I have a Cisco 3745 router with 128 MB RAM and 64 MB flash and want to create end to end vpn. Since there is no vpn accelerator modules installed presently on the router, i am not sure how effetively, the router will perform and would like to have an idea on this.
Also would like to have a relevant cisco document to have a good idea. Please help on this....
Software encryption on this platform is typically reserved for management access to the router only. If you will be passing any amount of production traffic over an IPSec L2L tunnel, I would suggest you consider an AIM module in order to minimize any chance of high CPU utilization.
Todd is right, cisco does not recommend the use of software encryption on this platform and we don't typically publish software encryption performance numbers. That said, I had done some performance testing years ago on the 3745, and I was only able to get upwards ~4M of encrypted throughput with a modified IMIX traffic profile that mimicked a voice-heavy network environment. Sorry, I don't remember the specific version tested or CPU threshold condition tested. Also, your mileage may vary depending on other interrupt-handled features such as nat, acl, qos, etc.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...