QoS on ASA 5520 with 871 ezvpn clients

Unanswered Question
Oct 26th, 2007

Hello All-

I have an ASA 5520 (Software Version 7.2(2)) that I am trying to setup QoS for VoIP on the outside egress interface (the destination being an 871 ezvpn client). I have configured the Inside interface with the same QoS policy-map as the outside and can observe transmit traffic when placing a VoIP call. However, the egress traffic on the Outside interface does not reflect that the policy has been applied? It is as though the traffic is being encrypted before there can be a match. Is there a way to apply the policy before encryption? Below are snippets of my configuration:

priority-queue Outside

priority-queue Inside

!

class-map Voice

match dscp ef

class-map csc-filter

match access-list cscfilter-acl

!

!

policy-map csc-traffic-filter

class csc-filter

csc fail-open

policy-map global-policy

class class-default

csc fail-open

inspect ftp

policy-map Voice_Policy

class Voice

priority

!

service-policy global-policy global

service-policy Voice_Policy interface Outside

service-policy Voice_Policy interface Inside

service-policy csc-traffic-filter interface InternetDMZ

Interface Outside:

Service-policy: Voice_Policy

Class-map: Voice

Priority:

Interface Outside: aggregate drop 0, aggregate transmit 0

Interface Inside:

Service-policy: Voice_Policy

Class-map: Voice

Priority:

Interface Inside: aggregate drop 0, aggregate transmit 33695

Any assistance would be greatly appreciated.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion