This topic contains 9 replies, has 0 voices, and was last updated by 
-
Posts
-
I’have a vpn lan to lan connection between two zeroshell firewall. The vpn is over tcp protocol. In side this tunnel flows datas traffic and voip. I want to implementing a Qos for the voip traffic.
The Eth00 is the inside network, the Eth01 go outside, and Vpn00 is the lan to lan connection.
For the qos what interface I have to manage? the Eth01 or Vpn00?Many Thanks
A little bit of both…
On interface Eth01 you need to prioritize the VPN packets.
On interface VPN00 you will prioritize voice packets over the data packets.Ok. I do like you write me, but I coudn’t recognized vpn traffic.
Witch kind of rules I have to build in Classifier manager to recognized vpn traffic?I would suggest to match it with source or destination IP/port.
I try by a rules on eth01 for tcp traffic on port 1195, because I use a vpn tcp on port 1195. But non intercept any traffic.
Some Ideas?
Could you post some sceenshots of what you have configured?
Eth01 outside lan global bandwith 2Mbit Max / 1Mbit Gar
Vpn00 global bandwith 1532 Kbit Max / 768 Kbit GarClass Manager
Voip high max 1024 Kbit / 512 Gar
VPN High max 1532 kbit / 768 GarVpn on interface Eth01
Vopi on interface Vpn00On this interface I haven’t delete the Default class
Classifier
* * All tcp spt 1195 VPN
* * 10.10.10.230 to 10.10.11.110 VoipPaste here the output of command
iptables -t mangle -L -v. Also let us know if you have netbalancer enabled by any chance, cause it conflicts with QoS.
Now It seems work fine.
In the qos classifier I made a rule like that
*.* tcp Layer 7 SSLv3
Now I can made a traffic shapping on the eth01 for the vpn.That is weird, it should work with the source or destination IP-port.
You’re right, but only with the port it doesn’t work.
You must be logged in to reply to this topic.