Cisco 3845 Onboard VP Module Capability

I have a Cisco 3845 router with on-board VPN module. I wonder whether I can use it for IpSec encryption of my 50 Mbps ethernet line. What is the maximum capacity of the on-board VPN module? When I send "sh crypto eli" command, it says mx IKE session is 700 and max IPSEC-Session is 1400. Any comment will be highly appreciated.

Yes you can use the VPN module and it's maximum throughput is 180Mbps. Here's a link for reference.
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/prod_brochure09186a00801f0a72_ns710_Networking_Solutions_Brochure.html
Hope that helps.

Similar Messages

  • High CPU Usage on Cisco 3845

    Hi all,
    I'm having high CPU usage with one of my Cisco 3845.
    It works as an IP-IP Gateway and the CPU is quite high when the total number of calls only around 100-200 calls.
    I check the CPU usage with "show process cpu sort" and it looks like there are some "hidden" processes that consuming CPU.
    For example, 41% is total CPU, 25% is due to interrups, so CPU utilization on process level = 41 - 25 = 16%.
    But as showed below, processes don't consume that much CPU, only around 7% ???
    Please help to advise on this case. Any help is highly appreciated..
    Thank you.
    3845-GW#show process cpu sort | ex 0.00%  0.00%  0.00%
    CPU utilization for five seconds: 41%/25%; one minute: 46%; five minutes: 47%
     PID Runtime(ms)     Invoked      uSecs     5Sec   1Min   5Min TTY Process
     382     6619708     1473171       4493      1.59%  1.81%  1.92%   0 CCSIP_SPI_CONTRO
     141     4228940    10181955        415      1.35%  1.51%  1.57%   0 IP Input
      65     2450824      163102      15026        1.19%  1.16%  1.17%   0 Per-Second Jobs
     370     2702292     3709512        728        0.87%  0.88%  0.88%   0 VOIP_RTCP
     224      321680      245640       1309          0.47%  0.49%  0.50%   0 AFW_application_
     112       93940    18093506          5             0.39%  0.31%  0.32%   0 Ethernet Msec Ti
     384     1058280     1553567        681         0.23%  0.28%  0.30%   0 CCSIP_UDP_SOCKET
       2       18148       32905        551                 0.07%  0.03%  0.02%   0 Load Meter
     137       35644     4657843          7               0.07%  0.04%  0.05%   0 IPAM Manager
     189      206392      267959        770            0.07%  0.05%  0.07%   0 TCP Protocols
      30       30792      198554        155               0.07%  0.01%  0.00%   0 ARP Input
     368      145456      176151        825             0.07%  0.04%  0.05%   0 CC-API_VCM
      28        9628       32759        293  0.00%  0.01%  0.00%   0 Environmental mo
      48      221352       37922       5837  0.00%  0.11%  0.11%   0 Net Background
      63       16728       32924        508  0.00%  0.01%  0.00%   0 Compute load avg
      64       72080        2781      25918  0.00%  0.01%  0.00%   0 Per-minute Jobs
       6      371644       29792      12474  0.00%  0.14%  0.12%   0 Check heaps
     176       12216      240288         50  0.00%  0.01%  0.00%   0 CEF: IPv4 proces
