OPNsense Forum
English Forums => General Discussion => Topic started by: dgiorgio on July 25, 2020, 06:00:16 pm
-
I have an opnsense firewall to isolate a network.
To connect on the isolate network, I connect to openvpn 'opnsense'.
PC <> switch1 <> opnsense <> switch2 <> server
Opnsense have 2 interfaces,
interface1: to connect on switch1
interface2: to connect on switch2
I did the speed test with iperf, on 'PC' to 'opnsense' (interface1), and 'server' to 'opnsense' (interface2), and the gigabit network works.
For the PC connect on interface2, I need to use openvpn.
But, the iperf test between 'PC' (with openvpn) and 'opnsense' (interface2), or 'PC' to 'server', connection speed work with 100mbps.
My entire network is gigabit.
-
You have a resource restriction on the firewall that limits the VPN throughput. The OpenVPN connection is not itself an 802.3u interface.
Run a real-life test that stresses the VPN and check which firewall resources are maxed out. Your most obvious candidate is CPU, but only testing will confirm that. If the maximum VPN speed is too low for your needs, increase the resource that limits it.
Bart...
-
What CPU, Board etc...
Maybe try to use Wireguard, its much faster than OpenVPN
-
I have this hardware
https://pt.aliexpress.com/item/32813348470.html?spm=a2g0s.9042311.0.0.581bb90a17te5z
CPU: Intel(R) Celeron(R) CPU J1900 @ 1.99GHz (4 cores)
-
I am having the same CPU on some devices.
OpenVPN with gigabit and the J1900 is impossible, not enough GHz per Core (OpenVPN is single core).
Try wireguard.
I had 10Mbits with OpenVPN and 450 with wireguard on that CPU