OpenVPN Service

Advanced feature discussion, beta programs and unsupported "Labs" features.
79 posts Page 1 of 8
by kgc » Mon Feb 01, 2016 3:03 pm
The first pass at the production OpenVPN service is available at https://ovpn.sonic.net

The only significant difference between the production deployment and beta is that we've blocked port 25 in both directions. The configuration provides a reasonable balance between privacy, including Perfect Forward Secrety, and performance.

Please note that the oookla speedtest does not test using random data and will provide significantly inflated results. A more accurate test can be had by downloading the test file with an application that will return the download speed.

http://speedtest.sonic.net/test.10meg
http://speedtest.sonic.net/test.100meg
http://speedtest.sonic.net/test.1000meg
Kelsey Cummings
System Architect, Sonic.net, Inc.
by parker_day » Mon Feb 01, 2016 4:06 pm
I'm curious if this has a 24 hour timeout, or if there is a way to keep the connection alive.
by abhi.kris » Mon Feb 01, 2016 10:07 pm
parker_day wrote:
I'm curious if this has a 24 hour timeout, or if there is a way to keep the connection alive.

Definitely interested in hearing about the 24 hour timeout for authentication.

Also, seems like there is a JSON error of some sort while trying to sign into ovpn. OpenVPN works great with the beta address though. Will be happy to provide more detail if necessary
by kgc » Tue Feb 02, 2016 8:48 am
There's no 24 timeout, and shouldn't be on beta.vpn.sonic.net anymore either.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by wa2ibm » Tue Feb 02, 2016 1:58 pm
kgc wrote:
The only significant difference between the production deployment and beta is that we've blocked port 25 in both directions.


This is a killer for me. I don't mind outbound 25 blocking since I use Sonic's mail server as my smart host. However, it's tougher to get around inbound 25 blocking.

I was always able to run my own mail server on Sonic's original legacy DSL and then on Sonic's Bonded Fusion service. Neither blocked inbound 25. It's even working on Fusion FTTN dynamic service. However, if I want to escape AT&T's traffic monitoring and use the Sonic VPN to get around that, I'm out of luck.

I guess I'll have to find another solution.

Bill
by kgc » Wed Feb 03, 2016 10:59 am
Bill, there's always the possibility that you could move to a fetchmail setup. There's pros and cons and depending on your needs it may not work. If we ever provide static IP on this service it would be completely unfiltered but this is otherwise being treated as a truly dynamic product.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by wa2ibm » Wed Feb 03, 2016 5:25 pm
Kelsey:

I'm running two Domino servers (redundancy), currently on Windows platforms, which accept mail for several different domains and several different users. One server runs through a Sonic FTTN connection, the other on a different ISP.

Additionally, the SMTP process utilizes several RBL's for inbound filtering. I'm not sure how I'd utilize a fetchmail process in all of that. But, thanks for responding. Looking forward to a VPN service with static IPs.
by mediahound » Wed Feb 03, 2016 6:21 pm
If you want a web-based speed test that seems to work when on the vpn, this one seems accurate:

http://speedof.me
by mediahound » Wed Feb 03, 2016 7:44 pm
Is the VPN good to go? I'm asking because I just had to disable it due to very slow Youtube performance. Performance with watching Youtube improved as soon as I disabled the VPN.
by elmatador » Thu Feb 04, 2016 5:24 am
The link in the first post provides a downloadable file. I'm assuming you install it on individual computers.

Where can we find the certs and info to install on our router like I've done for the beta product?
79 posts Page 1 of 8

Who is online

In total there is 1 user online :: 0 registered, 0 hidden and 1 guest (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: No registered users and 1 guest