R7000, Advanced Tomato, PIA - is it worth doing or not?

7 posts / 0 new
Last post
mcampos68's picture
R7000, Advanced Tomato, PIA - is it worth doing or not?

I really want to flash my router with open source firmware. I subscribe to PIA VPN and I'm happy with it for the most part but like the idea of just setting it up on the router and being done for all devices. The need for VPN functionality is the only reason I have for considering the move, otherwise I have no issue with stock firmware.

After much reading it sounds like Advanced Tomato would be the best choice based on stability, performance, and functionality to meet my particular needs.

I'm concerned because I can't go far without finding many conflicting statements. SO many horror stories about bricked routers, yet some say it went smooth as silk. Some say the R7000 chokes running a VPN yet others say it's a great router for that purpose.

I subscribe to 100/10 and almost always will get 110-115 down and 12-14 up on Ookla speed tests. And that's on wifi.

So how much of a speed drop off will I really see (and what are the key options to set to maximize my speed)? If it's > 25% drop-off it doesn't seem worth it to me.

And is the procedure that risky if I meticulously follow directions?

Appreciate any input. Thanks all.

Peter Redmer
Peter Redmer's picture
These are some really good

These are some really good questions. I hope I can address some of them!

First of all, flashing open source firmware always carries an inherent risk, even if you follow all the steps flawlessly. This can occasionally end up in a "bricked" router that you will have to recover via TFTP or serial cable, so it's a good idea to be prepped ahead of time with these tools if you're planning on experimenting.

However, in my experience firmware flashes have gone very smoothly. Every time I've bricked a router, it's been because I did something wrong, e.g. flashed incorrect version, missed a step somewhere, didn't let flash complete, etc.

So in practice, I haven't encountered many failed flashes or issues, and this is over many years on many different NETGEAR routers and firmwares :) But, it's important to be aware of the risk regardless, it's par for the course when you're tinkering with open source FW!

On the OpenVPN part of the discussion, the R7000 should perform pretty well with PIA or most other clients, but you will see a drop in speeds for sure. This depends quite a bit on the speed of the service you are using and the server selected. The R7000 is a pretty powerful router, but you will generally see improved performance the faster the router is.

In some cases, like the R9000, there is support for HW encryption in some firmwares which can improve OpenVPN performance further.


mcampos68's picture
Thank you for taking the time

Thank you for taking the time to comment. I guess I won't know until I try. I assume the procedures for going back to stick firmware are pretty straightforward?

ed1chandler's picture
What a coincidence, I JUST

What a coincidence, I JUST did this myself ... actually I'm still kind of working on it ... and I'm no expert.

Flashing my R7000 with advanced tomato was easy ... it just worked.  Getting the OpenVPN client to connect to PIA was a different story.  You'll find all kinds of articles online about how to do it but in the end I had to combine a little of this and a little of that before it would even connect.  At this point, I'm just trying to tune and I'm sure that's where my lack of knowledge really shines.  :-)

I routinely get 250mbps *without* the VPN.  With it turned on ... 1.5 ... maybe 2 mbps.  So I'm pretty sure it's just a crappy setting somewhere that I haven't figured out yet.  I'd love to hear from any other R7000/PIA users on how they have theirs configured.


stolea's picture
I use PIA VPN and have done

I use PIA VPN and have done all the recommended tuning. According to the gurus at PIA, the max speed you can expect from a router-based VPN is around 30Mb. In my experience, the reality is closer to 28Mb on a good day and around 20 on a bad day. That is on the Melbourne?Australia server. The Sydney server is sometimes a fraction faster because it has more servers.



stolea's picture


Here is a link to the PIA settings for the standard DD-Wrt open-vpn setup. There are also listings for settings for Tomatoe and PFsense


ShiningWolf's picture
R7000, DD-WRT and PIA

R7000, DD-WRT and PIA

Hi, I have an R7000 with DD-WRT and use PIA, and my experience is right along with stolea: about 25 Mbps when Open-VPN is connected and (from TW Cable) about ~250 Mbps when it is not connected.  I used PIA's setup instructions to get it working and had no issues.  When I use the desktop app from PIA and turn off the VPN on the R7000, connection speeds are significantly higher, so I'm convinced the bottle-neck is the R7000.  Looking to upgrade and get more throughput on the router; anyone have any suggestions?