermittent behavior is harder to explain.
 
@oharag

The problem with "speedtests" and the testers is that they don't always have the ideal setup for testing. If they're testing with some cheap d-link router it skews the results.

If you want speed you use something with Wire Guard plain and simple. It's going to be able to pull 2-3X the bandwidth of OVPN based on the way it handle the traffic.

~$2/mo should be the benchmark for any commercial VPN which rules out 1/2 of them from being worthwhile unless there's a special niche need that they cover.

# of connections isn't important if you centralize the VPN to cover your whole network through a single device and then out to the internet from there. If you don't then it makes a difference in the # of connections you can use at one time.

Number of servers is nice but, the quality of the servers and their ISP connections matter more.

Rule #1 don't use a FREE VPN
Rule #2 don't use a US based VPN due to lack of privacy due to laws.
Rule #3 route all traffic not just some to prevent leaks / intrusions

These VPN / Internet providers basically do the same thing as your router and NAT the connection through their device an out the public internet. This gives you some additional protection if you set it up correctly. I wouldn't rely on them as a firewall though as when you port scan them they tend to have several ports exposed on the servers which leads me to think they have other potential risks if they potential have reverse path routing enabled.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top