match flow ip destination-address
match tunnel-group lon-newyork
service-policy Pol-Lon-Tunnel interface outside
Guys, Not sure if the above config will work for what i am trying to do. The plan is to terminate other tunnels on this firewall and the no sysopt connection permit-vpn is enable so i am permitting the tunnel traffic using an ACL applied on the inside interface. What i need to to priotize all ipsec tunnel traffic through the firewall. I dont want any tunnel traffic dropping if the ASA output queue is fill up. Will the above config work?