On 10/14/05, James W. McKeand <james at mckeand dot biz> wrote:
> Have the throughput issues with the net4801 and vpn1411 been resolved?
> The issues were reported in a throughput test done by Manuel over a year
> ago (I think). Would this be a viable, good performance combination? I
> maybe expanding a VPN for a client (currently using Linksys gear)

If they're currently using *Linksys* gear, do you really need a crypto
accelerator, especially on a 4801?

Assuming you're talking about VPN over the Internet, a 4801 without a
crypto card tested at (in Mbps):

3DES-MD5:               3.85 / 3.76
3DES-SHA1:              3.19 / 3.17
Blowfish-MD5:           7.74 / 7.90
Blowfish-SHA1:          5.65 / 5.71
CAST128-MD5:            7.65 / 7.63
CAST128-SHA1:           5.61 / 5.56
AES128-MD5:             7.11 / 7.26
AES128-SHA1:            5.26 / 5.33

The vpn1411 tested slower than that on 3DES (only thing supported by
the card).

Especially if you have VPN client software that supports AES or
Blowfish, you can likely do without, unless we're talking about a big
fat Internet pipe.

Sorry I can't answer your original question at the moment (though I do
have a vpn1411 and a 4801 I could test, and will be doing so
eventually, I don't have the time right now).

-Chris