I changed my configuration to a routed environment between eth0 (local net interface on both zeroshell firewalls) and vpn00 which talks to the opposite zeroshell firewall. I implemented QOS on routed packets only.
Again, pinging eth1 to eth1 (wan interface to wan interface on the zeroshell firewalls), I get 23 ms. Pinging anything through the vpn yields 900-1000ms!
I appreaciate any other ideas.
Would it be better to configure the QOS in a bridged network ???
(eth0 and vpn0 bridged) ?