     284       36416     4929826          7  0.00%  0.02%  0.01%   0 MMON MENG
     307       12168      806151         15  0.00%  0.01%  0.00%   0 Atheros LED Ctro
     335       35300       19755       1786  0.00%  3.16%  1.00% 708 Virtual Exec
    3845-GW#sh int g0/0
    GigabitEthernet0/0 is up, line protocol is up
      MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
         reliability 255/255, txload 1/255, rxload 1/255
      Encapsulation ARPA, loopback not set
      Keepalive set (10 sec)
      Full Duplex, 1Gbps, media type is RJ45
      output flow-control is XON, input flow-control is XON
      ARP type: ARPA, ARP Timeout 04:00:00
      Last input 00:00:00, output 00:00:00, output hang never
      Last clearing of "show interface" counters never
      Input queue: 0/75/2/56803 (size/max/drops/flushes); Total output drops: 0
      Queueing strategy: fifo
      Output queue: 0/40 (size/max)
      5 minute input rate 1551000 bits/sec, 5751 packets/sec
      5 minute output rate 4207000 bits/sec, 7643 packets/sec
         925128804 packets input, 939078510 bytes, 0 no buffer
         Received 62732 broadcasts (0 IP multicasts)
         0 runts, 0 giants, 2 throttles
         2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored
         0 watchdog, 3763438515 multicast, 0 pause input
         1472816545 packets output, 3214770103 bytes, 0 underruns
         0 output errors, 2067720191 collisions, 1 interface resets
         0 unknown protocol drops
         0 babbles, 2281155551 late collision, 0 deferred
         2 lost carrier, 0 no carrier, 0 pause output
         0 output buffer failures, 0 output buffers swapped out
    3845-GW#sh int g0/1
    GigabitEthernet0/1 is up, line protocol is up
      MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
         reliability 255/255, txload 1/255, rxload 1/255
      Encapsulation ARPA, loopback not set
      Keepalive set (10 sec)
      Full Duplex, 1Gbps, media type is RJ45
      output flow-control is XON, input flow-control is XON
      ARP type: ARPA, ARP Timeout 04:00:00
      Last input 00:00:00, output 00:00:00, output hang never
      Last clearing of "show interface" counters never
      Input queue: 0/75/0/30335 (size/max/drops/flushes); Total output drops: 0
      Queueing strategy: fifo
      Output queue: 0/40 (size/max)
      5 minute input rate 1684000 bits/sec, 7697 packets/sec
      5 minute output rate 3372000 bits/sec, 5632 packets/sec
         1484558664 packets input, 2383177786 bytes, 0 no buffer
         Received 208998 broadcasts (0 IP multicasts)
         0 runts, 0 giants, 0 throttles
         2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored
         0 watchdog, 3060386282 multicast, 0 pause input
         903478941 packets output, 2814588854 bytes, 0 underruns
         0 output errors, 2910776303 collisions, 1 interface resets
         0 unknown protocol drops
         0 babbles, 4157448025 late collision, 0 deferred
         2 lost carrier, 0 no carrier, 0 pause output
         0 output buffer failures, 0 output buffers swapped out

