pfsense as OpenVPN server, why slow speed?
-
Hi
Tried with iperf3 now.
Without VPN it measures 800Mbit
With VPN I get only 25 to 35 Mbit -
You said 300/300 in the OP now you're saying 800? Which is it? Makes people think you're not testing what you think you're testing.
-
iperf tests was done local, not over the internet.
800/800 is directly between pc's used for test (LAN), this verifies that the pc's are good.
When I put the pfsense between the two PC's, I get poor results -
Update:
Upgraded to v 2.4.3 and added UDP Fast I/O and Send/Rec buffer 2mb. Now I get 37mbps (iperf), some improvement, but I think it should be possible to improve more? -
What is your CPU doing while you're testing.
top -aSHwhile it is running should give you some insight.What is the testing configuration now?
-
Not able to test right now with the command you suggest, when I monitored cpu usage in pfsense web interface, it was showing 4-5% openvpn and almost 95% idle.
Test configuration is two computers with iperf
Software.
One computer connected to LAN side og pfsense and the other to WAN. Using UDP OpenVPN to tunnel with AES128-CBC snd Sha1. -
OK so you have no idea if you are testing the firewall's OpenVPN capabilities or the client's in that scenario.
-
@skippern12 said in pfsense as OpenVPN server, why slow speed?:
hardware
It could of course be a client problem, but I have tested with different laptops so I thing the problem is on the server side.
-
Just configured L2TP/IPSEC and did a test from a Laptop with Windows 10 using Windows 10 built in VPN Client software.
Test was done with laptop connected to Wifi and I got around 70mbps with Iperf over the VPN tunnel.
Pfsense CPU load was around 6% during test.This is twice as fast as OpenVPN and even not a proper test since it was done over wifi.
Can't understand why OpenVPN is so slow...
-
@skippern12 still slow on latest version to date... using openvnp connect on Android 12... and on server UDP with 128 data encryption (minimun).. I can't exchange big files (above 500 KB), I get timeout
