Good day to whomever may read this.
Here is my problem. When I’m connected to my pfsense OpenVPN server and I’m transferring files from my device to another machine behind the firewall, transfer rates are fine and ok, depending on which connection I’m using be it mobile data or Wi-Fi its around 16MB’s – 42MB’s. The issue is when streaming or downloading anything from a device behind the firewall I max out at 20kb’s. For absolutely nothing it will cross that amount. Even when pulling a picture around 118kb it takes forever to even start the download and many times during a tiny download like this it times out and doesn’t even do the transfer.
The environment is completely virtualized it may come across weird or strange.
The virtualization host is Hyper-V 2019, the pfsense router w/ OpenVPN is a vm on that host along with, server 2022 w/ active directory, DNS, DHCP. Other vm’s include truenas scale, Debian for docker containers, another 2022 windows server w/ VDI role enabled & 2 Windows 11 vm’s for testing. The windows servers are on a separate PVlan of 20 while the Win11 machines are on an isolated PVlan of 21. Debian w/ containers are on a community Vlan of 22 while the truenas is on a PVlan of 22 with it’s secondary vlan connecting to all other networks so everyone can access storage. Pfsense WAN is setup as a trunk port, its LAN goes to an internal virtual adapter which branch off into private adapters within the host.
I have 3 dual 1gig nics connected to the host, 5 are in link aggregation mode. 4 vlan networks were made: Management, VM Traffic, Migration, Failover. The host has been removed from all network access and can only be managed from the Management vlan or the 6th adapter port. Everything works perfectly and data is transferred smoothly between all vm’s even internet speeds both up/down are working perfectly.
I’m not sure if the cryptography is messing with my vpn downloads. I currently have AES-GCM-256, AES-128-GCM, CHACHA20-POLY1305, AES-256-CBC for my ciphers, the digest is SHA256. Remote access is: (SSL/TLS + User Auth).