This tutorial will describe the process of configuring OpenVPN, and is an adaptation of the Netgate Documentation on the process. To start, navigate to VPN OpenVPN Wizards and start the Wizard. Choose the desired authentication settings. For the purposes of this tutorial, we will select “Local User Access”. Absolutely, once you have setup the OpenVPN server to run on pfSense and you connect from the outside creating a VPN tunnel to your home network then assuming that you have allowed clients in the OpenVPN network to access clients in your LAN network then you can talk across those networks.
OpenVPN is a well-known VPN client for secure remote access or virtual private networking. If you use OpenVPN and experience a slow speed over its channel, you might be getting annoyed. This issue is very common for all OpenVPN users. While the general advice you can find on the Internet is to tweak the MTU (Maximum transmission unit) value and/or MSSFIX parameters, here is another trick you should try. It can help you significantly improve the bandwith. Here's what you should try.
RECOMMENDED: Click here to fix Windows errors and optimize system performance
Open your
![Openvpn Openvpn](https://2.bp.blogspot.com/-bLvNg7RfIsM/UiKknRFgkfI/AAAAAAAAAdg/v_lSFH6zkWw/s1600/y2.png)
This will prevent OpenVPN from tweaking the buffer size between the server and the client. It will be determined by the OS. Windows users who connect to a Linux server will experience faster speeds.
Now, add the same lines to your client configuration file (*.ovpn or *.conf). If for some reason this is not possible, e.g. your client computer is not accessible, put the following additional lines in your server.conf file:
![Setup openvpn pfsense Setup openvpn pfsense](http://i.imgur.com/5Jk9PkR.png)
OpenVPN over UDP
If you are running OpenVPN over UDP, you might get a better experience by setting fixed buffer values. Try these lines:
The causes of the slowdown
You might be wondering why and how these tweaks work? Let's refer to the history of OpenVPN. In the year 2004, OpenVPN had a problem with different buffer sizes on different platforms. To unify the data transfer channel, developers set the fixed buffers to 64Kb. However, this caused completely strange issues with the MTU for all adapters in Windows. To fix it, developers hardcoded these lines, which work for non-Windows based servers and clients:
These lines are still presented in the OpenVPN source code, so that is why we are getting the slowdown! Additionally, you can try experimenting with MTU and MSSFIX parameters, if you know what you are doing.
Try with these lines in your config:
In the most common case, MTU on the physical interface is 1500, so it is better to set OpenVPN TUN MTU to a value lower than the real MTU, and MSSFIX to MTU-40, as in the example above.
I hope this article was helpful for you. Share your speed results if you saw a significant improvement (via habr).
RECOMMENDED: Click here to fix Windows errors and optimize system performance
Super Slow VPN
I'm at home, and I've set up a remote VPN using OpenVPN server on my pfSense 2 box.
From a server behind the pfSense box, I ran a speedtest and I'm getting:
80Mbps Download/20Mbps Upload
From my home computer, I get almost the exact same.
I can connect to VPN fine, but once I do, RDP runs like a slideshow, and data transfer between my computer and a server behind pfSense was 500KBps.
I have 12 Site to Site VPN tunnels on the pfSense box, and all of it's performance counters are at 15% or lower (ram, cpu, etc).
It does seem like the VPN runs at a decent speed for the first minute after connecting and then degrades.
I did some research and came across many folks saying they set this setting in the Advanced settings which resolved their issues:
net.inet.ip.fastforwarding (default 0, changed to 1)
I made that change and rebooted the pfSense box. Still moving at a snail's pace on the VPN.
I'm the only other client on the VPN, and the site to site VPNs are running well, no complaints.
It seems specific to the OpenVPN.
Is there something I'm overlooking? Any suggestions?
EDIT: Tried reinstalling the client, no change. Also tried from a separate computer on a different network - still slow.