Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
4
Helpful
3
Replies

how to enable vpn compression on router 871

xiaoliangyue
Level 1
Level 1

‎08-10-2007 10:49 AM - edited ‎03-03-2019 06:16 PM

a site to site vpn was set up between 871 and 2851. 2821 has a AIM-VPN/SSL-2

On 871:

sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Compression: No

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 8E20D704

crypto engine state: installed

crypto engine in slot: N/A

On 2851:

show crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: aim 0

VPN Module in slot: 0

Product Name: AIM-VPN/SSL-2

Software Serial #: 55AA

Device ID: 001F - revision 0000

Vendor ID: 0000

Revision No: 0x001F0000

VSK revision: 0

Boot version: 255

DPU version: 0

HSP version: 3.3(18) (PRODUCTION)

Time running: 3w0d

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 2000

Maximum SA index: 2000

Maximum Flow index: 4000

Maximum RSA key size: 2048

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Disabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 01100200

Time running: 4294967 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0300

Maximum SA index: 0300

Maximum Flow index: 0600

Maximum RSA key size: 2048

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 5FF8863F

crypto engine state: installed

crypto engine in slot: N/A

Thx!

Labels:
0 Helpful
3 Replies 3

paolo bevilacqua
Hall of Fame
Hall of Fame

‎08-10-2007 11:10 AM

I think this is the reference document:

http://cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080110c00.html

Hope this helps, please rate post if it does!

0 Helpful

paolo bevilacqua
Hall of Fame
Hall of Fame

‎08-11-2007 04:07 PM

Also, what software are you using ? An 851 with 12.4(11)T2 show compression supported in hardware:

gw-851w#sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 1

Time running: 623892 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: DD151A7D

crypto engine state: installed

crypto engine in slot: N/A

xiaoliangyue
Level 1
Level 1
In response to paolo bevilacqua

‎08-11-2007 10:30 PM

Thanks for reply, Paolo.

the ios version might be the cause:

C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(4)T7

I'll upgrade the ios to ver 12.4(11)T2, and see what's gonna happen.

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card