Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 17 replies
  • Subscribers 3 subscribers
  • Views 12929 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro Red and QoS

Markus_Huber
Hi,
we plan to buy a astaro red for our branch office.
We want to use telefon with voip. 
Can I use the Red device with bandwith controll for the voip traffic?
At the moment we use a fritzbox with a site-to-site vpn connection. But with this configuration I cannot use QoS, or?  

Thanks 
Markus


This thread was automatically locked due to age.
Parents
  • 0
    Markus, you can use QoS through an Astaro IPsec VPN.  If the Fritzbox supports adding TOS/DSCP bits, then you can do QoS with it.  On the 'Advanced' tab of 'Site-to-Site >> IPsec', check the box for 'Copy TOS (Type of Service) value'.  Now, you can configure traffic selectors in QoS that look for the DSCP settings of your VoIP system, and prioritize the IPsec packets with those settings.

    Cheers - Bob
    PS Oops! - I didn't read this closely enough.  Markus was asking about RED.  Thankfully, Tom came along and gave the answer below.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    AFAIK, the OpenVPN implementation on the Astaro (it uses it for the RED appliances as well, as I understand it) does not support QoS inside the tunnel.  The IPSEC VPN implementation supports copying of TOS/DSCP bits onto packets in the tunnel, but it will NOT prioritize them as far as how they are assembled / disassembled inside the tunnel and endpoints.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to BAlfson
    AFAIK, the OpenVPN implementation on the Astaro (it uses it for the RED appliances as well, as I understand it) does not support QoS inside the tunnel.  The IPSEC VPN implementation supports copying of TOS/DSCP bits onto packets in the tunnel, but it will NOT prioritize them as far as how they are assembled / disassembled inside the tunnel and endpoints.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Unfiltered HTML