OpenVPN Support!!!

  • Please add OpenVPN or software VPN capabilities in general!! Nobody wants to carry around a hardware VPN when they are out and about. That's just another thing to lose. Everything else about this product is amazing, software VPN support would be the cherry on top!

    Thank you

  • I have to kindly disagree. While I think having extra support for means of VPNing is great, I do enjoy carrying 1 device with me for all my, and other family members, devices to connect to without having to manage wifi/vpn connections on all of them. They just connect to our "home wifi"

    In fact I wish they would refine the product more, and or add it to the UniFi line so that when I travel for work I can connect all my devices back to the office.

  • @spark-koala that requires a lot more CPU and ram horse power than the unit has.

  • that requires a lot more CPU and ram horse power than the unit has

    Hi @edward-dolezal - how was this determined?

    Previously @UBNT-Gunars stated an HD router was ideally balanced to VPN serve a Teleport

    The context was around the HD being in router mode and a single Teleport client

    And this was before he claimed a 3x performance increase was possible by changing to a kernel mode VPN along with other optimizations

    We don’t know which VPN is the basis of Teleport, but the HD seems capable of hosting a VPN from a hardware spec standpoint

    In my opinion AmpliFi doesn’t want to support things like dynamic DNS and things necessary to facilitate an OpenVPN style option, which goes against their ‘just plug it in and it works’ mantra

    Which is ironic since Teleport quite often fails that criteria in sensational fashion...

  • @derek-saville I've looked at comparisons between the Asus hardware and I've done a bit of research into the specs of the teleport and the amplifi as well as open VPN, whilst possible it seems that extra CPU cores apparently do seem to benifit preformace in general, granted I have seen alot of users complaining about the device preformace as it is.

    Though open VPN would be nice to have implemented it would be ideal to see how the new teleport firmware update will pan out considering that I actually do want a teleport but it is not yet available here in Australia.

    Im having trouble remembering if the amplifi CPU is arm or MIPS the latter being painful in preformace.

  • Hi @edward-dolezal - Qualcomm lists AmpliFi as a client for the HD routers and I thought they had an Atheros 9880(?) platform or something close to MIPS based?

    Seems like an HD should be able to serve a software VPN solution no worse then the existing Teleport option

    If you really need high performance VPN then just use a 3rd party option like Sabai
    (NOT an endorsement, just an example)

  • @derek-saville keep in mind I'm just speculating, the actual results preformace wise will be different

  • Hi @edward-dolezal - indeed, I am just speculating as well

    I also assume some similarities between AmpliFi and the Ubiquiti EdgeRouter line
    The best that I can determine EdgeRouter does not have any offloading for OpenVPN (processor does not support accelerated encryption instructions)

    But EdgeRouter does have offloading for L2TP - IPSec, which I assume Teleport is using as well

    For EdgeRouter there was past discussion about L2TP connections using a user space implementation and not using kernel mode L2TP, which "could improve performance up to 4-5 times" (on EdgeRouter)
    This matches somewhat the discussion about Teleport performance potentially improving 3x with a kernel mode VPN change

    As best as I can tell, kernel mode L2TP has not been implemented in EdgeOS
    And I doubt Teleport will get kernel mode VPN before EdgeOS

    For me the most interesting part is that Ubiquiti seems very NOT interested in implementing a simple VPN client for EdgeRouter
    But that is exactly what Teleport is for AmpliFi
    Why there isn't a Ubiquiti EdgeMAX version of Teleport is still a mystery to me...

