Mailing List Archive

VPN on Cisco AS53xx
Hi all,
I have a Cisco AS5350 which is carrying calls up to 80% of capacity. Is it good for setting up VPN connections(roughly 10) on this gateway?

Thanks,

David
_________________________________________________________________
Find hidden words, unscramble celebrity names, or try the ultimate crossword puzzle with Live Search Games. Play now!
http://g.msn.ca/ca55/212
Re: VPN on Cisco AS53xx [ In reply to ]
David,

Not sure what you mean by "80% of capacity". Do you mean that the CPU
is 80% busy? If so, then I wouldn't want to terminate VPN into this
box, because the 5350 does crypto in software. (Assuming that you are
referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,
which is not too CPU intensive.)

Aaron

------------------------------------------------------------------------

> Hi all,
> I have a Cisco AS5350 which is carrying calls up to 80% of capacity.
> Is it good for setting up VPN connections(roughly 10) on this gateway?
>
> Thanks,
>
> David
>
> ------------------------------------------------------------------------
> ------------------------------------------------------------------------
>
> _______________________________________________
> cisco-nas mailing list
> cisco-nas@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas

_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas
Re: VPN on Cisco AS53xx [ In reply to ]
Aaron,
Thanks your comment.
I meant it's used 80% of circuit channel capacity. The CPU usage is up to 60% at the peak time. And I'm gonna use IPSec VPN.(Can you briefly explain the L2TP configuration on AS53xx?)

David


> Date: Tue, 26 Aug 2008 10:53:22 -0700> From: Aaron@cisco.com> To: david.lin@msn.com> CC: cisco-nas@puck.nether.net> Subject: Re: [cisco-nas] VPN on Cisco AS53xx> > David,> > Not sure what you mean by "80% of capacity". Do you mean that the CPU> is 80% busy? If so, then I wouldn't want to terminate VPN into this> box, because the 5350 does crypto in software. (Assuming that you are> referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,> which is not too CPU intensive.)> > Aaron> > ------------------------------------------------------------------------> > > Hi all,> > I have a Cisco AS5350 which is carrying calls up to 80% of capacity.> > Is it good for setting up VPN connections(roughly 10) on this gateway?> > > > Thanks,> > > > David> >> > ------------------------------------------------------------------------> > ------------------------------------------------------------------------> >> > _______________________________________________> > cisco-nas mailing list> > cisco-nas@puck.nether.net> > https://puck.nether.net/mailman/listinfo/cisco-nas>
_________________________________________________________________
If you like crossword puzzles, then you'll love Flexicon, a game which combines four overlapping crossword puzzles into one!
http://g.msn.ca/ca55/208
Re: VPN on Cisco AS53xx [ In reply to ]
David,

I think, even with 60% peak CPU load, I'd be wary of running the IPsec
tunnels into this 5350. Better to run the IPsec into a separate box
with some dedicated crypto hw - for a few tunnels, even an 871 or 851
would do the trick.

As far as L2TP ... that's a non-encrypted tunneling protocol that's
typically used in the following applications:

* tunneling layer 2 traffic over an IP network (see L2TPv3)
* wholesale network access for dial / PPPoA customers


If you haven't heard of it, you probably don't want it ...

Aaron

----

> Aaron,
> Thanks your comment.
> I meant it's used 80% of circuit channel capacity. The CPU usage is up
> to 60% at the peak time. And I'm gonna use IPSec VPN.(Can you briefly
> explain the L2TP configuration on AS53xx?)
>
> David
>
>
>
>
> > Date: Tue, 26 Aug 2008 10:53:22 -0700
> > From: Aaron@cisco.com
> > To: david.lin@msn.com
> > CC: cisco-nas@puck.nether.net
> > Subject: Re: [cisco-nas] VPN on Cisco AS53xx
> >
> > David,
> >
> > Not sure what you mean by "80% of capacity". Do you mean that the CPU
> > is 80% busy? If so, then I wouldn't want to terminate VPN into this
> > box, because the 5350 does crypto in software. (Assuming that you are
> > referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,
> > which is not too CPU intensive.)
> >
> > Aaron
> >
> > ------------------------------------------------------------------------
> >
> > > Hi all,
> > > I have a Cisco AS5350 which is carrying calls up to 80% of capacity.
> > > Is it good for setting up VPN connections(roughly 10) on this gateway?
> > >
> > > Thanks,
> > >
> > > David
> > >
> > >
> ------------------------------------------------------------------------
> > >
> ------------------------------------------------------------------------
> > >
> > > _______________________________________________
> > > cisco-nas mailing list
> > > cisco-nas@puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nas
> >
>
>
> ------------------------------------------------------------------------

_______________________________________________
cisco-nas mailing list
cisco-nas@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nas
Re: VPN on Cisco AS53xx [ In reply to ]
Well, I will use another box for VPN. Thanks!
> Date: Tue, 26 Aug 2008 13:15:50 -0700> From: Aaron@cisco.com> To: david.lin@msn.com> CC: cisco-nas@puck.nether.net> Subject: Re: [cisco-nas] VPN on Cisco AS53xx> > David,> > I think, even with 60% peak CPU load, I'd be wary of running the IPsec> tunnels into this 5350. Better to run the IPsec into a separate box> with some dedicated crypto hw - for a few tunnels, even an 871 or 851> would do the trick.> > As far as L2TP ... that's a non-encrypted tunneling protocol that's> typically used in the following applications:> > * tunneling layer 2 traffic over an IP network (see L2TPv3)> * wholesale network access for dial / PPPoA customers> > > If you haven't heard of it, you probably don't want it ...> > Aaron> > ----> > > Aaron,> > Thanks your comment.> > I meant it's used 80% of circuit channel capacity. The CPU usage is up> > to 60% at the peak time. And I'm gonna use IPSec VPN.(Can you briefly> > explain the L2TP configuration on AS53xx?)> > > > David> > > > > >> >> > > Date: Tue, 26 Aug 2008 10:53:22 -0700> > > From: Aaron@cisco.com> > > To: david.lin@msn.com> > > CC: cisco-nas@puck.nether.net> > > Subject: Re: [cisco-nas] VPN on Cisco AS53xx> > >> > > David,> > >> > > Not sure what you mean by "80% of capacity". Do you mean that the CPU> > > is 80% busy? If so, then I wouldn't want to terminate VPN into this> > > box, because the 5350 does crypto in software. (Assuming that you are> > > referring to crypto VPN such as IPsec, not unencrypted VPN such as L2TP,> > > which is not too CPU intensive.)> > >> > > Aaron> > >> > > ------------------------------------------------------------------------> > >> > > > Hi all,> > > > I have a Cisco AS5350 which is carrying calls up to 80% of capacity.> > > > Is it good for setting up VPN connections(roughly 10) on this gateway?> > > >> > > > Thanks,> > > >> > > > David> > > >> > > >> > ------------------------------------------------------------------------> > > >> > ------------------------------------------------------------------------> > > >> > > > _______________________________________________> > > > cisco-nas mailing list> > > > cisco-nas@puck.nether.net> > > > https://puck.nether.net/mailman/listinfo/cisco-nas> > >> >> >> > ------------------------------------------------------------------------>
_________________________________________________________________
Find hidden words, unscramble celebrity names, or try the ultimate crossword puzzle with Live Search Games. Play now!
http://g.msn.ca/ca55/212