2800 Interface Question

Patrick McHenry · ‎01-31-2012

Hi,

I have a Cisco 2811 router. It is currently being used for a 10mb encrypted, ELAN WAN connection to a remote site via a built-in FE port. It is connected to our core via the other built-in FE port. The ports used are Fasterthernet 0/0 and 0/1. From the output I provided, if I were to install another 2-port fastethernet card in one of the free slots, is there a way to tell if I will be able to create another encrypted tunnel using that new card? I'm concerned because of the 3rd line of output below. - NAME: "Virtual Private Network (VPN) Module on Slot 0", DESCR: "Encryption AIM Element"

I'm wondering if I am only allowed to create VPNs on Slot 0.

If that is true, could I create the Encrypted interfaces that connect to the sites on Slot 0, and use the LAN ports on the new slot?

Thanks, Pat.

Router#sh inventory
NAME: "2811 chassis", DESCR: "2811 chassis"
PID: CISCO2811 , VID: V07 , SN: FTX1406A1DS

NAME: "Virtual Private Network (VPN) Module on Slot 0", DESCR: "Encryption AIM Element"
PID: AIM-VPN/SSL-2 , VID: V01, SN: FOC13511HF3

Router#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 19-Oct-09 17:38 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T11, RELEASE SOFTWARE (fc1)

EXIT8PT-2811 uptime is 1 day, 6 hours, 14 minutes
System returned to ROM by power-on
System restarted at 05:07:18 EST Mon Jan 30 2012
System image file is "flash:c2800nm-advipservicesk9-mz.124-24.T2.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2811 (revision 53.50) with 512000K/12288K bytes of memory.
Processor board ID FTX1406A1DS
2 FastEthernet interfaces
2 Virtual Private Network (VPN) Modules
DRAM configuration is 64 bits wide with parity enabled.
191K bytes of non-volatile configuration memory.
126976K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Rick Morris · ‎01-31-2012

According to this link you can have up to 1500 Tunnels on the 2800 platform

http://www.cisco.com/en/US/partner/prod/collateral/routers/ps5853/data_sheet_vpn_aim_for_18128003800routers_ps5853_Products_Data_Sheet.html

Richard Burts · ‎01-31-2012

Pat

You should be able to create another encrypted tunnel if you install additional FastEthernet card in the router. The AIM-VPN/SSL-2 in slot 0 is a hardware assist for encryption processing which relieves the CPU from having to do much of the crypto processing. The slot 0 that it is in is not the same as the slot for the FastEthernet Cards.

HTH

Rick

HTH

Rick

Patrick McHenry · ‎01-31-2012

Richard,

Thanks for the response. I'm not sure what I should order to a slot on the 2811. Is there a module that is specific for that router or will any cisco, 2 port, fastethernet module do?

Thanks, Pat.

vmiller · ‎01-31-2012

start here:

http://www.cisco.com/en/US/products/ps5854/products_relevant_interfaces_and_modules.html

Leo Laohoo · ‎01-31-2012

It's called an HWIC-2FE.

1- and 2-Port Fast Ethernet High-Speed WIC for Cisco Integrated Services Routers

Q & A: Cisco 1- and 2-port Fast Ethernet High-Speed