Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

GET VPN and required equipment

I am implementing GET VPN over an MPLS network.  I understand I will need a distinct router for a key server.  I currently have a 7206  NPE/G2 in my  data center  that serves as a central site aggregation router for the MPLS network.  Can this 7206 also serve as the GET VPN group member or should the GM  be a separate router?  I plan to install a VAM2+ in the 7206 if it serves as both WAN aggregration router and GM.  At my remote offices 2811 routers  terminate MPLS links.  Do I need to install AIM encryption cards in the 2811 routers to achieve acceptable encryption performance or do the native routers have enough capacity?  Thank you for your help.


Re: GET VPN and required equipment

I would start by reviewing Chapter 3 of the GETVPN design guide below.  The recommended deployment model will include separate routers at the data center for the KS(s), GM(s), and WAN edge.  Whether or not you require AIM modules will come down to the clear LAN throughput you will require.  This chapter includes a chart for GM throughput with onboard and AIM for three classes of packet types.

CreatePlease to create content