    Has this been something that just recently started happening, or have you had this issue for a while?  Have you installed any new programs recently?
    You may want to download Glary Utilities, which is a free software(they will ask you if you want to go Pro, just say no, the free version works very well).  There is a module for startup manager.  You can go in and disable stuff that starts with the computer.  I would advise unchecking adobe, java, quicktime, printers, etc.  Anything that doesn't REALLY need to start with the computer.  The nice thing with Glary is that you can restart the computer, and if you find that you need one of the programs to start with windows, you can go back in and enable it again.
    The Celeron 925 processor in your computer is a decent entry level processor, but if there are too many programs running in the background, it can bog down quick.  I would also recommend downloading and running Malwarebytes Anti-malware, to be sure that there is nothing malicous running in the background. 
    Qosmio X875 i7-3630QM, 32GB RAM, OCZ SSD Qosmio X505 i7-920XM, PM55, 16GB RAM, OCZ SSD
    Satellite Pro L350 T9900, GM45, 8GB RAM , Intel 320 SSD (my baby) Satellite L655 i7-620M, HM55, 8GB RAM, Intel 710 SSD (travel system)

  • Does Cisco 3845 with NM-16A/S support OIR feature or Hot swap for this NM.

    Dear Sir
    My customer would like to implement Cisco 3845 with NM-16A/S x 4. I found that Cisco 3845 support OIR function but I am not sure OIR function that Cisco 3845 support, it support with which NM models. Can anyone tell me that NM-16A/S on Cisco 3845 support OIR function on this NM or not.
    Thank you very much
    Wisit

    Hi,
    From what I have read from the following document.
    http://www.cisco.com/en/US/products/ps5855/products_installation_guide_chapter09186a00802ccf1d.html
    Network Modules
    Network modules install directly into slots in the rear of the router. The Cisco 3845 router supports online insertion and removal (OIR, or hot swap) of network modules. The Cisco 3825 router does not support OIR.
    Caution The Cisco 3845 router supports OIR with similar modules only. If you remove a network module, along with any installed WAN or voice interface cards, install another module and card combination exactly like it.
    Interface Cards
    Cisco 3800 series routers do not support OIR (hot swap) of interface cards inserted directly into router slots. You must turn off the router before installing or removing an interface card.
    The Cisco 3825 router and the Cisco 3845 router each provide four interface card slots, labeled on the rear panel by HWIC and a number. Each slot can be occupied by one single-wide WIC, VIC, VWIC, or HWIC.
    Hope this helps
    Sarb

  • DMVPN issue on a cisco 3845

    Hi all,
    We have configured a DMVPN from our headquarter to our branch offices (let's say BR1-BR3) .
    We have noticed that sometime we cannot access some of our branch office, the scenario is like this:
    - sometime, BR1 and BR2 are down but BR3 is working fine
    - sometime, BR2 and BR3 are down but BR1 is working fine
    - sometime, BR1 and BR3 are down but BR2 is working fine
    - sometime, only one branch office is down and others are working fine
    the hub is a cisco 3845, the IOS is c3845-advipservicesk9-mz.124-5c.bin
    from the log, we have
    *Sep 7 11:28:59.260: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 7: Neighbor x.x.x.x  (Tunnel100) is down: stuck in active
    *Sep 7 11:29:01.052: %DUAL-5-NBRCHANGE:  IP-EIGRP(0) 7: Neighbor x.x.x.x (Tunnel100) is up: new adjacency
    we do not know why it is down, there is no problem on the connection between the headquarter and branche offices.
    Any suggestion are appreciated.

    Hi Portu,
    please, find below the answer:
    Are you able to ping from tunnel interface to tunnel interface?
    yes, we are able to ping tunnel interface to tunnel interface
    Does the IPsec tunnel come down (show crypto isakmp sa)?
    no, we see the status is ACTIVE
    Does the tunnel interface come down (show interface tunnel x or show ip interface brief)?
    the tunnel is UP
    Any ISAKMP / IPsec related logs during the failure?
    How often does it happen?
    sometimes, many times in one day
    sometimes, every 1 or 2 days
    Does it recover by itself?
    yes, it does
    but after rebooting devices, it works fine again
    Please, let us know if you need more information.

  • Problem with L2TP with Cisco 3845

    Dear all
    I have the following scenario for my dailup network.
    MaxTNT(LAC) ---Ethernet--- Cisco3845 (LNS)
    I have configuered MaxTNT Dailup server to act as LAC and launch a L2TP Tunnel after authenticating with Radius Server. Cisco 3845 acting as LNS estblishes L2TP tunnel with LAC and Dailup Users get connected on it as VPDNpppOE users.
    However problem i am facing is that i don't receieve any authentication request on Cisco LNS. As soon as user gets connect it sents Accouting Request only.
    I need authorization request in order to Push various different AVP from radius. But its not happening.
    Anyone have any idea what could be wrong here?? is thre any specific parameter i need to set up Cisoc.. or on MaxTNT????
    Waiting for reply

    To enable the Layer 2 Tunnel Protocol (L2TP) tunnel server or network access server (NAS) to perform remote authentication, authorization, and accounting (AAA) tunnel authentication and authorization, use the vpdn tunnel authorization network command in global configuration mode. To disable remote tunnel authentication and authorization and return to the default of local tunnel authentication and authorization, use the no form of this command.
    vpdn tunnel authorization network {list-name | default}
    no vpdn tunnel authorization network {list-name | default}

  • Adobe premiere can not find any module capable of playing video. Update the video drivers and start again.

