‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Tuesday, June 11, 2019 1:04 PM, Christian Weisgerber <[email protected]> wrote:
> > childsa enc aes-128-gcm > > Correct. For reference I now changed the childsa encryption cipher to aes-128-gcm and get 93 Mbit/s throughput instead of the 80 Mbit/s I saw with aes-256. Better than nothing but still not quite optimal so I was wondering if anyone had already achieved better IPsec site-to-site bandwidth throughput with a PC Engines APU4 box? I have a very simple site-2-site IPsec connection which basically is just the following config in my iked.conf file: ikev2 active esp from $local_ip to $remote_ip local $local_ip peer $remote_ip childsa enc aes-128-gcm srcid $local_ip dstid $remote_ip ikev2 active esp from $local_network to $remote_network local $local_ip peer $remote_ip childsa enc aes-128-gcm srcid $local_ip dstid $remote_ip Cheers, Mabi
