I'm reaching the point where my 7206VXR w/ NPE-G1 is seeing sustained 60% - 70% cpu utilization from IPSec encryption / decryption. I'm running IOS 12.4(9)T. I was thinking about purchasing one or two VAM-2+ modules to offload the encryption, but I'm not sure if it will help with IPSec running in transport mode (Full mesh DMVPN, this router is the NHRP server / hub router supporting about 50 spokes, soon to be 70 spokes).
Looking at the following link, I see "IPSec Tunnel Mode" explicitly listed, but not transport mode.
http://www.cisco.com/en/US/products/hw/routers/ps341/products_data_sheet0900aecd8020b758.html
And I have some vague recollection that I read somewhere that transport mode wasn't supported in hardware VPN accelerators.
Any ideas if the VAM-2+ would help with transport-mode IPSec tunnels?
Thanks!
-Mason