<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
Well, I will use another box for VPN. Thanks!<BR>
<BR><BR>> Date: Tue, 26 Aug 2008 13:15:50 -0700<BR>> From: Aaron@cisco.com<BR>> To: david.lin@msn.com<BR>> CC: cisco-nas@puck.nether.net<BR>> Subject: Re: [cisco-nas] VPN on Cisco AS53xx<BR>> <BR>> David,<BR>> <BR>> I think, even with 60% peak CPU load, I'd be wary of running the IPsec<BR>> tunnels into this 5350. Better to run the IPsec into a separate box<BR>> with some dedicated crypto hw - for a few tunnels, even an 871 or 851<BR>> would do the trick.<BR>> <BR>> As far as L2TP ... that's a non-encrypted tunneling protocol that's<BR>> typically used in the following applications:<BR>> <BR>> * tunneling layer 2 traffic over an IP network (see L2TPv3)<BR>> * wholesale network access for dial / PPPoA customers<BR>> <BR>> <BR>> If you haven't heard of it, you probably don't want it ...<BR>> <BR>> Aaron<BR>> <BR>> ----<BR>> <BR>> > Aaron,<BR>> > Thanks your comment.<BR>> > I meant it's used 80% of circuit channel capacity. The CPU usage is up<BR>> > to 60% at the peak time. And I'm gonna use IPSec VPN.(Can you briefly<BR>> > explain the L2TP configuration on AS53xx?)<BR>> > <BR>> > David<BR>> > <BR>> > <BR>> ><BR>> ><BR>> > > Date: Tue, 26 Aug 2008 10:53:22 -0700<BR>> > > From: Aaron@cisco.com<BR>> > > To: david.lin@msn.com<BR>> > > CC: cisco-nas@puck.nether.net<BR>> > > Subject: Re: [cisco-nas] VPN on Cisco AS53xx<BR>> > ><BR>> > > David,<BR>> > ><BR>> > > Not sure what you mean by "80% of capacity". Do you mean that the CPU<BR>> > > is 80% busy? If so, then I wouldn't want to terminate VPN into this<BR>> > > box, because the 5350 does crypto in software. (Assuming that you are<BR>> > > referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,<BR>> > > which is not too CPU intensive.)<BR>> > ><BR>> > > Aaron<BR>> > ><BR>> > > ------------------------------------------------------------------------<BR>> > ><BR>> > > > Hi all,<BR>> > > > I have a Cisco AS5350 which is carrying calls up to 80% of capacity.<BR>> > > > Is it good for setting up VPN connections(roughly 10) on this gateway?<BR>> > > ><BR>> > > > Thanks,<BR>> > > ><BR>> > > > David<BR>> > > ><BR>> > > ><BR>> > ------------------------------------------------------------------------<BR>> > > ><BR>> > ------------------------------------------------------------------------<BR>> > > ><BR>> > > > _______________________________________________<BR>> > > > cisco-nas mailing list<BR>> > > > cisco-nas@puck.nether.net<BR>> > > > https://puck.nether.net/mailman/listinfo/cisco-nas<BR>> > ><BR>> ><BR>> ><BR>> > ------------------------------------------------------------------------<BR>> <BR><BR><br /><hr /> <a href='' target='_new'></a></body>
</html>