EdgeRouter 4 Private Internet Access VPN Testing (PIA)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hi I'm Willie with h.5 technology welcome back to my channel thank you for being here and I appreciate each and every one of you so in the last video we did our basic configuration on our edge router and in this video we're gonna look at PIAA or OpenVPN performance and if you want to setup private Internet access on your edge router to protect your entire network I'll put a I'll post one of those things up here somewhere at the top a link to that p IA configuration video and so you can you can follow along with that now p IA is useful for more than just your your edge router you can put it on your phone whether it's Android or iPhone you can run it on a Linux computer a Mac Windows it doesn't just have to be on your router you can use it you know on multiple devices and they allow I think you have to check how many connections they allow but you don't need to just limit yourself to just your router so let's go ahead and let's take a look at what's going on so we're gonna pretend that you've gone through you have set up P I a private Internet access and so you're gonna have this vtune 0 interface it says connected but what we're gonna do is we're actually gonna go ahead and enable it and when we enable it here in a second you're gonna see an IP address show up and once we have an IP address on this okay we've got an IP address so now everything we do should be masked behind the VPN so I'm gonna open up I'm gonna open up another tab and we're gonna go to private Internet Internet access we're gonna see where I'm coming out of on there we'll take a look at that config file and we'll we'll see how it goes for us here ok so over at the private Internet access comm site show at my IP address is 46 to 46 123 200 my ISP is port lane a B and I am protected by P ia so let's uh I can't remember I was I was playing around with this and I was to change where you connect with private Internet access all you have to do is edit one line in the config file so let me pull that up real quick and we're gonna log in here super secret password we'll do that well see all of our files in there now originally I was just connecting to the Midwest and I wanted to see what kind of speeds I was getting from around the world so I'm just gonna do a more Midwest and we will see that right now I am connecting through Savita and I think through Sweden so that's that's where this is so let's do a let's do a speed test so Robert fast comm we're gonna let the fast com speed test go and so far you're looking at this and you're going I am NOT impressed I'm not impressed with this at all we hit 10 Meg's so we're going from this router out to however we get to that exit point and we're doing it over Open VPN so there's a few things to remember here first of all I have the edge router bridged so we're actually gonna undo that and then fix the the edge router configuration so we're gonna walk through that here in a minute so let me disconnect I'm going to disconnect the VPN and by the way that spot where we were just were that's all you have to do is edit that file your config file that you referenced and setting it up and you can go out any port that private Internet or any server that private Internet access any country that private internet access allows you but we're gonna go ahead and disable this and yes we're sure we want to disable and once that's disabled I wanna rerun this test so you can see the kind of speed that we're getting here 620 620 megabits per second pretty good pretty good let's go back over here we'll reconnect or reenable private Internet access so go back out there let's rerun that test and I'm sure that we can get better performance by going with other with other servers so I had some that were as high in my testing as as 30 megabits I tested this a little bit before I decided to create video so right here you can see that's almost the I think that might be the exact same as the test before so 16 megabits depending on what you're doing that may be fast enough so let's talk a little bit about why we might be seeing this specific speed test so we're on edge router 4 we're on edge router 4 version 1.2 10.5 now I've heard that the performance of Open VPN is going to be better in edge OS 2 and that some people who are testing it have reported better results so here's a couple things that we have to remember I'm gonna pull up the specs for the edge router real quick alright so here's our edge router for datasheet so if we scroll down the processor for Core 1 gigahertz mips64 processor we've got a gig of ram ddr3 but here here's the deal here's the real scoop right Open VPN is not Hardware offloaded in an edger router it is completely software driven and can only only you to only utilize one of those 4 cores so by using PIAA on the edge router it's kind of its kind of handicapped because they can only use one core now other contributing factors we arch like triple mattad right and what else we have the triple Matt it's open VPN so it's software driven on the edge router you know those are our two big components and you know we could be seeing a performance hit because of the bridge so this is what we're gonna do we're gonna dis we're gonna disable this and what we're gonna do is gonna completely kind of kind of wreck our configure so you're gonna have to bear with me and I'm going to try to explain exactly what I'm doing along the way so let's let's move this over just a smidge and let me bring up putty alright so what we're gonna do here is we are going to we're gonna take these interfaces out of the bridge so we got to do a couple things first so logically so we don't completely lose so we don't completely lose access to our router and have to go in with a console cable or do something else that's gonna be hugely inconvenient first let's do a show configuration by the way don't forget to use tab for