Slow vpn, idle cpu



  • Hey Everyone,

    Running pfsense 2.4.4 on both sides and was having a slow vpn issue in one direction. (Sending traffic from my older firewall to my newer firewall)

    I'm ready to buy some new hardware to replace this Celeron G1101 because it doesn't support aes-ni but I had one concern. Cpu is sitting at 90% idle in top, I'm assuming I should be seeing more load than that if I'm cpu bound? I'm using aes128 for vpn.

    iperf -c internal.ip.over.vpn

    Client connecting to internal.ip.over.vpn, TCP port 5001
    TCP window size: 85.0 KByte (default)

    [ 3] local 10.10.1.100 port 46840 connected with internal.ip.over.vpn port 5001
    [ ID] Interval Transfer Bandwidth
    [ 3] 0.0-10.1 sec 9.88 MBytes 8.23 Mbits/sec

    iperf -c external.ip.over.nat

    Client connecting to external.ip.over.nat, TCP port 5001
    TCP window size: 85.0 KByte (default)

    [ 3] local 10.10.1.100 port 54158 connected with external.ip.over.nat port 5001
    [ ID] Interval Transfer Bandwidth
    [ 3] 0.0-10.1 sec 64.9 MBytes 54.1 Mbits/sec

    Best,
    Steven