"
Hi everyone,
I am running OPNsense on x86_64 hardware (i5, 8GB RAM). When OpenVPN site-to-site and IDS/IPS (Suricata inline) are enabled at the same time, the network performance drops quite significantly:
VPN throughput drops about 20–30% compared to when IDS/IPS is disabled.
CPU load increases sharply during peak hours.
I have tried:
Enable AES-NI and hardware offloading.
Reduce Suricata rule set.
But the situation has not improved much.
Question:
Is there any way to optimize the configuration to reduce the impact between VPN and IDS/IPS?
Does upgrading hardware (CPU/RAM) really solve this problem?
Looking forward to receiving comments from those with experience.
Thanks!
I am running OPNsense on x86_64 hardware (i5, 8GB RAM). When OpenVPN site-to-site and IDS/IPS (Suricata inline) are enabled at the same time, the network performance drops quite significantly:
VPN throughput drops about 20–30% compared to when IDS/IPS is disabled.
CPU load increases sharply during peak hours.
I have tried:
Enable AES-NI and hardware offloading.
Reduce Suricata rule set.
But the situation has not improved much.
Question:
Is there any way to optimize the configuration to reduce the impact between VPN and IDS/IPS?
Does upgrading hardware (CPU/RAM) really solve this problem?
Looking forward to receiving comments from those with experience.
Thanks!
