cryptostorm's community forum

Has anyone experienced delayed iMessages when using pf? iMessage uses TCP over 5223, 443, 80 . I've added this rule, but doesn't help:

Just tried Onyx (France):
/dev/null 100%[====================================>] 100.00M 13.1MB/s in 7.7s

(13.0 MB/s) - '/dev/null' saved [104857600/104857600]

Significantly better performance. So it really depends on the node you're connected to...

@vlnchat With regard to torrents, a cause of that might be a port forwarding issue. Using your ISP's connection, your router will probably forward your torrent client's ports using UPnP; port forwarding makes you more connectable, i.e. your client is able to accept unsolicited incoming connections,...

parityboy wrote:@vlnchat

4.65MB/s translates to 37.2Mb/s. Which node was that test conducted against?

IS node, 79.134.235.133.

Downloading a popular torrent behind CS gives me ~100kb/s, while on my ISP I get 9-10MB/s download of the same torrent...

EDIT: now CS is providing me with 3MB/s, so kinda corresponds to 24Mb/s. Still not what I hoped to get behind CS VPN...

Can you try this one and report the results? wget -O /dev/null http://cachefly.cachefly.net/100mb.test Those flash/html5 speed tests are very unreliable and regularly provide completely false information. With apple I wouldn't be surprised if there is some kind of traffic shaping based on ISP in pl...

Hi, After seeing a few reports on CS VPN speeds like Tealc (https://cryptostorm.ch/viewtopic.php?f=51&t=6262) has reported in his signature, I started investigating a bit in why I do not get these speeds. I'm using the 1_4 raw balancer for mac config. Connected to the Portugese, US and IS servers, i...

Yes, disabling the skip on loopback was part of the problem. Some time ago I figured it out, it's inferieur to your solution, but works good enough. For the rest out of there... # # com.apple anchor point # scrub-anchor "com.apple/*" nat-anchor "com.apple/*" rdr-anchor "com.apple/*"as dummynet-ancho...

Alright, so the problem was that the last line should be ended with <CR> char (\n). That is now fixed and the following rules are now loaded without errors: # # com.apple anchor point # scrub-anchor "com.apple/*" nat-anchor "com.apple/*" rdr-anchor "com.apple/*"as dummynet-anchor "com.apple/*" ancho...

Hi, I'm following your procedure. Have all the files set up like this: /etc/pf.anchors/firewall.conf /etc/pf.anchors/or.cryptostorm.balancer /etc/pf.anchors/pf_cs.conf In which firewall.conf contains: anchor "pf_cs.conf" load anchor "pf_cs.conf" from "/etc/pf.anchors/pf_cs.conf" anchor "org.cryptost...

@parityboy ok thanks. It's more that I would like to have one VPN to "rule 'em all" as in: provides anonymity for personal activities and that can bypass the DPI firewall at my office. Hopefully CS will provide SSL wrapping in the future..

Thanks guys.

Is there any other way of masking/hiding CS's VPN connection over port 443?

The *.ssl certificate can easily be modified to point to cryptostorm servers. The ovpn however, is telling me it's invalid when I change it like so (changing remote, removing random, and adding proto udp): # this is the cryptostorm.is client settings file, versioning... # cstorm_mac_dynamic_1-4 - po...

Of course. ovpn config: # -------------------------------------------------------- # Air VPN | https://airvpn.org | Saturday 6th of September 2014 01:50:00 PM # OpenVPN Client Configuration # AirVPN_NL-Nekkar_SSL-443 # -------------------------------------------------------- client dev tun proto tcp...

Hi, Currently I'm using AirVPN's SSL tunnel (using stunnel) option to tunnel all my traffic through an OpenVPN connection masked as an HTTPS connection through port 433. This because I need to bypass a DPI firewall that only supports HTTPS through port 433. All other ports are blocked and VPN protoc...