Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Untanglit
    Join Date
    May 2020
    Posts
    15

    Default Any Plans for an ISO?

    I would love to test Untangle SD-WAN performance between my office and my servers on Vultr but would need an ISO to get it installed on Vultr. Any plans for an ISO?

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,954

    Default

    No, because that's what NG Firewall is for.

    You use SD-WANs to connect to the NG Firewall in the cloud.

    You're just using the OpenVPN module on a full Untangle instance.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,013

    Default

    SDWAN is based on OpenWRT. There is no ISO installer for OpenWRT, therefore no ISO installer for SDWAN. You can use the x64 img and write it to the disk of your server.
    gedavids likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untanglit
    Join Date
    May 2020
    Posts
    15

    Default

    Quote Originally Posted by sky-knight View Post
    No, because that's what NG Firewall is for.

    You use SD-WANs to connect to the NG Firewall in the cloud.

    You're just using the OpenVPN module on a full Untangle instance.

    Well sure it's going through the NG Cloud Firewall, but I'm curious as to what the performance would look like between hosting the SD-WAN instance on Vultr and a zSeries appliance at an office. An SD-WAN should generally provide less overhead and better performance (obviously there's caveats to that).

    Are you saying that the SD-WAN is just using OpenVPN to connect to the NG Cloud Firewall?

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,013

    Default

    Quote Originally Posted by xinny View Post
    Are you saying that the SD-WAN is just using OpenVPN to connect to the NG Cloud Firewall?
    Untangle SDWAN will connect with any OpenVPN server and simple WAN connection. Version 2.1 will have Wireguard VPN option also.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Untanglit
    Join Date
    May 2020
    Posts
    15

    Default

    Quote Originally Posted by jcoffin View Post
    Untangle SDWAN will connect with any OpenVPN server and simple WAN connection. Version 2.1 will have Wireguard VPN option also.
    Thanks, I'll keep an eye out for v2.1 - I wouldn't be interested in using OpenVPN due to poor throughput but the Wireguard implementation sounds great.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,954

    Default

    Quote Originally Posted by xinny View Post
    Thanks, I'll keep an eye out for v2.1 - I wouldn't be interested in using OpenVPN due to poor throughput but the Wireguard implementation sounds great.
    I'm itching for Wireguard too, though I'm curious about your poor througput concerns.... I find OpenVPN out performs every other VPN I've used. Well, except for Wireguard and the forks thereof.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untanglit
    Join Date
    May 2020
    Posts
    15

    Default

    Quote Originally Posted by sky-knight View Post
    I'm itching for Wireguard too, though I'm curious about your poor througput concerns.... I find OpenVPN out performs every other VPN I've used. Well, except for Wireguard and the forks thereof.
    IPsec, but to be fair I can't recall if I was using AES-GCM when I was testing OpenVPN. I've got Untangle installed on Vultr, if Untangle supports iPerf (can't remember) then I'll run some tests.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,954

    Default

    IPSec is usually run on a TCP carrier... those are always slower than a UDP carrier. OpenVPN is the latter...

    But that doesn't mean much, because ISP traffic shaping and other concerns, there are real world circumstances where IPSec would be quicker. But from a pure protocol perspective, OpenVPN is superior in every measurable way. It just isn't an open standard everyone plays with.

    Wireguard is also UDP driven, but the torrent like behavior of it all changes the game up yet again. Clearly superior technology, and I can't wait for it to be in Untangle.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untanglit
    Join Date
    May 2020
    Posts
    15

    Default

    Quote Originally Posted by sky-knight View Post
    IPSec is usually run on a TCP carrier... those are always slower than a UDP carrier. OpenVPN is the latter...

    But that doesn't mean much, because ISP traffic shaping and other concerns, there are real world circumstances where IPSec would be quicker. But from a pure protocol perspective, OpenVPN is superior in every measurable way. It just isn't an open standard everyone plays with.

    Wireguard is also UDP driven, but the torrent like behavior of it all changes the game up yet again. Clearly superior technology, and I can't wait for it to be in Untangle.
    For shits and giggles I put Untangle on a VM on Vultr in both the Chicago and Seattle DC's with a W2016 Server behind them for testing. I setup OpenVPN and IPSec on both Untangles for testing turning each VPN off when testing the other.

    I tested with iperf3 and a more "real world" test by transferring an ubuntu iso file between the windows servers via shared folder.

    I realized quickly that the iperf test was pointless since it runs TCP by default which crippled openVPN, however I did run it with the UDP switch and got gigabit speeds between the servers which was nice.

    When I transferred the Ubuntu ISO, OpenVPN average around 3MB/s while IPSec averaged around 15MB/s. Since SMB uses TCP that may not be a fair test.
    Jim.Alles likes this.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2