Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 24 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 69053 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QOS of Site-to-Site VPN Tunnels

rmanyc
Thanks for your help.

We have a backup application running from one site to another.   Both sides are connected via ASG 110 and ASG 120 IPSec site-to-site (s2s) VPN.   We have QOS running successfully for our normal traffic (i.e. http to web, smtp to web, etc.).  However, I am having difficulty applying QOS rules to the s2s VPN.   I am not sure how to structure them.  I have read that QOS is applied to outbound traffic, but apparently the traffic is encrypted prior to hitting the QOS.  How exactly should I go about configuring the box to apply QOS to all s2s traffic?   How would I do it for specific (i.e. Http) traffic inside the s2s tunnel.   Is there something I am missing?

Any help is appreciated!

Thanks.


This thread was automatically locked due to age.
Parents
  • 0
    I think it's time for a support ticket to Astaro.  There's a question we're not thinking to ask, so one of the support engineers needs to put some fresh eyes on the issue.  I think you could point them at your post above: https://community.sophos.com/products/unified-threat-management/astaroorg/f/54/p/39632/135782#135782, and mention that you tried with "Any" instead of "External" but that voice is still scrambled when data traffic is high.

    A temporary band-aid would be to limit the IPsec traffic to 1000kb/sec.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I think it's time for a support ticket to Astaro.  There's a question we're not thinking to ask, so one of the support engineers needs to put some fresh eyes on the issue.  I think you could point them at your post above: https://community.sophos.com/products/unified-threat-management/astaroorg/f/54/p/39632/135782#135782, and mention that you tried with "Any" instead of "External" but that voice is still scrambled when data traffic is high.

    A temporary band-aid would be to limit the IPsec traffic to 1000kb/sec.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML