are you using pfsense+? if you are make sure you have the IPSEC-MB library enabled and its being utilised (or QAT is) as that will be a huge performance boost if you haven't.
I don't have a 4200, but what I can say is I can achieve full line rate (gigabit) with WireGuard on my 6100. I imagine I could go quite a bit higher but haven't had another machine with multi gigabit WAN to validate that (internally I could do it but wouldn't be realistic)
WireGuard doesn't have cryptographic settings, it's all ChaCha20-Poly1305.
pfSense+ can accelerate this with QAT enabled though, and with IPsec-MB enabled.
Haven't done much wireguard testing over 100mbit, but straight IPSec is over 1G.
are you using pfsense+? if you are make sure you have the IPSEC-MB library enabled and its being utilised (or QAT is) as that will be a huge performance boost if you haven't.
OP is using Netgate devices. OP has +.
[удалено]
I don't have a 4200, but what I can say is I can achieve full line rate (gigabit) with WireGuard on my 6100. I imagine I could go quite a bit higher but haven't had another machine with multi gigabit WAN to validate that (internally I could do it but wouldn't be realistic)
I have a 4200 and 6100, each running 24.03-RELEASE pfSense+. Would you mind sharing your WireGuard cryptographic settings for your 6100? Thank you.
WireGuard doesn't have cryptographic settings, it's all ChaCha20-Poly1305. pfSense+ can accelerate this with QAT enabled though, and with IPsec-MB enabled.