06-23-2006 01:03 PM
Where can I find that info?
Also, I got the router used (for close to nothing $) but I know it's worth some $$$. Where can I find out which model it is exactly? "show version" doesn't show much.
Solved! Go to Solution.
06-26-2006 04:59 PM
Oh sorry, pasted the partner link. That link doesn't seem to be available on a non-partner link unfortunately, so here's a cut/paste of the relevant bits from it:
--------------------------------------
AIM-VPN/BPII, is supported only in the Cisco 2600XMs. It has support for DES/3DES and AES (optimized for AES128 only) along with Layer 3 (IPPCP) Compression. This module requires Cisco IOS Release 12.2(15)ZJ and later.
AIM-VPN/BPII -PLUS is supported only in the Cisco 2600XMs. AIM-VPN/EPII-PLUS is supported in the 2691 and 3725 only. The BPII-PLUS and EPII-PLUS has support for DES/3DES and is optimized for all AES keys (AES128, AES192 and AES256) along with Layer 3 (IPPCP) Compression. These modules are supported in 12.3(5c), 12.3(6) and later for mainline releases and 12.3(7)T and later for T releases.
Q. What function does the VPN Module perform?
A. The Cisco 1700, 2600, 3600, and 3700 Series VPN Module optimizes the platform for IPSec VPNs. The module not only accelerates the triple data encryption standard (3DES) and data encryption standard (DES), advanced encryption standard (AES) algorithms used in IPSec, but it handles a variety of other IPSec-related tasks: hashing, key exchange, and storage of security associations. By doing so, the VPN module frees the Cisco 1700, 2600, 3600 and 3700 Series CPU to perform other router, voice, and firewall functions.
Q. What is the maximum DES/3DES/AES-128 IPSec performance with 1400 byte packets for the Cisco 1700, 2600, 3600, and 3700 Series utilizing the VPN Module?
A. Cisco 2650/51XM with AIM-VPN/BPII or AIM-VPN/BPII-PLUS will give 10 Mbps throughput with IMIX traffic, 22 Mbpsthroughput with packet size of 1400bytes, and support 800 tunnels.
Q. What is the maximum AES-192/256 IPSec performance with IMIX packets for the Cisco 1700, 2600, 3600, and 3700 Series utilizing the VPN Module?
A. Cisco 2650/51XM with AIM-VPN/BPII will give 8.5 Mbps throughput with IMIX traffic for both AES-192 and 256. The BPII-PLUS will give around 10Mbps performance.
-----------------------------------------
Also, be aware that that card has been EOL'd as per:
http://www.cisco.com/en/US/products/hw/routers/ps274/prod_eol_notice0900aecd802d3d0b.html
It's still supported till 2010 and will work fine for you, it's just not quite as fast with AES-192 or AES-256 as the PLUS version of the same card, which has been hardware-optimizied specifically for those larger key sizes. If you're using 3DES or AES-128 then there's no performance difference.
06-25-2006 09:53 PM
Depends on whether you have a HW encryption card in it. There's a bunch of rate information here:
If you're going to be doing VPN's on it then you really wouldn't run it without a HW card in it.
"sho diag" should give you some info on what modules are in what slots, but the "sho ver" output should tell you what model it is.
Router# sho ver
Cisco IOS Software, C2600 Software (C2600-ADVIPSERVICESK9-M), Version 12.3(14)T2, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 11-May-05 16:02 by hqluong
ROM: System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
sv3-14 uptime is 2 weeks, 5 days, 7 hours, 58 minutes
System returned to ROM by power-on
System image file is "flash:c2600-advipservicesk9-mz.123-14.T2.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco 2651XM (MPC860P) processor (revision 0x300) with 105472K/25600K bytes of memory.
Processor board ID JAE0817EK4U (2189666667)
M860 processor: part number 5, mask 2
2 FastEthernet interfaces
1 ISDN Basic Rate interface
32K bytes of NVRAM.
49152K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
Router#
06-26-2006 03:31 PM
Thanks for the info. I can't access the link you posted though.
show diag displays:
C2651XM-2FE
AIM-VPN/BPII
06-26-2006 04:59 PM
Oh sorry, pasted the partner link. That link doesn't seem to be available on a non-partner link unfortunately, so here's a cut/paste of the relevant bits from it:
--------------------------------------
AIM-VPN/BPII, is supported only in the Cisco 2600XMs. It has support for DES/3DES and AES (optimized for AES128 only) along with Layer 3 (IPPCP) Compression. This module requires Cisco IOS Release 12.2(15)ZJ and later.
AIM-VPN/BPII -PLUS is supported only in the Cisco 2600XMs. AIM-VPN/EPII-PLUS is supported in the 2691 and 3725 only. The BPII-PLUS and EPII-PLUS has support for DES/3DES and is optimized for all AES keys (AES128, AES192 and AES256) along with Layer 3 (IPPCP) Compression. These modules are supported in 12.3(5c), 12.3(6) and later for mainline releases and 12.3(7)T and later for T releases.
Q. What function does the VPN Module perform?
A. The Cisco 1700, 2600, 3600, and 3700 Series VPN Module optimizes the platform for IPSec VPNs. The module not only accelerates the triple data encryption standard (3DES) and data encryption standard (DES), advanced encryption standard (AES) algorithms used in IPSec, but it handles a variety of other IPSec-related tasks: hashing, key exchange, and storage of security associations. By doing so, the VPN module frees the Cisco 1700, 2600, 3600 and 3700 Series CPU to perform other router, voice, and firewall functions.
Q. What is the maximum DES/3DES/AES-128 IPSec performance with 1400 byte packets for the Cisco 1700, 2600, 3600, and 3700 Series utilizing the VPN Module?
A. Cisco 2650/51XM with AIM-VPN/BPII or AIM-VPN/BPII-PLUS will give 10 Mbps throughput with IMIX traffic, 22 Mbpsthroughput with packet size of 1400bytes, and support 800 tunnels.
Q. What is the maximum AES-192/256 IPSec performance with IMIX packets for the Cisco 1700, 2600, 3600, and 3700 Series utilizing the VPN Module?
A. Cisco 2650/51XM with AIM-VPN/BPII will give 8.5 Mbps throughput with IMIX traffic for both AES-192 and 256. The BPII-PLUS will give around 10Mbps performance.
-----------------------------------------
Also, be aware that that card has been EOL'd as per:
http://www.cisco.com/en/US/products/hw/routers/ps274/prod_eol_notice0900aecd802d3d0b.html
It's still supported till 2010 and will work fine for you, it's just not quite as fast with AES-192 or AES-256 as the PLUS version of the same card, which has been hardware-optimizied specifically for those larger key sizes. If you're using 3DES or AES-128 then there's no performance difference.
06-26-2006 06:32 PM
Excellent! That's exactly what I needed. This router is currently an overkill anyway. I'm using it as a home fw/ips/vpn solution for my home network and my DSL line doesn't reach rates that are anywhere close to 8.5 or 10Mbps so it should last me a while.
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide