I am having problems with CPU load on 2811 with AIM-VPN-II. There is a GRE+IPSec over E3 WAN link and the authentication is done using RSA, but even that there is around 10Mb/s of traffic I have a 70 - 85%.
I also have another WAN link with router 2811 that doesn't have a AIM-VPN, and that one reach 95% CPU once the traffic goes up to 5 Mb/s.
crypto isakmp policy 10
crypto isakmp keepalive 10
crypto ipsec transform-set TEST esp-aes esp-sha-hmac
crypto ipsec profile TEST
set transform-set TEST
description ***E3 WAN Link***
ip address x.x.x.x x.x.x.x
ip mtu 1376
ip tcp adjust-mss 1336
tunnel source x.x.x.x
tunnel destination x.x.x.x
tunnel protection ipsec profile TEST
Are there any recommendations that RSA authentication is not supportted for hardward encryption? It worries me, becouse have more sitautions like this.