Hi Karsten,

Thanks for your input.  It does not say what kind of VPN processing capabilities these routers have in the specs?  Would i need a dedicated VPN module to handle the encryption/decryption for traffic  running through 6 gre tunnels simultaneously?

I was looking at cheaper options for the branch offices, would say a 3825 with the following module be sufficient?  Do we know what how much vpn traffic this module will handle?

  1 x AIM-VPN/SSL-3  Module

Hi Matthew,

You can go for any of the AIM modules for 1800,2800 or 3800 series router.

http://www.cisco.com/c/en/us/products/collateral/routers/2800-series-integrated-services-routers-isr/data_sheet_vpn_aim_for_18128003800routers.html

User AES-128 rather than 3DES.  3DES and other flavors of AES are more CPU intensive.

Regards,

Puneesh

Please rate helpful posts

I'm considering these for the DC's.

Cisco Small Business ISR4431/K9 Router 4 x 10/100/1000Mbps LAN Ports

Any idea how much for the SEC license and then the HSEC license?  Cant find any info anywhere on cost?  Anyone have any ideas at all?

The list-price for the SEC-bundle with HSEC-license is $14500, without SmartNet support. So you will probably pay something about $10k/$11k per box with SmartNet. But better ask your preferred reseller for exact prices.

For ISR G1, just be aware that these are EOS and don't support modern cryptography. And the 1800 and probably even the bigger 2800 are too slow for your needs.

The 4300 don't need any additionally crypto-hardware.

If you want to go for used equipment better go for a ISR G2 like a 3900. These routers are still supported and run recent crypto.