|
|
Hello All, I am running an OpenVPN tunnel from the US to Asia (with a dsl modem on the far end, to boot). I get relatively reasonable latencies (300-600 ms) but pretty high packet loss (as much as 20%). Due to a corporate firewall that I have no control over I have to use a TCP tunnel. The server is a Windows 2003 machine, clients are XP. Overall performance is pretty poor. I can connect and maintain the connection fine, and things like FTP transfers are usually OK but trying to log in to a windows machine with terminal services for example is extremely difficult. After reading through the lists here I tried "mssfix 1200", that didn't seem to make much difference. I've seen it suggested to use tun instead of tap in cases like this, I haven't tried it because I don't have a good way of setting up return routes on the remote network to the VPN machine. Here is my server config: -- local 192.168.0.120 proto tcp dev tap dev-node tap0 mssfix 1200 ca "keys\\ca.crt" cert "keys\\server.crt" key "keys\\server.key" dh "keys\\dh2048.pem" ifconfig-pool-persist ipp.txt server-bridge 10.19.148.100 255.255.254.0 10.19.148.245 10.19.148.254 keepalive 10 120 cipher BF-CBC comp-lzo max-clients 10 persist-key persist-tun status openvpn-status.log verb 4 -- And client: -- client dev tap proto tcp remote myvpn.dynalias.com resolv-retry infinite nobind persist-key persist-tun ns-cert-type server comp-lzo verb 3 mssfix 1200 -- Any suggestions to improve performance? ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |