PFSense OpenVPN Server Speeds

Hey guys.

I’m fiddling around for a while now and got one crucial question.
Is it possible that the maximum achievable VPN Speed somehow also has to do with the maximum Upload rate the Server got??

I will explain:
I’ve got a Netgate PFSense Firewall at home and my ISP gives me WAN speeds of 500Mbit/s Download and 50Mbit/s Upload.

On this Firewall appliance I’ve got an OpenVPN Server running so that I’m able to securely connect to my Hosts when I’m not at home.

I’ve fiddled around with all the stuff I’ve found on the Internet like MTU Settings, Hardware Crypto, Encryption settings and all this stuff…but somehow I can never achieve more than 50MBit/s at Speedtests I’m doing from my VPN Client.

My Client is a brandnew Phone which got 350Mbit/s Down and also something like that Upload and without VPN I can achieve those Speeds at the Client and from within my Network.

So this made me think…maybe it’s not really about the VPN Server but about my Upload Speeds on the Server side?? Because it always seems to throttle at those 50Mbit/s.

Up on the server is down for the device. So yes, the upload limit of 50 Mbit/s is being driven by this.

If you are directing all traffic via the VPN on your phone, then your max download speed on the phone will be close to the max upload speed on your home ISP.

On your client you might want your internet traffic to exit the mobile network and your home network via the VPN. Split tunnelling is what you need to look into.

how to do that split tunneling?
So my first thought would be to disable the option to force all traffic through the tunnel, but sometimes that’s unwanted like when I want all my traffic to be safe at public places or smth.

And thank you very much for your replies ofc! :slight_smile:

Now when I think about it it seems logical :sweat_smile:
I mean the download you request with the phone has to be “uploaded” from my firewall back to the phone again.

But When I do File transfers into my Network I gotta check that with IPerf and then the Upload of my Client will be the limit as it’s probably less than the download of my ISP…will check that…and i guess i need Fibre with symetrical rates :rofl:

Uncheck redirect IPv4 and add in your networks below.

thanks in that case I don’t really want split tunneling but I’m fine with that.
Actually knowing the reasons is good enough for me! :smiley: