Wednesday 21 June 2023

pfSense: Boosting OpenVPN / IPSec VPN Performance with AES-IN

OpenVPN, a widely used VPN protocol, plays a crucial role in securing network communications. However, cryptographic operations performed by OpenVPN can impose a significant burden on the CPU, potentially impacting overall performance. Luckily, pfSense, a versatile open-source firewall and routing platform, supports AES-IN, a hardware-accelerated encryption feature that can significantly improve performance when using the AES cipher.

To enable AES-IN support in pfSense for better OpenVPN performance, follow these steps:

Log in to the pfSense web interface.

Navigate to "System" and select "Advanced."

Click on the "Miscellaneous" tab.

Scroll down to the "Cryptographic & Thermal Hardware" section.

Select "Cryptographic Hardware."

Choose the appropriate setting from the drop-down menu based on your hardware configuration.

Save the changes.

By enabling AES-IN support in pfSense, you can offload the cryptographic workload from the CPU to dedicated hardware, resulting in faster and more efficient performance.

No comments:

Post a Comment