Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 24 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 69054 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QOS of Site-to-Site VPN Tunnels

rmanyc
Thanks for your help.

We have a backup application running from one site to another.   Both sides are connected via ASG 110 and ASG 120 IPSec site-to-site (s2s) VPN.   We have QOS running successfully for our normal traffic (i.e. http to web, smtp to web, etc.).  However, I am having difficulty applying QOS rules to the s2s VPN.   I am not sure how to structure them.  I have read that QOS is applied to outbound traffic, but apparently the traffic is encrypted prior to hitting the QOS.  How exactly should I go about configuring the box to apply QOS to all s2s traffic?   How would I do it for specific (i.e. Http) traffic inside the s2s tunnel.   Is there something I am missing?

Any help is appreciated!

Thanks.


This thread was automatically locked due to age.
Parents
  • 0
    While doing this testing, I have faced with another problem which might be a subject for a separate thread (?).
    Originally, I mentioned, our sites were connected via IPSec VPN. Then, I created another VPN of SSL type just to see if I am still going to have s2s connection. Here are the settings:

    IPSec VPN:
    {Site1.LocalNetwork}={Site1.PublicIP}  {Site2.PublicIP}={Site2.LocalNetwork} established

    SSL VPN:
    {Site1.LocalNetwork}={Site1.PublicIP}:443  {Site2.PublicIP}:43598={Site2.LocalNetwork} established

    Both connections' statuses are established, but when I disable the IPSec by clicking the traffic light icon, I have no s2s connection from my computer located at Site1, which I assume supposed to be on via SSL VPN. I can't ping any host on Site2.
    What am I doing wrong?
Reply
  • 0
    While doing this testing, I have faced with another problem which might be a subject for a separate thread (?).
    Originally, I mentioned, our sites were connected via IPSec VPN. Then, I created another VPN of SSL type just to see if I am still going to have s2s connection. Here are the settings:

    IPSec VPN:
    {Site1.LocalNetwork}={Site1.PublicIP}  {Site2.PublicIP}={Site2.LocalNetwork} established

    SSL VPN:
    {Site1.LocalNetwork}={Site1.PublicIP}:443  {Site2.PublicIP}:43598={Site2.LocalNetwork} established

    Both connections' statuses are established, but when I disable the IPSec by clicking the traffic light icon, I have no s2s connection from my computer located at Site1, which I assume supposed to be on via SSL VPN. I can't ping any host on Site2.
    What am I doing wrong?
Children
No Data
Unfiltered HTML