- Gold, 750 points or more
I have an 877 with 12.4(24)T Advanced IP Services. It is a DSL gateway and is configured with NAT, IPS & inbound VPN services. I have noticed that recently the L2TP/IPSec VPN feature has been failing for clients. After a bit of debugging I can see a message saying the router couldn't process the IPSec request due to a lack of memory (or something along those lines). I also noticed that the CPU is maxed out when applying new IPS signatures (for some reason the latest one (S409) won't even apply - however I haven't looked into why yet).
If I disable IPS on the dialer interface then L2TP/IPSec VPN works fine. If I reenable IPS it fails again. If I reboot the router, then give it time to get back up (IPS process maxes the CPU out for a few minutes after boot) then L2TP/IPSec VPN will work for a period - usually a day or so. After that it fails again I assume with the same memory issue.
The 877 has maximum DRAM (256Mb) & FLASH (52Mb) and I would rather keep IPS enabled if I can.