My modem/router has a firewall and is active. My software firewall is active when I connect to the darknet. Is this considered overkill? I remember a while ago I had issues connecting to the darknet with my software firewall remaining active. But the problem rectified itself, along with a response from CS_Ops saying that all VPN testing on server side is performed with no software firewall activated (Local Windows Firewalling
Which would be better to disable? (if required/needed at all). I've managed to hit 1MB/s in recent days out of a maximum downstream of 1.8MB/s.
We've split this out to a separate thread, as it's a good issue and one that comes up quite a bit in conversations with network members.
Because client-side firewalling is so varied, it is very difficult to make accurate general comments regarding what is "correct" or not. Further, the many different types and configurations of local firewalls can - and not uncommonly do - block connections to cryptostorm, or cause serious performance lags once connected.
However, it is not our intent to make blanket "recommendations" such as turning off all client-side firewalling while connected to cryptostorm. Some of our tech team members advocate strongly for this position, and are encouraging us to implement baseline controls network-wide that obviate most of the need for client-side firewalling during cryptostorm sessions. Others on the team are equally adamant that cryptostorm isn't a substitute for local firewalling layers, and shouldn't be presented as such.
In summary, it's very much of an open question - and could benefit from member/community feedback and discussion!