Point to point IPSEC VPN and QoS

Unanswered Question
Oct 31st, 2008
User Badges:

Hello, we are deploying Cisco 871 routers to our customers, we do a simple IPSEC point to point VPN connection. We want to ensure the VoIP traffic is granted over the data traffic.

I did this config but I don't know if I'm doing it right, because I think you have to do an special configuration to make QoS work under IPSEC VPN.


policy-map policy1

class voice

priority percent 75

class default-traffic

bandwidth percent 25



interface Vlan1

ip address

no ip redirects

no ip proxy-arp

ip nat inside

ip virtual-reassembly

Is it right ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mheusing Sat, 11/01/2008 - 12:48
User Badges:
  • Cisco Employee,


There are some questions left before one can tell, if your config is right. I can tell right away that it is not copmplete, but some parts are missing.

First, how did you define the classes "voice" and "default-traffic"? Could you provide the "class-map" commands configured? Unless the class-maps describe traffic properly your policy will not work as expected.

Second, where do you apply the QoS policy? In order to apply the policy you must configure "service-policy output policy1" at the interface, which might be congested.

Third, what is your network situation, i.e. how are the routers connetced to the LAN and to the internet? Which LAN switch are you using? Did you configure QoS there?

So in brief, the configuration excerpt you posted is not doing any QoS, nor is it complete. Could you please provide the rest of the configuration and also a bit more info on your setup? Then we can assist you effectively.




This Discussion