site to site VPN using PIX-515E and no VAC card?

Unanswered Question
Nov 1st, 2009

I'm considering using an existing PIX-515E as one end of a site to site VPN, but can't find any stats for how many Mbps of throughput the unit with no VAC or VAC+ card will handle.

Would it handle up to 10Mbps of 256 bit AES IPSEC VPN traffic?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Patrick0711 Sun, 11/01/2009 - 12:03

You will likely only see a few Mbps of VPN traffic, especially with AES-256. There's a night and day difference between using the VAC card and offloading the encryption processes to the PIX CPU.

I would suggest using a more efficient encryption algorithm like AES-128 and SHA1.

Farrukh Haroon Mon, 11/02/2009 - 11:08

The throughput is mentioned on this link:

Performance Summary

• Cleartext throughput: Up to 190 Mbps

• Concurrent connections: 130,000

• 168-bit 3DES IPSec VPN throughput: Up to 135 Mbps with VAC+ or 63 Mbps with VAC

• 128-bit AES IPSec VPN throughput: Up to 130 Mbps with VAC+

• 256-bit AES IPSec VPN throughput: Up to 130 Mbps with VAC+

• Simultaneous VPN tunnels: 2000

Please rate if helpful, Regards



This Discussion