Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense on proxmox - slow openvpn

    Scheduled Pinned Locked Moved Virtualization
    4 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tomahhunt
      last edited by

      I know this question has been asked before in various forms.
      But I have read lot's of threads and not managed to fix my issue yet.

      I am running proxmox with pfsense. Both up to date.
      My cpu is a Ryzen 5 3400G
      I have a 2 port intel NIC dedicated for pfsense.
      It quite happily routes my 350/35 internet no problem.

      I added an openvpn server and after connecting from a remote client and running iperf at most I get 30mbit. (out of the 350 available) Threads seem to imply 300 is possible. But I should at least get more like 100.

      Things I have changed:

      • Disabled Hardware Checksum offload (Already had this)
      • Change cpu setting to "host" in proxmox (Which allowed the next 2 steps)
      • Enabled aes in the main settings
      • Enabled crypto on the vpn server
      • net.inet.ip.fastforwarding=1
      • Different encryption algorithms. AES-128-GCM, AES-256-CBC, AES-256-GCM

      All with the same exact result.

      Any ideas on next steps I can try.
      It feels like I have done all the reccomended steps.

      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by

        what do you have on the other side of the tunnel? the same line/speed?
        you probably have 30mbit out of the 35 not out of 350

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        1 Reply Last reply Reply Quote 0
        • T
          tomahhunt
          last edited by

          My home connection is 350Mbps down 35Mbps up.
          Home is the pfsense and vpn server.
          Home is the iperf server.

          My vps is on linode and should not be the limiting factor. fast.com test shows 300Mbps/420Mbps.

          I am connecting from my vps to home using openvpn and running iperf in client mode.

          So the iperf data is upload from my vps (limit 420Mbps). Download from my home (limit 350Mbps)

          So I think I should have 350Mbps available for this iperf test.

          Unless I have missed something.

          1 Reply Last reply Reply Quote 0
          • X
            x86txt
            last edited by x86txt

            I am having the same issue.

            A iperf to the WAN side of the pfSense VM over the internet shows 900Mbps. When I try and punch it through OpenVPN site-to-site using the same config as you, 80Mbps. Both sides are 3.5GHz+ Xeon/Ryzen CPUs, but CPU usage on pfSense on both sides is 5%.

            An iperf from the WAN -> LAN interface (on a different KVM bridge) also shows 800Mbps+.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.