[nycbug-talk] L2TP/IPSec VPN Stress Testing

Jim Brown jpb at sixshooter.v6.thrupoint.net
Wed Feb 14 05:14:16 EST 2007


Greetings Everyone,

I need to perform VPN stress testing on a Cisco ASA setup
we have here in the ThruPoint lab.  Our requirements are
that the setup should handle about 1000 simultaneous connections.

I've looked around for VPN stress testing options and there 
just don't seem to be that many that are, ahem, reasonably priced.
(Ixia 250 new: over $100K, and leasing is 15% list/month- 3 month min.)


Further detail:  We are using MS L2TP/IPSec for the client,
so whatever I use has to be able to generate L2TP/IPSec
sessions.  To get started we'll use preshared keys.  We'll test
certs later.

Clients are Microsoft XP using the Microsoft L2TP/IPSec client.

So, I'm really trying to emulate 1000 Win XP L2TP/IPSec users
connecting at the same time.

I do have about 50 PCs (maybe even more) I can throw at this thing,
so I just need to figure out how to get 50 PCs to generate L2TP/IPSec
connections.

Is there a BSD solution I can use here?

All ideas welcomed!

Best Regards,
Jim B.




More information about the talk mailing list