VPN on Toradex Computer on Modules
A Virtual Private Network (VPN) is a means to allow you to connect to resources on the internet without making them publicly accessible.
In the context of embedded systems, it is often used for remote access: either for a command-line session, a remote GUI session, or to access a service running on the board.
Often, embedded hardware has dedicated cryptography accelerator units, such as the Cryptographic Accelerator and Assurance Module (CAAM) for some of the NXP i.MX series. On newer CPUs, the overhead of small workloads may cause the acceleration to have worse performance than using the CPU directly.
Also, hardware acceleration depends on the cryptographic algorithm being used by the VPN application. If it does not use one that is supported by the hardware unit, obviously there will be no acceleration.
It is not a guarantee that a VPN solution will use embedded hardware acceleration for cryptography, though it is possible that those solutions use the Linux kernel Crypto API, which will increase the likelihood of hardware acceleration.
You may be interested in either Torizon or one of our Reference Images for Yocto Project. Check the respective subsection below:
- How to Use VPN on TorizonCore: we enable and support WireGuard by default.
- OpenVPN + Weston's VNC/RDP on TorizonCore: as an alternative to WireGuard, you can use OpenVPN, which we don't officially support but we provide instructions on how to use it.
BSP Layers and Reference Images for Yocto Project
- OpenVPN: how to enable OpenVPN with the Yocto Project/OpenEmbedded.
- Blog from 26-04-2021 Using a VPN on Embedded Linux Systems.