New IPSec Option

belerofon · May 03, 2025, 10:47:13 AM

Hi all

is anyone happy with the new IPSec section?

For me the old one looks a bit more complicated but have a lot of more option.
- One Feature that I really miss, ist the use of a "Remote Certificate Authority". I generated an own CA with a CRL and OCSP. In the new option I can't use it.
- Next it is very heavy to set the routing correctly. In the old config I have the option to set a route-based vpn, that makes it very easy. No need to setup manually an VTI.

Any one have other feelings?

verfluchten · May 04, 2025, 12:24:43 AM

I am more curious about the reasons for AES/NI option drop from hw acceleration.

New IPSec Option

belerofon

May 03, 2025, 10:47:13 AM

verfluchten

May 04, 2025, 12:24:43 AM #1