[c-nsp] ppp encrypt mppe and cef
Michael Ulitskiy
mulitskiy at acedsl.com
Wed Jul 13 23:44:41 EDT 2011
Hello,
Is MPPE encryption supported in the CEF path?
According to cisco doc at
http:/www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dt_pptp.html it should, but in my tests all pptp virtual access created with CEF disabled and I can't get more than 10M from 7200-NPE400 with 100% CPU.
IOS 12.4(25c). Config is straightforward:
vpdn enable
!
vpdn-group PPTP
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
ip tos reflect
ip pmtu
ip mtu adjust
!
interface Virtual-Template1
ip unnumbered Loopback0
ip nat inside
ip virtual-reassembly timeout 1
ip tcp adjust-mss 1346
no logging event link-status
no snmp trap link-status
peer default ip address pool HQ-VPN-POOL
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2 callin
ppp ipcp dns 8.8.8.8 8.8.4.4
ppp ipcp wins 192.168.0.110
!
AS3#sh ip int vi5
Virtual-Access5 is up, line protocol is up
...
IP fast switching is disabled
IP fast switching on the same interface is disabled
IP Flow switching is enabled
IP CEF switching is disabled
...
If I remove "ppp encrypt mppe auto" line then CEF is enabled OK.
Does anybody know if there's a way to run MPPE in the CEF path?
Thanks,
--
Michael Ulitskiy
More information about the cisco-nsp
mailing list