
DES/3DES/AES VPN Encryption Module (AIM-VPN/EPII, AIM-VPN/HPII, AIM-VPN/BPII Family)
Restrictions for DES/3DES/AES VPN Encryption Module
3
Cisco IOS Release 12.3(7)T
Restrictions for DES/3DES/AES VPN Encryption Module
• Rivest-Shamir-Adelman (RSA) manual keying is not supported.
• To achieve maximum benefit from hardware-assisted IP Payload Compression Protocol (IPPCP), it
is suggested that prefragmentation be disabled if IP compression with the Limpel Zif Stac (LZS)
algorithm is enabled on IP Security (IPSec) sessions.
How to Configure DES/3DES/AES VPN Encryption Module
There are no configuration tasks specific to the encryption hardware. Both software-based and
hardware-based encryption are configured in the same way. The system automatically detects the
presence of an encryption module at bootup and uses it to encrypt data. If no encryption hardware is
detected, software is used to encrypt data.
Additional References
The following sections provide additional references pertaining to VPN Encryption Modules.
Related Documents
Cisco 3725 AIM-VPN/EPII Hardware Encryption
Module
AIM-VPN/EPII-Plus Hardware Encryption Module
Cisco 3660
Cisco 3745
AIM-VPN/HPII Hardware Encryption
Module
AIM-VPN/HPII-Plus Hardware Encryption Module
Table 1 AIM/VPN Encryption Module Support by Cisco IOS Release
Platform Encryption Module Support by Cisco IOS Release
12.2(13)T 12.3(4)T 12.3(5) 12.3(6) 12.3(7)T
Related Topic Document Title
Installation of VPN encryption modules Installing Advanced Integration Modules in Cisco 2600 Series,
Cisco 3600 Series, and Cisco 3700 Series Routers
ISDN configuration Cisco IOS ISDN Voice Configuration Guide, Release 12.3
Cisco 2600 series Cisco 2600 series routers documentation index on Cisco.com
Cisco IOS References Cisco IOS Security Configuration Guide, Release 12.3
Cisco IOS Security Command Reference, Release 12.3
Komentáře k této Příručce