IOS as a PPTP server limits?

I've configured VPDN for PPTP on a Cisco router before and it works well as a Microsoft PPTP server, either for local authentication or to a Radius server. It makes a decent replacement to a real NT server for PPTP access in my limited trial.

However, I have not load tested it. With just a single user session, I managed to make the CPU on a 1751 router go to 50% and on a 3725 router, it hit 16% when moving about a T1 of bandwidth. That doesn't lead me to believe it will scale very well.

Has anyone had any success with 50 or 100 PPTP users on a Cisco router, of any model or size?

Thanks, Bob

Reply to
Loading thread data ...

I suspect that the encryption is taking up all the CPU.

You can get hardware based VPN/encryption modules (depending on the router) that should greatly increase the number of connections you can handle.

Reply to

These modules (AIM, or on board integrated) works with IPSec encryption, but MPPE is processed by software. I have 2811 with AIM-VPN module with both EasyVPN and PPTP servers enabled, but counters for crypto engine accelerator don't counting packets for MPPE, only for IPSec traffic.

B.R. Igor

Reply to
Igor Mamuzic Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.