Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

VPN 3000 v3.6 and AES

New image for Cisco VPN 3000 was released recently and wanted to know about default negotiations and performance.

1. If I upgrade the concentrator and the client to 3.6 will it by default use AES?

2. Is the concentrator optimized for AES (hardware acceleration)? What kind of performace hit will I take?

Thanks.

1 REPLY
Cisco Employee

Re: VPN 3000 v3.6 and AES

Hi,

Answering in-line:

1. the Defaults will still be the same a dn for you to use AES, you will need to select it in the IKE proposals and for it to be at the top

2. The Concentrator will be doing hardware accelaration for AES aswell, so shouldn't worry to much about performance hit

Additionally, If you configure AES on a VPN 3000 Concentrator group, only clients that support AES (such as the VPN Client, Release 3.6) can connect to that group. So make sure to add a new Group for the upgraded clients and let the old ones connect to the old group till all are upgraded.

For more details check:

http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/3_6/3_6con3k.htm#xtocid18

Regards,

Aamir

-=-=-

78
Views
0
Helpful
1
Replies
CreatePlease to create content