your autocomplete so you see our P ia rules here and we want to go down to interfaces and we go down here to eighth one and we happen to be plugged into each one so we are going to concentrate on eighth tooth for the moment right so we're gonna do configure we're gonna do set interfaces Ethernet II - we're not gonna set we are going to delete interfaces EEP - bridge group and we'll see if that lets us take that interface out I didn't get a commit error which is good so let's refresh this let's take a look okay so still as e to it says that it's the local bridge but we're gonna call this so we'll just call this network - and we're gonna give this 172 that 16 that 29 that one he'll give it a class see what the heck we're gonna come in here we're gonna go to services and we're gonna add a net to 282 that 16 that 29 0 are you following along so far I hope so if you've got any questions make sure that you're posting those down in the comments or that you're emailing or any of that good stuff and then we will come in here we will turn you'll add a listing interface and we'll make sure that's e to save that ok so now what we've got is we have another interface that we can plug into that is going to that is gonna listen you know so we can actually talk to this this router so we're gonna log out here and we're gonna bring hoody pee and we're gonna go ahead and exit putty for the moment now what I'm gonna do is I'm gonna unplug my PC from e1 and I'm gonna plug it in to eat too and then I should get a 170 2.16 bat 29 address let's see let's see if that works all right we moved ports will bring up our command prompt here release I knew I could have done that on on one line my computer says do you want your PC to beat no I don't I don't want it to be all right so that's cool all right so now what we've done is you can see that the router is answering us here just perfect log back into the router all right so now what we're gonna do I mean at this point we could just get rid of the bridge and leave eath one hanging out there by itself that's not a totally not totally a bad idea if we want to make this go a little quicker so I think that's what we'll do get signed in here so let's do this let's do come in here and so there's a few things we're gonna have to remember first of all we have to remember this line right so we're gonna have to do that on we're going to do that on eighth - so before let's let's do this let's do configure let's do set interfaces Heath Ethernet key to firewall in modify PIAA so we will commit that and save and we did not get an error that's excellent so now what we're going to do is delete interfaces and let's delete bridge zero see if it'll let us do that without taking the that other interface out of it see what happens no interfaces are still a sign so the commit failed so what we're gonna do is we're gonna do a delete interfaces e one bridge crew commit that and now let's delete let's delete that I think Billy does not ok nothing cool so I took care of all that so now let's save let's do another show configuration we've still got that so here's one thing that we need to do so we need to do set firewall modify PA a rule 10 source address is gonna be 172 because Lily didn't add all of the words and we're gonna delete firewall IP I a rule 10 source 172 okay so it over wrote it over wrote I wasn't sure if it would like add it to it or if it would overwrite it I this you're doing this with me usually when I do the PIAA it's one network and not I don't go back and and do this so we some of this stuff literally I'm doing it I'm doing it live here so let's check our configuration see if anything else needs to be changed source address is good there I think there is some things are gonna have to be done here this is all looking good so far 5p IA there's our Open VPN yeah looks good we'll have to clean the router up here in a minute okay all right so here's a couple more things that we need to change so it's gonna be configure set service man rule 5000 source 172 that 16 that 29 0 slash 24 oh man I keep forgetting that word address tonight and we'll do the same thing for 5 commit that save it now a lot of these like when I do a show configuration I'm doing the whole thing which you can actually in config mode do a show and then a section of the configuration and it will just take you to that part of the configuration but if you're just learning edge OS the command-line do things the hard way a little the hard way the long way and then later on it will be much easier for you so we'll get will clean some of this up in the UI ok so that's good that's good that's all good yeah that's all good so I think okay that that that looks like everything for the moment so let's refresh this I do have to get these housekeeping items out of the way are they gonna drive me they're gonna drive me bonkers so let's configure this and we're just gonna call this network one we'll leave that there and then come over to services and let's take this guy that might come back it might not if it comes back we'll recreated I just don't want it in there for now so in theory we should be able to come here and go to enable and in a second because all those changes that we made we should get an IP address on this interface see what happens there it is so we are now connected let me bring up the PIAA site all right so you can see that we are protected so we switched the network that was being protected by P ia so let's pull up our speed test again we top that 16 megabits the last time we did this and it looks like that's about where we're gonna oh oh oh 18 and 19 I still feel this is like within some sort of a margin of error so slightly faster without the bridge encouraging I guess let's uh let's disable P ia okay looks like it's disabled now let's see what we're getting on our speed test so the speed test yeah so I think the main things that are contributing to to us being limited is definitely that OpenVPN