What VPN service do you use?

I honestly have always hated VPNs... I've tested the so-called "fast" VPNs and been incredibly disappointed by the speed but I came across VPN.ac today while researching China-friendly VPNs for another member and I decided to give them a try. I'd say it was 40 bucks well-spent for a year of service.

http://beta.speedtest.net/result/5035769372

That's with OpenVPN UDP, 256-bit AES-CBC, RSA 4096, and SHA512 HMAC (basically the highest encryption level possible and total overkill for my purposes but I was curious about the speed) on a Comcast 150/15 internet pipe.

They're P2P friendly (specific servers), they give you 2TB of bandwidth a month (which is fine with me with speeds like that), you get up to 6 concurrent connections, no logs other than basic connection and bandwidth data, their software is simple to use but has advanced features like the internet kill switch, auto-start and auto-connect, choice of protocol between L2TP/IPsec, OpenVPN 128-bit (AES as well as BF if your device doesn't support AES), OpenVPN 256-bit AES, OpenVPN XOR to get around firewalls (they even obfuscate specifically for China), OpenVPN ECC, and lowly PPTP...

Needless to say, I will be running my new VPN 24 hours a day on both my phone and my PC. They also have their own DNS servers in Canada and there is no DNS leak on my phone or my laptop.

 

I use LiquidVPN, it gives me the same speed as my actual ISP speed, maybe just 5% less. My speed is 100MBPS Down/20MBPS up. With LiquidVPN, I get around 93MBPS Down /20 MBPS up while connected to a Romanian Server via PPTP.

Their speeds and privacy policy is awesome, 0 logging policy, they don't bother you or care about DMCA notices, you are free to do what you please and they have a myriad of servers for you to choose all over the world.

 

If you're using PPTP, you're not really getting any security advantage. Its so insecure that VPN.ac actually discourages its use by giving it the lowest priority for speed.

This is with L2TP/IPsec, which is generally considered the fastest protocol they use

http://beta.speedtest.net/result/5036938700

As you can see, I only lost 7Mbps out of 150 and my upload actually hit the overprovisioned cap of 22Mbps.

Fastest speed for me though is OpenVPN 128-bit

http://beta.speedtest.net/result/5036949129

167.59 down and 22.25 up due to overprovisioning from Comcast.

Its funny, all these big names I tried like ExpressVPN, PureVPN, Tunnelbear, basically any VPN I found that had a free trial... I averaged about 4Mbps down... highest I ever saw was 30 and that was one test, it went down to 15-20 for the rest of the session.

 

ohh thanks for that, the default for LiquidVPN is OpenVPN, they also have PPTP and L2TP, I only chose PPTP as it was the fastest, I will go back to OpenVPN then.

 

OpenVPN 128-bit is the best compromise between security and performance. L2TP/IPSec is thought to be cracked with an NSA backdoor. PPTP has been broken for ages. OpenVPN 256-bit AES-CBC with RSA 4096-bit and SHA512 HMAC is thought to be virtually impenetrable. I was really surprised how little overhead that option has with VPN.ac

 

Here check this out @Phoenix - very thorough breakdown.

https://vpn.ac/knowledgebase/36/PPTP-vs-L2TP-vs-OpenVPN-which-one-to-use.html

 

Thanks bro, I'll read it in a while. On a side note, with OpenVPN, I get 60MBPS Down vs 93MBPS Down on PPTP

 

Any of you guys bothered to configure VPN-client on a router rather than on individual devices?
That seams neater and any and all devices connecting to your home network will have the benefit of VPN without the need to configure those devices.

 

Sounds like your provider hasn't optimized for OpenVPN. Which method are you using? OpenVPN 128-bit AES-CDC is the best balance. OpenVPN ECC is great too but hardly any providers have it. Try L2TP/IPSec, its usually the fastest protocol. Also make sure you're using UDP with OpenVPN, not TCP.

 

My VPN supports DD-WRT as does my router, however, the processor in the router would end up limiting the throughput to around 30-40Mbps. The nice thing about VPN.ac is I get 6 simultaneous connections and they have software for Windows and Android and OpenVPN can be set up on Linux and iOS so I would rather just do it that way. I wouldn't use the VPN when I'm doing console gaming, would just add needless lag so I have my laptop, desktop, Note5, and iPad which still leaves 2 connections open.

EDIT: Wow, I take that back... Quoted from VPN.ac's speed page

If you are using a router firmware like DD-WRT or TomatoUSB connected via OpenVPN, speeds around 10 Mbps are likely the best you can get due to router's CPU performance.

YIKES

 

I will try this and report back

 

@Ethrem I see your point about the performance. It seems that dual core Broadcom BCM4708 @800MHz which is used in top end routers like Linksys EA6700 or ASUS RT-AC68U will only manage about 4MB/s (some 32mbps) - at least when using Asus' own VPN client implementation.
That is a bit too slow for my 100mbps connection. I'll try to figure out if using other implementation would be significantly faster or not but it does not look good.

 

Yeah I think I'll be sticking to setting up the VPN on each device.

Besides, sometimes you want to switch servers... its not easy to do that with a router-based implementation whereas with the software its a point and click operation. My provider allows P2P but only on certain servers (although the recommend downloading a Linux live DVD through bittorrent to get an idea of how fast your connection is with each protocol) and they show node status on the client page so if a certain server is getting hit hard, you can see which one isn't being heavily used and switch. Like I live in Denver and tried the Kansas City server and found it to be really slow so I switched to Dallas and now the VPN overhead is negligible even on the highest encryption.

 

There are two ways to deal with it - one would be for me to pay for a slower internet connection, which is a brilliant idea
Another way is to pay for a much faster router - the best consumer routers seem to be able to achieve and on occasion exceed 50mbps as OpenVPN clients.
So it's not looking like a great success...

 

Oh man hush about the slower internet, in 2 days I'll be going from 150Mbps down, 15 up cable to 40Mbps down, 5Mbps up VDSL at the place I'm moving to... Then i have to decide if I'm going to pay 60 dollars a month for a year (plus modem rental at 7 dollars) to have the 150 again...

 

I tried LT2P/IPSec and it's much faster than OpenVPN. This seems like the best balance between security and speed:

Connected to the Romanian Server of LiquidVPN

 

That's usually the case, I have no idea why OpenVPN is so much faster for me. Glad to help though! Just remember if you're doing anything sensitive or you're on public WiFi, OpenVPN UDP port is the best choice.

 

Bit late to the party, but I have seen mikrotik being praised on ArsTechnica forums for having good and (relatively) cheap commercial/industrial grade network hardware, maybe you might be able to find something with the oomph you'd need for a router implementation.

 

@tijo Thanks. While looking for routers that could manage about 100mbps via VPN I run across recommendations for Mikrotik that could apparently handle much more. I am sort of considering this - on one hand it's not cheap on the other hand I have two NASes that I would like to benefit from VPN as well. There is no other way for a NAS to use VPN than to have it configured on a router (unless the NAS itself has such config option, but mine don't).

For less than a $100 one could find a used Linksys routers that could deliver some 60mbps with VPN but that's as much as consumer routers can do for now. Maybe the next generation of routers will push it closer to 100mbps I'm looking for.