Re: Max IPSec-Session on C871

tech · ‎12-10-2010

Hello,

On out Cisco 871 router we've noticed some limitation common with maximum concurrent IPSec-Session.

Regarding results from command: "sh crypto eli" we've noticed that currently we are using 30 from Max 40 IPSec-Sessions. Is this mean that curreuntly we can't to estabilish more than 40 ipsec session in the same time ?

Hardware Encryption : ACTIVE
Number of hardware crypto engines = 1

CryptoEngine Motorola Talitos 1.0 details: state = Active
Capability : DES, 3DES, AES

IKE-Session   :     5 active,    20 max, 0 failed
DH            :     3 active,    20 max, 0 failed
IPSec-Session :    30 active,    40 max, 2 failed

We plan to extend number of vpn connections and we have some question common with this issue:

Is this limitation common with hardware, installed IOS or some license? We would like to extend maximum number of IPSec connections (increase number of vpns), and we would to know if it is possible and how achive this aim?

We will be very gratefull for any information.

In atachement results from show version, and show crytpto eli detail.

tech · ‎12-15-2010

Anyone can answer this questions? Please for any hints or some references.

tech · ‎12-22-2010

Hi,

Is anyone has knowledge on which max concurrent ipsec session limit depends on? Limitation of hardware, license, IOS ?

Jennifer Halim · ‎12-22-2010

It supports 10 VPN tunnels. You can establish VPN tunnel with 10 different peers, or if you have remote access vpn, it will also be included in the 10.

Here is the datasheet for 870 series router for your reference:

http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6200/product_data_sheet0900aecd8028a976.html

Hope that answers your question.