Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What hardware should I use for a VPN connection?

    Hardware
    3
    7
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      M0rph2020
      last edited by

      I was wanting to build a pfsense box that would be used with a openvpn connection. My VPN uses 2048 bit RSA keys size, AES-256-CBC Data Channel. I want to be able to get a throughput of atleast 50+ Mbs. I user in other forums suggested something like this Supermicro: 5018A-FTN4 (NOTE: Access panel on front for network appliances. 1U Rackmount only needs Hard Drive and Memory, 2400Mhz 8 Core, Intel i354 Quad GbE, Intel QuickAssist. I really dont want a rackmount and would prefer a mini-itx or micro-itx case just something that will not take up much space but will be able to everything I need for a VPN connection. Any thoughts would be appreciated. Thanks

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        That will certainly do it but it's brand new in FreeBSD terms so some things may not be fully supported yet. You don't need a box that powerful to pass 50Mbps. A much older Atom will do ~50Mbps at AES-256. See: https://forum.pfsense.org/index.php?topic=27780.0
        That is IPSec which is generally slightly faster.

        Are you using this box for anything besides the VPN termination?

        Steve

        1 Reply Last reply Reply Quote 0
        • J
          jasonlitka
          last edited by

          I've got that board at home, though mine is in a M350 case.  The USB 3.0 ports don't work yet but the NICs are fine under 2.1.1.  It is capable of WAY more than 50Mbit/s of OpenVPN.

          I can break anything.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            I see that Netgate have some throughput figures up for that now:
            http://store.netgate.com/Firewall/C2758.aspx

            Steve

            1 Reply Last reply Reply Quote 0
            • J
              jasonlitka
              last edited by

              @stephenw10:

              I see that Netgate have some throughput figures up for that now:
              http://store.netgate.com/Firewall/C2758.aspx

              Steve

              I may have to question their methodology on this one.  I'm seeing much better numbers over an OpenVPN BF-CBC tunnel.  Based on my CPU usage at 85Mbit/s, I'm guessing that it caps out between 400 and 500 Mbit/s.

              I can break anything.

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                Interesting. CPU usage across 8 cores may be somewhat non-linear perhaps, harder to extrapolate.
                They do have that data labelled as 'preliminary' so perhaps so test refinements are still to come.

                Steve

                1 Reply Last reply Reply Quote 0
                • J
                  jasonlitka
                  last edited by

                  @stephenw10:

                  Interesting. CPU usage across 8 cores may be somewhat non-linear perhaps, harder to extrapolate.
                  They do have that data labelled as 'preliminary' so perhaps so test refinements are still to come.

                  Steve

                  I was talking per core.

                  I can break anything.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.