what is the best way to setup QOS between an ASA 5505 and ASA 5510x for VOIP Traffic
I have four sites that use ASA 5505's that connect to the main office's ASA 5510x in Dallas via site 2 site tunnels. I need to setup QOS for voip traffic from our Houston site and possibly the others in the future.
The Houston site has four ip phones that connect to a pbx at our main location and have Comcast cable as the ISP. They have light internet usage (5 person office) and 3 printers that are also printed to from our main office.
Our main location has a T1 and will soon be moving to fibre.
I need help with a best practice step by step guide to setup the voip on the 5505/5510. I have looked at the configuration guide and perused some discussion groups and it seems there are many ways to accomplish this.
I cannot work on a step by step configuration reference as that's why the configuration guide exists :D I can talk about recommendations and what I think the best option is.
In this case if I am not mistaken you want to implement QoS for VoIP traffic across VPN tunnels.
For this u will use something as
description “match on Branch Tunnel Group based on flows”
match tunnel-group x.x.x Main_Office_IP_addres
match dscp ef (To match VoIP traffic)
And then of course prioritize (On the ASA u Need to create a priority queue manually, configure the queue limit and Transmit-Ring setttions).
Now Remember that Priotity will only take place after the interface queue gets fullfiled (So the Congestion Management tool takes place) So I would also recommend first shapping the traffic to the exact rate you are paying the ISP (So the congestion management kicks in faster).
I know, I know sounds hard to do but it's not that bad, and just for ur reference here is a links that talks about it.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...