[cisco-nas] VPN on Cisco AS53xx

David Lin david.lin at msn.com
Tue Aug 26 16:35:44 EDT 2008


Well, I will use another box for VPN. Thanks!
> Date: Tue, 26 Aug 2008 13:15:50 -0700> From: Aaron at cisco.com> To: david.lin at msn.com> CC: cisco-nas at puck.nether.net> Subject: Re: [cisco-nas] VPN on Cisco AS53xx> > David,> > I think, even with 60% peak CPU load, I'd be wary of running the IPsec> tunnels into this 5350. Better to run the IPsec into a separate box> with some dedicated crypto hw - for a few tunnels, even an 871 or 851> would do the trick.> > As far as L2TP ... that's a non-encrypted tunneling protocol that's> typically used in the following applications:> > * tunneling layer 2 traffic over an IP network (see L2TPv3)> * wholesale network access for dial / PPPoA customers> > > If you haven't heard of it, you probably don't want it ...> > Aaron> > ----> > > Aaron,> > Thanks your comment.> > I meant it's used 80% of circuit channel capacity. The CPU usage is up> > to 60% at the peak time. And I'm gonna use IPSec VPN.(Can you briefly> > explain the L2TP configuration on AS53xx?)> > > > David> > > > > >> >> > > Date: Tue, 26 Aug 2008 10:53:22 -0700> > > From: Aaron at cisco.com> > > To: david.lin at msn.com> > > CC: cisco-nas at puck.nether.net> > > Subject: Re: [cisco-nas] VPN on Cisco AS53xx> > >> > > David,> > >> > > Not sure what you mean by "80% of capacity". Do you mean that the CPU> > > is 80% busy? If so, then I wouldn't want to terminate VPN into this> > > box, because the 5350 does crypto in software. (Assuming that you are> > > referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,> > > which is not too CPU intensive.)> > >> > > Aaron> > >> > > ------------------------------------------------------------------------> > >> > > > Hi all,> > > > I have a Cisco AS5350 which is carrying calls up to 80% of capacity.> > > > Is it good for setting up VPN connections(roughly 10) on this gateway?> > > >> > > > Thanks,> > > >> > > > David> > > >> > > >> > ------------------------------------------------------------------------> > > >> > ------------------------------------------------------------------------> > > >> > > > _______________________________________________> > > > cisco-nas mailing list> > > > cisco-nas at puck.nether.net> > > > https://puck.nether.net/mailman/listinfo/cisco-nas> > >> >> >> > ------------------------------------------------------------------------> 
_________________________________________________________________
Find hidden words, unscramble celebrity names, or try the ultimate crossword puzzle with Live Search Games. Play now!
http://g.msn.ca/ca55/212
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-nas/attachments/20080826/57aac58e/attachment.html>


More information about the cisco-nas mailing list