    Adobe Premiere can not find any module capable of playing video. Update the video drivers and start again.
    I've tried all the options suggested and the problem continues.
    What else can I do?
    Note: I had already worked before.
    Windows 8.1
    Notebook i7, 8M memory, video card Nvidia (updated).
    Adobe Premiere Pro 2014
    Please help me. Thank you.
    mailto: [email protected]

    Here is a link to an Adobe TechNote about the same issue with an earlier (much earlier!) version of Premiere Elements and Windows XP.
    http://kb2.adobe.com/cps/324/324938.html
    I'll leave it to Steve and Bill as to whether the fix offered in the link for Premiere Elements 2 would still be applicable to your version of Premiere Elements.
    Hope this is of some assistance.

  • [SOLVED]kernel module capability is missing!

    Hello,
    I was going to setup bind server,with the help of wiki.Wiki mentions that i need capability module to be loaded.
    But when i
    [root@server ~]# modprobe capability
    FATAL: Module capability not found.
    [root@server ~]#
    Do i need this module for my dns server???If i do,where can i find it?:rolleyes:
    My kernel is the following:
    [root@server ~]# uname -a
    Linux server 2.6.33-ARCH #1 SMP PREEMPT Mon Apr 26 19:31:00 CEST 2010 x86_64 AMD Athlon(tm) II X2 240 Processor AuthenticAMD GNU/Linux
    Last edited by ganastasiou (2010-05-08 09:18:03)

    looks like this "capability" is compiled in by default:
    http://bbs.archlinux.org/viewtopic.php?pid=331319
    I removed the respective part from the wiki page.

  • ACL processing in Cisco 3845

    Hi,
    I would like to know that ACL processing in Cisco 3845 is hardware based or software based?
    May I have a list of hardware that support dedicated ASIC for ACL processing?
    Thanks and Regards,
    Ahmed Shahzad.    

    Hi,
    I would like to know that ACL processing in Cisco 3845 is hardware based or software based?
    May I have a list of hardware that support dedicated ASIC for ACL processing?
    Thanks and Regards,
    Ahmed Shahzad.    
    Ahmed,
    ACL processing is primarily accomplished in hardware, but requires forwarding of some traffic flows to the CPU for software processing. The forwarding rate for software-forwarded traffic is substantially less than for hardware-forwarded traffic. When traffic flows are both logged and forwarded, forwarding is done by hardware, but logging must be done by software. Because of the difference in packet handling capacity between hardware and software, if the sum of all flows being logged (both permitted flows and denied flows) is of great enough bandwidth, not all of the packets that are forwarded can be logged.
    These factors can cause packets to be sent to the CPU:
    •Using the log keyword
    •Enabling ICMP unreachables
    •Hardware reaching its capacity to store ACL configurations
    If ACLs cause large numbers of packets to be sent to the CPU, the switch performance can be negatively affected.
    Hope to Help !!
    Ganesh.H
    Remember to rate the helpful post

  • Document on Cisco 3845 gateway with both Voice and VXML role

    Dear all,
    we are using single cisco 3845 gateway as Ingress as well as vxml gateway . Can you provide any documentation regarding the call volume capacity this gateway can handle. We have deployed this gateway in a UCCE parent- child  model.

    Anoop,
    It can be found in Table 7-2 on page 148 of CVP SRND Guide
    HTH
    GP.
    Pls rate helpful posts by clicking on the stars under the post !!

  • Cisco's X2 10GE module and SDH STM64 (I-64.1) framing

    Which Cisco's X2 10GE module is compatible with STM64 I-64.1 interface on transmission equipment?
    It should be the X2-10GB-LR module, but Cisco's website does not say anything explicitly. For XFP modules, Cisco documentation state that they are compatible with STM-64 data rate.

    Which Cisco's X2 10GE module is compatible with STM64 I-64.1 interface on transmission equipment?
    It should be the X2-10GB-LR module, but Cisco's website does not say anything explicitly. For XFP modules, Cisco documentation state that they are compatible with STM-64 data rate.

  • SIP over UDP routing in Cisco 3845

    dear friends,           
    How can we configure the SIP over UDP protocol by Cisco 3845 router?
    For more details please fine the attachment.

    Yes I tried but that is not helpful for me
    How can I contact those people (engage a reputable consultant, or Cisco partner)?
    Also I tried this commands in below.
    voice class codec 1
    codec preference 1 g711alaw
    dial-peer voice 3250 voip
    destination-pattern 3250
    session protocol sipv2
    session target ipv4:10.156.67.6
    session transport udp
    codec g711ulaw
    sip-ua
    retry invite 2
    retry response 2
    retry bye 2
    retry cancel 2
    no inband-alerting
    sip-server ipv4:10.156.67.6
    ip classless
    ip route 0.0.0.0 0.0.0.0 10.157.67.1
    ip route 10.157.67.0 255.255.255.0 10.167.67.225 
    access-list 101 permit ip host 10.156.67.1 host 10.156.67.100
    access-list 101 deny   udp any eq rip any
    access-list 101 deny   udp any any eq rip
    access-list 101 deny   udp any eq isakmp any
    access-list 101 deny   udp any any eq isakmp
    access-list 101 permit ip any any
    snmp-server engineID local 000000090200003094202740
    snmp-server community public RW

  • Cisco 3845 didn't detect HWIC-1FE and SFP GLC-LHSM

    Cisco 3845 not detect HWIC-1FE and
    SFP GLC-LHSM.
    What is latest IOS which will detect WIC HWIC-1FE , SFP GLC-LH-SM.

    Hi,
    You need a minimum of 12.4(15)T for HWIC-1FE Support on 3845 routers.
    Please refer the below URL for details:
    http://www.cisco.com/en/US/prod/collateral/routers/ps5854/product_data_sheet0900aecd80581fe6_ps5853_Products_Data_Sheet.html
    For the HWIC-1FE and HWIC-2FE the minimum level is Cisco IOS 12.4(15)T.
    Regards,
    Arul
    *Pls rate if it helps*

  • Cisco MDS 9222i 10G Module DS-X9704 supports FCoE

    Hi, Whether Cisco MDS 9222i 10G Module  DS-X9704 supports FCoE? i saw IP over FC in the data sheet of this module but not FCoE?
    Thanks
    Abhilash

    Also whether this 10 G interface can work as an Ethernet port and not just a FiberChannel port?

  • Cisco 3845 - Enable bluetooth but cucm administration not loading

    Hello Guys,
    I am trying to enable Jabra bluetooth on Cisco 3845 for a 7962g phone and I am trying to access cucm page and I am unable to do it. I need some help from you guys. Page gives Http error 404, Apache Tomcat. Not sure where to start troubleshooting.
    We have Cisco 3845 and Cisco Unity Express 8.6.1 installed.

    Hi p.bevilacqua
    Thank you for this info  I actually tried all those options aswell but still no luck.. could it be a IOS or DSP  issue ?
    in The meantime I have forwarded this link on to the 3rd partyCisco (Call manager) provider aswell.

  • Configure Trunk carrying same Vlans on two separate uplinks on Cisco 3845

    Hi,
    I need to carry 2 vlans(x & y) in a trunk to two separate redundant devices uplinked to Cisco 3845 on Fa1/0 and Fa1/1. I know I can create sub-interfaces on one of the uplink interfaces(i-e Fa1/0) with 2 distinct 802.1q vlans(Fa1/0.x & Fa1/0.y). But is there a way I can carry same vlans(x & y) trunked to my 2nd redundant device uplinked on 3845 from Fa2/0 ? If not then how should I get the 2nd redundant device uplinked to this 3845 router.
    Any tips.. ?
    Thanks for your help and suggestions.

    IF both links are going to the same device then you can create a Layer 3 Etherchannel. 

Maybe you are looking for