My customer has a 5505 at home that is using EZVPN back to a 5510 head end. Behind the 5505 he has a laptop and a Cisco 'Soft' phone installed upon it. He can make calls but is getting only one way audio. People can hear him but he cannot hear anyone.
I want to install a service policy for voice on both the head end and on the 5505, but because the VPN is using EZVPN with NEM I am not sure how to match the tunnel-group within the class-map.
Is it enough to just match the markings and not the tunnel-group?
match dscp cs3 af31 ef
police output 640000
service-policy voip.policy interface outside
This policy on both the headend 5510 and remote 5505.
Usually one-way audio is a routing issue. Have him place a call and then look at the audio stream traffic. I would imagine the return traffic doesn't know how to get back to him. Could be a NAT or routing issue.
Yeah actually I checked into that and all looks good. Actually learned from the customer that the problem isn't really behind the 5505, but instead when he uses the VPN client direct. Still can't find a NAT problem but it would appear that perhaps his IP communicator needs to be set to use the VPN adapter interface instead of the real laptop interface. Waiting to hear back from him.
Still would like to know about how to apply the QoS policy when using EZVPN though...for now I have just applied it et. al and am not matching against a tunnel-group. I am thinking this will have the same affect but if anyone can confirm that would be cool.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :