Why blame VM and forget it instead of trying to fix it? It clearly bothers you because you keep posting about it, yet you never take on any offers to help you address it. That's the part I don't get.
I've shared my methods several times on here in various threads, including one on building your own router and setting it up with Linux, WireGuard and policy based routing. You only have to ask. Appropriate setup is mostly:
- a fast CPU (high frequency single core for openvpn, many cores for WireGuard).
- Linux and WireGuard, or a high end setup with tweaked OpenVPN with large MTU/Tunnel MSS to run the actual VPN (whether on router or per device).
- No system bottlenecks (slow drives, high latency RAM or buses, low bus speeds, too little PCIe bandwidth, using PCI instead of PCIe NICs, using a non-Intel NIC etc).
On Windows about the only really high performing VPN protocol is IKEv2 but that's 'because Windows' not due to the VM or the VPN protocol directly. Windows has no kernel space acceleration available for most VPN protocols (including OpenVPN) and hence suffers poor speeds directly proportional to the hardware's ability to process in software - usually not in real time and certainly not at wire speed.
To make any real progress you need a decent Linux setup, a dedicated Intel NIC (Realtek and Killer are pretty crippled in comparison), the SH3 needs to be in modem mode and ideally you either implement a proper x86 Linux or BSD based router, or at least a decent ASIC/MIPS based one (depending on where you're hosting the VPN).
The VM connection is capable, you just need beefy hardware and software to take advantage of it. At half a gigabit plus you can't just plug in any old crap and expect it to work flawlessly, especially when dealing with something as complex as wirespeed on-the-fly encryption and decryption. Certainly there's nothing off the shelf that can or will do it. You're into x86 and enterprise/datacentre level networking. If you only want per-device VPN rather than a capable router then obviously speeds are dependent on that device, but it's easily possible to saturate 500Mbps on most modern x86 hardware as long as you're careful (i.e. only IKEv2 for Windows, using WireGuard in preference to OpenVPN, not relying on a mobo integrated NIC etc).
As I said if you wanted to have a go at fixing it, there are people who would happily help you back in your dedicated thread. If you want to troubleshoot and get your speeds back closer to where they should be, post up your hardware specs and network topology and equipment (NIC, drivers, OS, cabling, switch, router etc) in the other thread and we'll have a look at it for you.
ETA: My own setup as I've discussed before, is:
SFF Dell Optiplex 7010 (Core i7 3770, 8GB DDR3, SSD) with an Intel server quad port NIC (Intel Pro 1000PT). The four ports are in a PCIe x4 slot (it's a x4 card) and run WAN, LAN1 and LAN2 (DMZ/clearnet/servers). All cat5e to a Netgear ProSafe capless switch running cat5e to individual clients. I have a PoE switch for the LAN2/server net which has a Unifi UAP AC Pro feeding untrusted wifi clients on a separate VLAN. The router runs WireGuard and routes all LAN1 traffic through that VPN, while LAN2 gets passed directly through VM. Full speed on all devices, as the VPN/router is only running a barebones CLI install of Arch and Wireguard (with dnscrypt-proxy, dhcpd4 and shorewall). It uses 80MB RAM at idle and average load is 0.01 to 0.1. It uses 15 to 20% CPU under full load (530Mbps over WireGuard VPN), with HT disabled thanks to yet more Intel vulnerabilities.