[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Using C3 accelerated AES

  • Subject: [Openvpn-users] Using C3 accelerated AES
  • From: Eugen Leitl <eugen@xxxxxxxxx>
  • Date: Mon, 24 Jan 2005 16:30:52 +0100

I've succeeded creating OpenVPN tunnels between two XP and one XP and one
x86_64 FC3 machine each, all using static keys. Kudos, what a nice piece of
software! IPsec is a real pain in comparison.

I now would like to try using a C3s accelerated AES to create multiple VPNs to
one C3 machine; eventually making it act as a router (creating several
isolated networks for potentially hundreds of machines, mostly Windows but
also OS X and other *nix boxes).

On a Debian system (3.1) I presume I have to check out and build OpenSSL with
C3 support, right? Do I have to specify anything when building OpenVPN from
source? Assuming I want to specify 256-bit AES as the default cypher, how do
I do that in the config file, or supply which compile options?

Finally, will the lack of SHA-1 hardware support in current crop of C3s become a
bottleneck in above configuration? 

Oh, a final one: is IPv6 support planned/in the works?


Eugen* Leitl <a href="http://leitl.org";>leitl</a>
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net

Attachment: pgpX9kbj6oqod.pgp
Description: PGP signature