is software totally software driven on the edge router that you cannot Hardware hardware offloaded but you can see that it totally that it totally works right so this is definitely a viable option now what we could do is we can actually create a VLAN and we can change the configuration so that we have an SSID that is that's the only thing so you come home you connect with your device your laptop or whatever when you want to get on P ia you just hop on that SSID the same token then you could just have ports on your switch assigned to that if you want to see if you want to see a video or I take that PIAA and I put an SSID on it and I assign switch ports to it put that down below and we'll create that video next it's it's a pretty easy step for us to get to that from here and it would be more than happy to do that so PIAA it does absolutely work but we you know i don't know how much the double matt is hurting us I can't answer that and my ISP is going to be fixing that and then obviously we can only utilize a single core of the four cores that are available in the processor to run OpenVPN plus I'm connecting to sweet so there's some other things but let's real quick let's hop somewhere in the United States and see see what happens so let's we'll bring up private Internet access here and we will take a look at their network and in fact actually we don't even really need to do this because we have all of the files downloaded all we have to do is look at the files and I'll bring those up so here are the files and anything that says u.s. you know is obviously gonna be closer to us so let's edit this Chicago and you can see it just says us - Chicago so let's let's change where we're connecting let's disconnect this and it's us - Chicago so what we're gonna do is we're gonna do and as soon as this gives us a prompt I mean we can do it through here which is where I want to do it all right so now we're gonna get a config off and we're gonna do by Midwest you're gonna go down here to where it says Sweden we're gonna hit I for insert we're gonna delete these out I'm gonna do us - Chicago we're gonna do escape twice we're gonna do a : WQ exclamation point file is now written so we'll go ahead and exit this let's reconnect and we'll refresh this okay so now you can see IP has changed and let's see 23:25 now you know I'm around Peoria and we're connecting up to Chicago so but I don't know how it's I don't know how it's getting there but you can see we're getting about the same speed so there are definitely some limiting factors that I don't know that you're going to be able to overcome first of all the single core and I have to double mass so the single core is really the thing and that OpenVPN is not Hardware offloaded now this is still totally totally viable and still an awesome way to have an SSID and some switch ports that you can just plug into and you have that VPN all the time now one more quick thing I have been overwhelmed with the responses from people wanting to test IPSec I literally have a couple hundred responses so here what I'd like to do and tell me if you're all down with this first of all still if you're interested in helping me test IPSec go over to h5 llc.com fill out the contact form or email me here's the next thing I would like to do if you have a routable IP and you have sent me the way to sign up as what I'm gonna do is I'm going to keep a spreadsheet and we have a lot of RFC addresses where we can create private networks so what I would like you to do is create a a VLAN on your edge router right and what I'm gonna do is I'm gonna keep my VLAN the same so as soon as I get my Ont put in bridge mode and I have my rattleball IP this plan is gonna go into action I'm gonna keep a spreadsheet and for everybody that's interested I want to try to create a huge hub-and-spoke network with these edge routers and let's see how big we can get this thing is gonna take us weeks and we're gonna do videos and just explaining where we're at but I'll have a Synology on there and if you want to put storage and things on there and we'll share with everybody we'll keep a shared spreadsheet and resources and it'll just be it'll just be something fun something we can do to engage with each other one more thing just to make sure you're listening I did find out over the weekend that we were working with a unify site we can only create 64 VLANs through unify now we're still working to identify if that's because we were using entire class C's or what the deal was but it looks like we could possibly have a 64 VLAN limit and unify on the USG I haven't verified that with ubiquity yet but I'm telling you we ran into that so that is it for this video if you want to see the dedicated SSID and the dedicated switch ports and you want to become part of the largest community hub-and-spoke VPN that we can try to create make sure you get a hold of me once again if you like this video please give me a thumbs up please subscribe please copy and share please follow me on Twitter and Instagram if you want to talk to us on discord the links down there if you want to buy anything you see on the channel the amazon link is down there as well if you need IT consulting for security voice over IP networking programming all that good stuff go to h5 LLC calm down there sign up for the newsletter and reach out to us of your consulting project and we will get back with you as soon as possible once again I appreciate each and every one of you and I'll see you in the next video you

Info

Channel: Willie Howe

Views: 34,716

Rating: undefined out of 5

Keywords: ubiquiti, ubiquiti networks, edgerouter 4, edgerouter 5, edgerouter vpn, edgerouter private internet access, pia vpn, edgerouter pia, hidemyass, how to setup vpn edgerouter, willie howe, h5 technology, edgerouter openvpn, openvpn setup, openvpn speedtest, vpn speedtest

Id: EvD1HKAT14U

Channel Id: undefined

Length: 27min 28sec (1648 seconds)

Published: Tue Aug 21 2018