Hi people, Im new to the forum, not sure if I actually posted this in the right subforum, forgive me if its not.
Anyway, right now Im a student trying to get OpenVPN to work with AES-NI on a Windows Server 2008 platform as a project. I know it requires patches but Im not sure as to where to obtain them, think I am googling the wrong keywords out but can't seem to get them right. Please help! Thanks so much in advance!
P.S. Anyone know if I can get OpenVPN to run with IPSec with them reading off two different NICs on a single machine?
AES-NI Support for OpenVPN Windows Server 2008?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 2
- Joined: Mon May 23, 2011 2:05 am
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: AES-NI Support for OpenVPN Windows Server 2008?
I have not seen any OpenSSL patches for AESNI support on windows thus far; this is what is required to get OpenVPN to support AES-NI as well.
Google for 'openssl windows aes-ni' to see if you can a kind soul who has rebuilt OpenSSL on windows using the patch.
Yes it is possible to run openvpn and ipsec side-by-side, but they will never talk to each other, of course.
Google for 'openssl windows aes-ni' to see if you can a kind soul who has rebuilt OpenSSL on windows using the patch.
Yes it is possible to run openvpn and ipsec side-by-side, but they will never talk to each other, of course.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Mon May 23, 2011 2:05 am
Re: AES-NI Support for OpenVPN Windows Server 2008?
Thanks so much for the speedy reply! I understand the windows problem, will look into it. The current AES-NI OpenSSL patch only affects linux? Also, I'm very new to VPN, so I don't understand all the jargon featured in the patch logs. Can anyone very roughly describe how the patch allows OpenSSL to run AES-NI? Thanks!
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: AES-NI Support for OpenVPN Windows Server 2008?
Intel published an OpenSSL patch to support AES-NI on linux, and they published a patch to support it on Windows using the CryptoServices; I have yet to see if the OpenSSL patch also works when compiling OpenSSL on Windows.
If OpenSSL supports AES-NI (you can find out using 'openssl speed -evp aes-256-cbc') then you can make use of this patch in OpenVPN using
I can confirm that this work on Linux.
If OpenSSL supports AES-NI (you can find out using 'openssl speed -evp aes-256-cbc') then you can make use of this patch in OpenVPN using
Code: Select all
engine aesni