Company plans to increase number of remote branches from 10 to 50. So, 2851 wouldn't be enough to perform simultaneous encryption, QoS and routing.
Now I use such scheme
Provider's net--L2 SWITCH--Eth Trunk--My2851--ASA---LAN
Each remote branch enters central site as a separate 802.1q VLAN on the Ethernet trunk.
So, on 2851 I have a lot of Gi 0/0.VLAN ID interfaces.
2851 is crypto tunnels endpoint and OSPF router.
Each interface has crypto map and policy map. Off course policy map depends on a bandwidth.
I'm planning to replace 2851 with more powerful device.
New device have to:
1. Accept VLANs.
2. Support crypto map on each VLAN.
3. Support QoS (CBWFQ+Shaping) on each VLAN.
4. Have enough performance.
I think that 7600 router or 6500 switch will be a good choice.
May be somebody have had similar experience?