Manualshelf

Technical information

ManualsBrandsCisco ManualsComputer equipmentWS-SVC-IPSEC-1= - IPSec VPN Services Module
12345678910
6
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Supported Features
Capacity
8000 tunnels (no IKE keepalive, no Dead-Peer-Detection [DPD])
5000 tunnels (no IKE keepalive, DPD okay)
2000 tunnels (IKE keepalive)
Note DPD is supported in Cisco IOS Release 12.2(14)SY or later releases.
Note Capacities are typically higher when IKE keepalive uses DPD.
Configuration, management, and reporting
Existing Cisco IOS IPSec CLI (one new configuration command, crypto connect vlan)
Existing standard IPSec network management
VPN Device Manager (VDM) (requires VPN software release 1.2)
Note VDM contains only basic IPSec support and cannot be used to configure multiple VPN modules
or VPN module features added in Cisco IOS Release 12.2(14)SY.
For complete configuration details for VDM, refer to this URL:
http://www.cisco.com//univercd/cc/td/doc/product/software/ios121/121newft/121limit/121e/121e6/vdm_e.htm
Supported Features in Release 12.2(14)SY
The VPN module supports the following features in Cisco IOS Release 12.2(14)SY and later releases:
Interchassis active/standby IPSec stateful failover
Easy-VPN clients (the Easy-VPN client version should be 3.6 or later)
IPSec NAT transparency
Onboard acceleration of VDM TopN queries for IPSec
IPSec anti-replay window size expansion from 32 entries to 64 entries
DPD
Hot Standby Router Protocol (HSRP) and reverse route injection (RRI)
Onboard GRE acceleration
QoS
Support for up to 10 VPN modules per chassis
IPSec over the FlexWAN module (WS-X6182-2PA) with the following supported port adapters:
PA-4T+: 4-Port serial port adapter, enhanced
PA-T3: 1-port T3
PA-E3: 1-port E3
PA-T3+: 1-port T3 enhanced
PA-2T3+: 2-port T3 enhanced