openVPN not able to use hardware crypto.



  • Hi

    The pfSense dashboard shows the following :

    AES-NI CPU Crypto: Yes (active)

    Yet when I look at my openVPN configuration the option to enable Hardware encryption says ' No Hardware Crypto Available'

    Why ? I thought AES-NI was needed for the crypto to work ?

    Thanks



  • OpenVPN uses AES-Ni automatically if it is available. There is no setting necessary in the OpenVPN config.



  • Hi

    In pfSense in my openVPN client configuration there is an option for 'Hardware Crypto' which says no hardware crypto available.

    Should it show that if it's using it automatically?
    Thanks



  • No, that is correct.
    AES-NI is not available here in the droptown, but it is used anyway.

    In pfSense 2.3 it was still available there, however the recommended selection for AES-NI capable CPUs was to select "No hardware crypto". But it has to be enabled in the System > Advanced options.