how to enable vpn compression on router 871

Unanswered Question
Aug 10th, 2007
User Badges:

a site to site vpn was set up between 871 and 2851. 2821 has a AIM-VPN/SSL-2


On 871:

sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Compression: No

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000



crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 8E20D704

crypto engine state: installed

crypto engine in slot: N/A


On 2851:


show crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: aim 0

VPN Module in slot: 0

Product Name: AIM-VPN/SSL-2

Software Serial #: 55AA

Device ID: 001F - revision 0000

Vendor ID: 0000

Revision No: 0x001F0000

VSK revision: 0

Boot version: 255

DPU version: 0

HSP version: 3.3(18) (PRODUCTION)

Time running: 3w0d

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 2000

Maximum SA index: 2000

Maximum Flow index: 4000

Maximum RSA key size: 2048


crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Disabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 01100200

Time running: 4294967 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0300

Maximum SA index: 0300

Maximum Flow index: 0600

Maximum RSA key size: 2048



crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 5FF8863F

crypto engine state: installed

crypto engine in slot: N/A


Thx!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Paolo Bevilacqua Sat, 08/11/2007 - 16:07
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Also, what software are you using ? An 851 with 12.4(11)T2 show compression supported in hardware:


gw-851w#sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 1

Time running: 623892 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000



crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: DD151A7D

crypto engine state: installed

crypto engine in slot: N/A



xiaoliangyue Sat, 08/11/2007 - 22:30
User Badges:

Thanks for reply, Paolo.


the ios version might be the cause:

C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(4)T7


I'll upgrade the ios to ver 12.4(11)T2, and see what's gonna happen.


Thanks.

Actions

This Discussion