Cisco VPN Client setting QoS DSCP 0

Unanswered Question
May 28th, 2009

Sirs,

I am experiencing the following issue:

- I have an Avaya IP Softphone at my users Notebooks, that when connected directly to the PBX, and I sniff my notebook using Wireshark, I can see the packets are correctly marked with DSCP 46. But when I connect using the VPN Cisco Client, at the user notebook, for some reason the Cisco VPN Client, "remarks" any packet sent to the tunnel with DSCP 0 . This is causing my VoIP network over VPN to have issues. I didn't have these problems before with CheckPoint. Any ideia what might be happenning ? Is it a parameter at my ASA 5540 that is telling the VPN Client to remark any packet to DSCP 0 ? Why can't the Cisco VPN Client just send the packets to the tunnel with the original marking ?

Attached are two session captured, showing the problem. On with CheckPoint VPN Client, working fine! ANd the other with Cisco VPN Client setting the DSCP to 0 , before tunnelating it.

Thanks in advance for your time and help!

Delcio Torres

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aghaznavi Thu, 06/04/2009 - 11:26

The security appliance does not locally mark/remark any classified traffic, but it honors the Expedited Forwarding (EF) DSCP bits of every packet to determine if it requires "priority" handling and will direct those packets to the LLQ.

Actions

This Discussion