Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Router to PIX VPN - Load Balancing Questions

Hi All,

I have a 2821 router that has multiple circuits over different carriers. I want to setup a IPsec VPN from the 2821 to a PIX515. Is is possible to load balance the VPN over both circuits? Have you experienced this before? It seems that CEF per-packet would accomplish this, but I am not sure if performance would take a hit.

Thanks,

Lee

3 REPLIES
Anonymous
N/A

Re: Router to PIX VPN - Load Balancing Questions

I am not sure if IPSec can be load balanced like that. How will the out-of-sequence packets be reassenbled at the gateway end? I know there is a sequence number in the ESP header, but that is used for replay detection. Not sure they can be used here. Any thoughts?

Hall of Fame Super Silver

Re: Router to PIX VPN - Load Balancing Questions

I believe that I remember a conversation with a TAC engineer when I was looking at some problems with a VPN connection in which he said that out of order packets are a problem with ESP.

HTH

Rick

New Member

Re: Router to PIX VPN - Load Balancing Questions

Thanks for your responses!

256
Views
4
Helpful
3
Replies