Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

how to enable vpn compression on router 871

a site to site vpn was set up between 871 and 2851. 2821 has a AIM-VPN/SSL-2

On 871:

sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Compression: No

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 8E20D704

crypto engine state: installed

crypto engine in slot: N/A

On 2851:

show crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: aim 0

VPN Module in slot: 0

Product Name: AIM-VPN/SSL-2

Software Serial #: 55AA

Device ID: 001F - revision 0000

Vendor ID: 0000

Revision No: 0x001F0000

VSK revision: 0

Boot version: 255

DPU version: 0

HSP version: 3.3(18) (PRODUCTION)

Time running: 3w0d

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 2000

Maximum SA index: 2000

Maximum Flow index: 4000

Maximum RSA key size: 2048

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Disabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 01100200

Time running: 4294967 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0300

Maximum SA index: 0300

Maximum Flow index: 0600

Maximum RSA key size: 2048

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: 5FF8863F

crypto engine state: installed

crypto engine in slot: N/A

Thx!

3 REPLIES
Hall of Fame Super Gold

Re: how to enable vpn compression on router 871

I think this is the reference document:

http://cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080110c00.html

Hope this helps, please rate post if it does!

Hall of Fame Super Gold

Re: how to enable vpn compression on router 871

Also, what software are you using ? An 851 with 12.4(11)T2 show compression supported in hardware:

gw-851w#sh crypto engine brief

crypto engine name: Virtual Private Network (VPN) Module

crypto engine type: hardware

State: Enabled

Location: onboard 0

Product Name: Onboard-VPN

FW Version: 1

Time running: 623892 seconds

Compression: Yes

DES: Yes

3 DES: Yes

AES CBC: Yes (128,192,256)

AES CNTR: No

Maximum buffer length: 4096

Maximum DH index: 0020

Maximum SA index: 0020

Maximum Flow index: 0040

Maximum RSA key size: 0000

crypto engine name: Cisco VPN Software Implementation

crypto engine type: software

serial number: DD151A7D

crypto engine state: installed

crypto engine in slot: N/A

New Member

Re: how to enable vpn compression on router 871

Thanks for reply, Paolo.

the ios version might be the cause:

C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(4)T7

I'll upgrade the ios to ver 12.4(11)T2, and see what's gonna happen.

Thanks.

318
Views
4
Helpful
3
Replies
CreatePlease to create content