I am currently using boxpn but I am thinking of setting up another router internally with an always on VPN for my Roku, other devices, and my laptop. Contemplating blackvpn but they are pricey. In the meanwhile, I want to pick up a fast but not overly priced DD-WRT router.
I personally use pfSense - though I did use DD-WRT in the past. With pfSense, I have an OpenVPN connection setup as an alternative gateway. I use LAN firewall rules to determine which devices, networks, and or ports to route through the VPN gateway vs. my default gateway.
If you have an old computer hanging around, it’s quite easy to setup.
pfSense on x86 will absolutely demolish any router on the market.
If you must do dd-wrt, even dd-wrt on x86 will win.
Edit: Sorry if this was unclear, on a reread i’m assuming everyone knows what that means.
These are operating systems designed to run PC hardware as a router. For things like VPNs and advanced firewalls, they are substantially (800-1200%) faster than your best in class 1.2GHz dual core ARM A9 consumer level routers.
Okay I am going to agree PFSense is the way to go but if you can not spare an old PC or something for PFSense I would recommend you go with Tomato instead of DD-WRT.
For fast pre setup routers go with a flashrouters. I have the tomato asus r66u, and its amazing. If you are relying on OpenVPN, tomato will be your best choice to run OpenVPN through.
Check out flashrouters though made everything way easier for me. You can message me any questions. I have both tomato, ddwrt routers from multiple places.
Personally, I like and use the Cisco-Linksys WRT600N as it has the bells I want and is easy to install the DD-WRT onto
I like the idea of pfSense. I haven’t used it in years though so it is something to consider.
I just bought my first DD-WRT router the other day for about $40. Haven’t gotten around to setting up the VPN but it has much more in terms of options compared to my last router. Looks better too
PfSense on an x86 PC, routers don’t have fast enough CPUs to handle the encryption in a VPN
Another pfSense vote. Its the best way to go for OpenVPN clients and servers. Great web GUI and (nearly) any CPU you throw at an OpenVPN client will do great. I’ve got an Atom 330 motherboard, 2GB RAM and dual Intel NIC. Its an amazing router.
My only recommendation is to absolutely get Intel NICs. RealTek/Marvell will work, but operate like crap and cause additional CPU usage. I can’t speak for Broadcom.
The Asus-AC56U seems like the best value high-end router to use with your VPN. For OpenVPN, this router is a beast.
Here is some info from one of the firmware developers on the OpenVPN performance:
OpenVPN throughput benchmark:
iperf -c 10.16.0.1 -M 1400 -N -l 64K -t 30
RT-AC66U (FW 3.0.0.4.270.25): AES-128-CBC [152] 0.0-30.0 sec 79.5 MBytes 22.2 Mbits/sec
RT-AC56U AES_128-CBC [156] 0.0-30.0 sec 217 MBytes 60.7 Mbits/sec
The iperf and OpenVPN servers were on the router, and clients were a Win7 laptop connected to the WAN port.
OpenSSL speed test:
RT-AC66U: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128 cbc 9398.56k 9941.17k 10138.71k 10195.09k 10234.54k
RT-AC56U (with ARM ASM optimizations backported from OpenSSL 1.0.1): type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128 cbc 25596.63k 28151.82k 29251.64k 29363.88k 29587.09k
OpenSSL raw performance is nearly 3x faster on the RT-AC56U.
Raspberry pi connected to a switch with pfSense as an OpenVPN gateway - Viable?
Security?
reliability?
processor enough to handle encrypted tunnel?
Woh man, could you do a mini AMA or something
I am actually going to go the pfSense route. I live within a couple of hours of a Micro Center and plan on going Saturday to pick up a refurbished desktop with a C2D and 2gb of ram. It’ll only cost 100-ish
Can you please tell me the contents of your alias “Netflix”? I’ve been trying to figure out Akamai on my pfSense and it helps to collect as much info as I can. Thanks!
I’m currently torn between pfSense and DD-WRT as well. Would you mind explaining how DD-WRT w/OpenVPN is different from having multiple gateways?
As I understand it, VPN with a single gateway means that once you log into the VPN, you are functionally on that network as if you were physically there. With two gateways, does that work the same way except that you cannot interact with devices on the network that do not use the VPN gateway?
Isn’t Tomato limited to pretty much just the WRT54G(L) router? Also, the “base” version of Tomato doesn’t support VPN–you’d need a variant like http://tomatovpn.keithmoyer.com/ for that. Also note that Tomato hasn’t been updated since like 2010 (unless there’s some other variant that I haven’t found.)
EDIT: I stand corrected on many points: http://tomato.groov.pl/ (2014 update, supports more than WRT routers)
The flashrouters.com site recommendation looks like a good one, looks hella handy. Thanks.
If you are relying on OpenVPN, tomato will be your best choice to run OpenVPN through.
I’m just going to assume that Tomato has better OpenVPN performance… are there any other reasons that might not be so obvious such as reliability, ease of use, etc. ?
They just did a massive update back in… November? It fixed a lot of things.
I do not see that this model is supported for DD-WRT while the AC66U is.