even 128 bit is overkill. 256 is total overkill. If they insist on 256, you will need hardware that can handle the extra overhead and another OS like pfSense. Unless your client is dealing with Top Secret material, 128-bit should be more than adequate.
Roy...
for more information on 128-Bit Versus 256-Bit AES Encryption:
http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf