Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1402
Views
0
Helpful
1
Replies

aes-256 or aes-128 bit

johng231
Level 3
Level 3

‎03-12-2012 08:56 AM

Hello

I'm trying to keep the CPU down as much as possible on my ASA-5540. We're running 8.2.5 on it. We have a bout 80 active IPSec tunnels so far, all which are using AES-256 bit for phase1/2, 75 of the tunnels are mostly ezy vpn connections. Currently the CPU during peak usage is averaging around 22%.  We're planning on having over 1000 IPsec connections, mostly will be remote vpn access with about 170 of them ezy vpn and 250 l2l tunnels.

Is there any noticable CPU performance gain by using AES-128 bit instead of AES-256 on the phase2?

Thanks,

John

Labels:
0 Helpful
1 Reply 1

johng231
Level 3
Level 3

‎03-16-2012 11:48 AM

Just wondering if someone out there has noticed any performance gains by using AES-128 instead of AES-256. I'm trying standardize on a policy going forward.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents