I am implementing GET VPN over an MPLS network. I understand I will need a distinct router for a key server. I currently have a 7206 NPE/G2 in my data center that serves as a central site aggregation router for the MPLS network. Can this 7206 also serve as the GET VPN group member or should the GM be a separate router? I plan to install a VAM2+ in the 7206 if it serves as both WAN aggregration router and GM. At my remote offices 2811 routers terminate MPLS links. Do I need to install AIM encryption cards in the 2811 routers to achieve acceptable encryption performance or do the native routers have enough capacity? Thank you for your help.
I have this problem too.