Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-2100 supports AES-NI??

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    6 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Beard
      last edited by

      Hello everyone!!

      I want to improve my security in my home network at home, so I'm thinking to buy a Netgate SG-2100.

      My network is actually tuneling to ExpressVPN with a Linksys 1900ACS on DD-WRT.

      I would like to know if I can replicate in a netgate SG-2100 plus pf sense firewall, 3 VLAN.
      Does anyone knows if Marvell Armada 3720 (88F3720) CPU support AES-NI?

      Thanks

      Beard

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @Beard
        last edited by JKnott

        @beard

        My understanding is that, with an ARM CPU, it doesn't support AES-NI. I recently bought a Qotom Q350G4 4200U with i5 CPU, 4 GB of memory, 32 GB SSD and 4 Ethernet ports. It's apparently a very popular computer for use with pfsense and works well. It supports those instructions.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        B 1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          The SG-2100 has a SafeXcel cryptographic accelerator, which is different than AES-NI, but it does accelerate AES cryptography.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          B 1 Reply Last reply Reply Quote 0
          • B
            Beard @JKnott
            last edited by

            @jknott said in SG-2100 supports AES-NI??:

            Qotom Q350G4 4200U

            Thank you very much @jknott
            I looked at it on amazon, I see its a mini pc, I'm very far
            to be a well trained on this matters. I guess I should install PF sense in it and creating a boot command to work as a router 🤕

            I appreciate your comments

            JKnottJ 1 Reply Last reply Reply Quote 0
            • B
              Beard @jimp
              last edited by

              Thank you @jimp for your comments

              Do you have experience with ExpressVPN tunneling?

              On website they say:
              "If your router does not support AES-NI, you may experience occasional speed issues while using the OpenVPN manual configuration"

              I have read some forum members complaining about losing connectivity after seconds or minutes, I wonder if that could be the reason.

              Sadly, cause I'm live in a not free speech country I need to be tunneling all my traffic

              Thanks again Jim

              1 Reply Last reply Reply Quote 0
              • JKnottJ
                JKnott @Beard
                last edited by

                @beard

                You just download pfsense and install it from a USB stick. You then have pfsense, just as you would with Netgate gear. There's no need for any boot command. Just turn it on and go. When you install from the USB stick, press F11 to cause it to boot from it. Also, you can use the Del key to get into the BIOS, where you may want to change the power restore setting. The choices are off, on and previous state. Since mine is on a UPS, with APCUSD running, I picked on.

                There are different sources for the Qotom. I got mine from AliExpress and it was shipped from Hong Kong. It's also available under other names. It's also cheaper than the SG-3100, but provides better performance.

                PfSense running on Qotom mini PC
                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                UniFi AC-Lite access point

                I haven't lost my mind. It's around here...somewhere...

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.