If the CPU has AES-NI or AMD’s equivalent, and the VPN is encrypted with AES, then at those speeds, almost any CPU will do. Also worth noting if you connect via OpenVPN, the process is single threaded (don’t know about IPsec or the upcoming implementation of Wireguard), so dual core will do just fine. I have an intel J3455, pushing 200Mbit up and down simultaneously and it barely breaks a sweat. What will eat up your CPU cycles is packet inspection for instance.
Ditto. I got the ASRock J3455M. If you can’t find this one (or the ITX version), look for the similar J3710M / ITX, J4005M / ITX, J4105M / ITX, J5005-ITX or J5040-ITX (some of them have ddr3, some ddr4, some have DIMMs, some have SO-DIMMs).
Alternatively, if you want something small and good looking, while not minding paying the premium, look for MintBox 2 or MintBox Mini 2 (with 2 Ethernet ports).
How much money you have to spend?
I bought a protectli and installed pfsense as a virtual machine and passed thru the ethernet ports into it (using proxmox). This gives you the extra room for some containers, backups, flexibility to try out different firewall solutions aside from pfsense, perhaps Plex media server etc
I went with vault 6 port and I couldn’t be happier.
Passively cooled, has serial console by default.
So I was actually just looking at buying the;
Celeron G5900 and ASRock H410M-HVS,
Can pick those up for about £100 and I have a case and RAM available here.
As for things like Plex, I have an UnRaid server that houses that for me.
I should point out that I’m UK based, some of the systems mentioned above don’t seem that easily available or not much cheaper than buying the new hardware I mentioned above.
Though don’t mistake that for not being grateful for the response!
anything with a xeon class processor will work. now why would i say that.
you can get a used xeon work station for under $100.00 on ebay if you watch carefully. needs to be a min of 2.0G speed. 2 core 4 core will work fine the real speed killer is make sure you are using a PCI Express NIC stay away from the PCI buss it can only handle around 100M bandwith. The only issues i have ran into is with a DELL workstation that was not PCIE backwards compatiable with the 1.0 standard. Good luck with your project.
CPUs cores (1.5GHz Goldmont) are too slow for Gigabit OpenVPN despite AES-NI; you only get around 350Mbps bidirectional.
If you don’t care about pfsense, and would be happier with Linux and a smaller passively cooled setup, odroid n2+ is good (get a second usb-3 gigabit nic) and friendlyarm r4s (has 2 nics) are good choices.
Both are relatively modern high clocked arm cpus. 500Mbps+ on wireguard should be easy peasy for either. (They have hardware crypto if you want L2TP/IPsec for more speed)