Troubleshooting AIM card in 2801

Answered Question
Mar 13th, 2014
User Badges:
  • Community Spotlight Award,

    Best Publication, May 2016

Good Afternoon,

I recently got a Cisco 2801 that is running IOS 12.4(25g).
Later I purchased an AIM-VPN/SSL-2 .

I read this document on how to enable the AIM card. The document says I should use the crypto engine aim 0 command to enable the card.  There is no crypto engine aim command.
http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t11/htvpnssl.html

2801(config)#crypto engine ?
  accelerator  Crypto hardware device
  onboard      Onboard Crypto Engine
  software     Software crypto engine


I can see the card in show diag

    AIM Module in slot: 0
        Hardware Revision        : 1.0
        Top Assy. Part Number    : 800-27059-01
        Board Revision           : A0
        Deviation Number         : 9-5898
        Fab Version              : 02
        PCB Serial Number        : FOC12184ZU2
        RMA Test History         : 00
        RMA Number               : 0-0-0-0
        RMA History              : 00
        Product (FRU) Number     : AIM-VPN/SSL-2
        Version Identifier       : V01
        EEPROM format version 4
        EEPROM contents (hex):
          0x00: 04 FF 40 04 F4 41 01 00 C0 46 03 20 00 69 B3 01
          0x10: 42 41 30 80 00 09 17 0A 02 02 C1 8B 46 4F 43 31
          0x20: 32 31 38 34 5A 55 32 03 00 81 00 00 00 00 04 00
          0x30: CB 8D 41 49 4D 2D 56 50 4E 2F 53 53 4C 2D 32 89
          0x40: 56 30 31 00 D9 02 40 C1 FF FF FF FF FF FF FF FF
          0x50: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
          0x60: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
          0x70: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF

Yet when I look at the crypto engine it is still showing the onboard engine. 

sh crypto engine config 


        crypto engine name:  Virtual Private Network (VPN) Module
        crypto engine type:  hardware
                     State:  Enabled
                  Location:  onboard 0
              Product Name:  Onboard-VPN
                HW Version:  1.0
               Compression:  Yes
                       DES:  Yes
                     3 DES:  Yes
                   AES CBC:  Yes (128,192,256)
                  AES CNTR:  No
     Maximum buffer length:  4096
          Maximum DH index:  0150
          Maximum SA index:  0150
        Maximum Flow index:  0300
      Maximum RSA key size:  0000

        crypto lib version:  19.0.0

     crypto engine in slot:  0
                  platform:  VPN hardware accelerator
          
   Crypto Adjacency Counts:
                Lock Count:  0
              Unlock Count:  0
        crypto lib version:  19.0.0

 

Also, neither of the AIM LED’s are lit on the front panel of the 2801.


Thanks for any insight.  

Tim

 

Correct Answer by Marcin Latosiewicz about 3 years 5 months ago
You need to be at least on 12.4(9)T, 12.4 mainline never supported AIM. http://www.cisco.com/c/en/us/products/collateral/routers/2800-series-int...
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Tim Glen Fri, 03/14/2014 - 07:02
User Badges:
  • Community Spotlight Award,

    Best Publication, May 2016

Thanks very much Marcin.  

Actions

This Discussion