Jump to content
TorGuard
terragady

TG default best settings?

Rate this topic

Recommended Posts

terragady

Hi, as the tutorial is quite old and not adequate to new veriosn of TG. What are the best settings for TG client app for windows? Speed/privacy profile?

 

Now I am using OpenVPN, UDP, AES128/SHA1

 

settings:

 

General: auto start on boot, auto connect, auto login, arm killswitches, check tun/tap = all checked

AppKill: utorrent

Network: Prevent WebRTC, Preven IPv6 Leak, Seamless Reconnect = checked

block outside DNS = unchecked

Server IP lookup = use direct IP

OpenDNS in all 3 cases

autorecover

 

Is it all good or you would change something? I am not sure about IP lookup and "block outside DNS" and also about DNS servers I am using, they seems good but maybe there are some better ones?

Share this post


Link to post
Share on other sites
Support

Hi, as the tutorial is quite old and not adequate to new veriosn of TG. What are the best settings for TG client app for windows? Speed/privacy profile?

 

Now I am using OpenVPN, UDP, AES128/SHA1

 

settings:

 

General: auto start on boot, auto connect, auto login, arm killswitches, check tun/tap = all checked

AppKill: utorrent

Network: Prevent WebRTC, Preven IPv6 Leak, Seamless Reconnect = checked

block outside DNS = unchecked

Server IP lookup = use direct IP

OpenDNS in all 3 cases

autorecover

 

Is it all good or you would change something? I am not sure about IP lookup and "block outside DNS" and also about DNS servers I am using, they seems good but maybe there are some better ones?

 

Hello,

 

If you are using the latest TG Client v0.3.71 released on the 3rd  i would suggest going to more settings >> network >> enable OpenVPN 2.4, this will enable you to choose GCM based ciphers which are faster than CBC based ciphers. I would also suggest set your DNS to the below settings if possible since you have Direct IP checked:

 

None

None

VPN DNS

 

It's always best to use our internal endpoint DNS when possible - sometimes when you change your DNS its also a good idea to flush your DNS cache to prevent any issues.

 

Ideally, its best to have block outside DNS checked, did you have issues when enabling this option?

 

Regards

  • Thanks 1

Share this post


Link to post
Share on other sites
terragady

yes I am using always the newest version. I am using now OpenVPN2.4 and I selected now GCM ciphers. What port is the best for SHA? 443 SHA1 is ok?

 

I am not really sure wat Direct IP is and what do so it is just checked, should I change it? What is the best setting together with DNS settings? (is VPN DNS fast as OpenDNS and google?)

 

I did check block outside DNS now as you recommend.

Share this post


Link to post
Share on other sites
Support

yes I am using always the newest version. I am using now OpenVPN2.4 and I selected now GCM ciphers. What port is the best for SHA? 443 SHA1 is ok?

 

I am not really sure wat Direct IP is and what do so it is just checked, should I change it? What is the best setting together with DNS settings? (is VPN DNS fast as OpenDNS and google?)

 

I did check block outside DNS now as you recommend.

 

As we use TLS Auth using SHA1 via openvpn is fine - port 443 is a good port to use.

 

Direct IP bypass DNS lookups on our hostnames, this helps if our hostnames are DNS blocked in the network you are connecting through.

 

Our VPN DNS should be faster but i would test those for yourself.

 

Regards

  • Like 1
  • Thanks 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...