Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
0
Helpful
1
Replies

IPSEC on Multilink - not all T1 utilized

kst.amand
Level 1
Level 1

‎02-08-2008 04:32 AM - edited ‎02-21-2020 03:32 PM

I have a Multilink T1 setup (4 T1), where crypto engine connections show only 2 T1 being utilized. User response times over MultiLink is poor.

Environment is a GETVPN configuration.

Is there additional configuration requirements so that all T1 of Multilink participate in IPSEC?

Config. Snipet ***************

interface Multilink123

ip address x.x.x.x y.y.y.y

ip tcp adjust-mss 1360

no peer neighbor-route

ppp chap hostname blah-blah

ppp multilink

ppp multilink group 123

ppp multilink fragment disable

crypto map gdoi-map

Crypo Engine Output **********

ID Interface Type Algorithm Encrypt Decrypt IP-Address

3769 Mu123 IPsec AES+SHA 0 18683 10.0.0.0

3770 Mu123 IPsec AES+SHA 16644 0 10.0.0.0

3771 Mu123 IPsec AES+SHA 0 0 0.0.0.0

3772 Mu123 IPsec AES+SHA 19 0 0.0.0.0

Labels:
0 Helpful
1 Reply 1

kst.amand
Level 1
Level 1

‎02-08-2008 06:44 AM

scratch this post - I was misreading the crypto engine output.

All is good - thx

0 Helpful
Customers Also Viewed These Support Documents