Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfSense as an IPSec / L2TP client

    IPsec
    2
    3
    1630
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jevs last edited by

      Hi,

      I tried using OpenVPN, but since it's single-threaded, it maxes out single-core performance of my Athlon 5350, and bottlenecks me at ~300 Mbps (and ~200 Mbps when I enable AES-NI, which seems to be in line with this thread), which isn't acceptable, as it's not saturating my 420 Mbps line.

      Decided to try IPSec / L2TP instead (in hope that it would utilize the remaining cores better), but… have no clue how to do it. webConfigurator only allows me to setup a server, not configure a client. All I want to do is just to connect to a VPN proxy (i.e. PIA), no complicated site-to-site tunneling, or anything of that sort.

      Any help / hints would be greatly appreciated, including possible tweaks to OpenVPN. What I have right now: AES-128-CBC, AES-NI disabled (though it would be great, if hardware acceleration would accelerate things), fragment 0, mssfix 0, tun-mtu 48000, comp-lzo.

      1 Reply Last reply Reply Quote 0
      • G
        gertty last edited by

        Did you ever get this working? I want to do the same thing, log into a L2TP/IPSEC server from pfSense and route some traffic over that tunnel instead of the regular WAN interface.

        1 Reply Last reply Reply Quote 0
        • J
          jevs last edited by

          No, unfortunately. Bought an ERLite-3 instead, lived with ~250 Mbps for a bit, and then decided that VPN is not worth all this trouble.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post