vpn and Qos

Home Page Forums Network Management VPN vpn and Qos

  • This topic is empty.
Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #42269
    Sim3
    Member

    I’have a vpn lan to lan connection between two zeroshell firewall. The vpn is over tcp protocol. In side this tunnel flows datas traffic and voip. I want to implementing a Qos for the voip traffic.
    The Eth00 is the inside network, the Eth01 go outside, and Vpn00 is the lan to lan connection.
    For the qos what interface I have to manage? the Eth01 or Vpn00?

    Many Thanks

    #49860
    ppalias
    Member

    A little bit of both…
    On interface Eth01 you need to prioritize the VPN packets.
    On interface VPN00 you will prioritize voice packets over the data packets.

    #49861
    Sim3
    Member

    Ok. I do like you write me, but I coudn’t recognized vpn traffic.
    Witch kind of rules I have to build in Classifier manager to recognized vpn traffic?

    #49862
    ppalias
    Member

    I would suggest to match it with source or destination IP/port.

    #49863
    Sim3
    Member

    I try by a rules on eth01 for tcp traffic on port 1195, because I use a vpn tcp on port 1195. But non intercept any traffic.

    Some Ideas?

    #49864
    ppalias
    Member

    Could you post some sceenshots of what you have configured?

    #49865
    Sim3
    Member

    Eth01 outside lan global bandwith 2Mbit Max / 1Mbit Gar
    Vpn00 global bandwith 1532 Kbit Max / 768 Kbit Gar

    Class Manager
    Voip high max 1024 Kbit / 512 Gar
    VPN High max 1532 kbit / 768 Gar

    Vpn on interface Eth01
    Vopi on interface Vpn00

    On this interface I haven’t delete the Default class

    Classifier
    * * All tcp spt 1195 VPN
    * * 10.10.10.230 to 10.10.11.110 Voip

    #49866
    ppalias
    Member

    Paste here the output of command

    iptables -t mangle -L -v

    . Also let us know if you have netbalancer enabled by any chance, cause it conflicts with QoS.

    #49867
    Sim3
    Member

    Now It seems work fine.
    In the qos classifier I made a rule like that
    *.* tcp Layer 7 SSLv3
    Now I can made a traffic shapping on the eth01 for the vpn.

    #49868
    ppalias
    Member

    That is weird, it should work with the source or destination IP-port.

    #49869
    Sim3
    Member

    You’re right, but only with the port it doesn’t work.

Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.