• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

IPSEC AES256 performance


New Member

Thanks: 1
Messages: 16

I Have lanner 8759 which has xeon e3-1275 processor. Running opnsense (based on freebsd 10.3). i have connected 2 such firewalls back to back Network topology is attached. VPN config at both ends is as follows:
Mode: Main
P1 protocol: AES256 and SHA1
P2 protocol: ESPand SHA1.
Tunnel is established between and I can verify that the tunnels are up using tcpdump.
Iperf server is hosted on, client from Both PCs running windows.
I am getting throughput of about 420 Mbps. I was wondering if this is good on a xeon e3-1275 processor?
Also it supports aes ni, does that get enabled by default or has to be enabled via bios?
Lastly are there any tunables that i can play around with to increase performance since my cpu utilization hardly gets upto 15%?



Staff member

Thanks: 5,898
Best answers: 7
Messages: 26,528