Hi, I recently tested QoS over an IPSEC tunnel using and 876 and was able to limit effective input and output rates using QoS on the router between two hosts.
This got me thinking about trying it on an ASA. I have tried this on an ASA with no success, but it also says in the help it can only be applied to the "Output". Is there a difference in the QoS implementation between a router and ASA?
Update - I had got this to work but only when I use Any Any Traffic. If I select say 192.168.55.20 -> Any it doesn't rate limit.
access-list outside_mpc extended permit ip host 192.168.55.20 any
class-map ROB_QOS (Doesn't work)
match access-list outside_mpc
Class-map ROB_QOS (Does work)
policy-map type inspect dns preset_dns_map
message-length maximum 512
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
police output 100000 2000 conform-action drop
service-policy global_policy global
service-policy Rob_Policy interface inside
service-policy Rob_Policy interface outside