Hi we have an 876 which connects to our main sites via IPSEC. I want to limit the bandwidth between hosts 10.100.8.201 too 10.100.3.220 at our mainsite. The traffic between the two flows via an IPSEC tunnel 10.100.8.0/24 -> 10.100.3.0/24 I only have control of the remote site 10.100.8.0/24 and want to limit bandwidth between the two hosts using QoS on the 876. My question is can this be done before the traffic is processed by the IPSEC rule. I have Qos enabled on dialer2. I have tried policing using an ACL list but it doesn't seem to work.
Yes! You are right. After that command, u can apply qos as normal. That command will ensure that the packets are classified before they are encrypted, so that you can match on the original ip values.
(Pls rate the post if helpful)