Just a quick question I have 12 remote sites that connect to the head site
to access core servers etc. each remote site has a ADSL link to access
alternative services but the ADSL link is also used to connect to the main
link via VPN in the event that the main link is down, each remote site has a
cisco 1811 connected to the ADSL to establish the site to site vpn link ,
whilst the main site has a cisco 2600 xm with advsecurity IOS and a VPN
module installed and is connected over the corporate 12Mbps (12Mbps up/down)
Internet link and is configured to establish VPN tunnels to any of the
remote 12 sites in the event of a link outage.
What happened recently was that the main link went down and all 12 sites
tried to establish vpn links to the main site 2600 xm router simultaneously.
Even though the VPN links for all sites wee established, the CPU
ultilization on the 2600xm was constantly at 99% and packets were being
dropped, only when I dropped some of the vpn links did the ultilisation
What I am asking is that what can I do in the future for backup via vpn,
should I share the load at the main site with another router beisdes the
2600xm or should I look at a more powerful router or firewall to do be the
VPN server. I have a PIX 506 that may be available.
What do you guys think
Thanks in advance