4. PfSense as an IPSec / L2TP client

PfSense as an IPSec / L2TP client

  • J

    Hi,

    I tried using OpenVPN, but since it's single-threaded, it maxes out single-core performance of my Athlon 5350, and bottlenecks me at ~300 Mbps (and ~200 Mbps when I enable AES-NI, which seems to be in line with this thread), which isn't acceptable, as it's not saturating my 420 Mbps line.

    Decided to try IPSec / L2TP instead (in hope that it would utilize the remaining cores better), but… have no clue how to do it. webConfigurator only allows me to setup a server, not configure a client. All I want to do is just to connect to a VPN proxy (i.e. PIA), no complicated site-to-site tunneling, or anything of that sort.

    Any help / hints would be greatly appreciated, including possible tweaks to OpenVPN. What I have right now: AES-128-CBC, AES-NI disabled (though it would be great, if hardware acceleration would accelerate things), fragment 0, mssfix 0, tun-mtu 48000, comp-lzo.

    0
  • G

    Did you ever get this working? I want to do the same thing, log into a L2TP/IPSEC server from pfSense and route some traffic over that tunnel instead of the regular WAN interface.

    0
  • J

    No, unfortunately. Bought an ERLite-3 instead, lived with ~250 Mbps for a bit, and then decided that VPN is not worth all this trouble.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy