We have a customer who has an ipsec site2site vpn from their ASA5505 to a Datacenter, also ASA5505
I want to prioritize the vpn tunnel traffic since they notice performance issues. The internet interface has speed down/up: 20/5 Mbps.
I have configured qos like this:
queue limit 1024
match flow ip destination-address
match tunnel-group dcatunnelgroup
service-policy vpnqos_pm interface outside
Is this sufficient / will this work, when I configure this on both ends?