This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does it possible QOS of Site-to-Site VPN Tunnels

We have a backup application running from one site to another. Both sides are connected via ASG 110 and ASG 120 IPSec site-to-site (s2s) VPN. We have QOS running successfully for our normal traffic (i.e. http to web, smtp to web, etc.). However, I am having difficulty applying QOS rules to the s2s VPN. I am not sure how to structure them. I have read that QOS is applied to outbound traffic, but apparently the traffic is encrypted prior to hitting the QOS. How exactly should I go about configuring the box to apply QOS to all s2s traffic? How would I do it for specific (i.e. Http) traffic inside the s2s tunnel. Is there something I am missing?

Regards

Syed

This thread was automatically locked due to age.

0 Jaydeep over 4 years ago

Hi imran syed

You will not be able to apply QoS directly on IPSec Site-to-Site VPN tunnels. You can try configuring for that traffic over the WAN interface which connects IPSec tunnels but not on encapsulated traffic.

Regards

Jaydeep
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 4 years ago

Sala Syed and welcome to the UTM Community!

On the 'Advanced' tab of 'Quality of Service (QoS)', you can select 'Keep classification after encapsulation' so that QoS rules apply to IPsec packets based on their content. Is that what you were looking for?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel