With the release of pfSense 2.4, OpenVPN 2.4.3 has been incorporated into pfSense. As a result, OpenVPN can use AES-NI acceleration for AES-GCM tunnels. AES-NI is a form of hardware acceleration designed to speed up encryption and decryption in routines implementing Advanced Encryption Standard (AES). Utilizing AES-GCM encryption on a CPU supporting AES-NI should improve throughput on OpenVPN tunnels in pfSense by 30 to 50%.
With the release of pfSense 2.5, you will have an additional incentive to ensure that the CPU on which you are running is AES-NI-compatible, as version 2.5 will only run on CPUs that support AES-NI encryption or another hardware crypto offload. While this will prevent running pfSense 2.5 and up on some lower-end ...