[cisco-voip] Anyone doing large-scale VPNs?

Robert Kulagowski rkulagow at gmail.com
Mon Apr 18 13:47:38 EDT 2011


On Sat, Apr 16, 2011 at 9:28 PM, Matthew Loraditch
<MLoraditch at heliontechnologies.com> wrote:
> you are correct about VPNs and ASAs. With your site quantity I'd not want to be managing that many tunnels. DMVPN is a router only (with the exception of 6500s with certain modules) technology.
>
> If all of your hand offs will be ethernet your choice whether to upgrade to 2900s or not seems to solely be a throughput/performance question.

That's why it seems ..um.. disappointing that Cisco has so many
different product lines that are similar, yet different enough to make
things difficult.  Doing additional research using Google shows that
DMVPN for 55xx has been roadmapped, then removed.  I guess the ISR
business unit has more pull than the ASA BU, because sure, the ASA can
do 50,000 tunnels, but for site-to-site you've got to type them all in
one by one, or do a perl script.


More information about the cisco-voip mailing list