OPNsense Forum
Archive => 19.7 Legacy Series => Topic started by: Bjur on December 13, 2019, 06:29:47 pm
-
Hi I'm considering OpnSense. Have just upgraded my hardware to support AES-NI and want to use OpenVPN with AES-NI hardware acceleration. Will that be supported with OpnSense?
-
OpenVPN runs im userspace, theres no real benefit here. Better use IPsec
-
Thanks is it the same in pfsense. I just want highest possible throughput in VPN
-
The same, just use IPsec or WireGuard
-
AFAIK OpenSSL is compiled with AES-NI support and it is used, if it is there. The only problem is that it is not always usable.
-
What do you mean by not always usable?
Does the tunnel settings be configured in a specific way to make openssl use it?
-
It depends of the mode in which OpenSSL is running. The high level functions can enable hardware acceleration automatically.
Here is some old GitHub ticket:
https://github.com/opnsense/core/issues/3551