Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VoIP over VPN

I have configured a small site using an 831 doing EZVPN to a 3030 concentrator for connectivity for about five phones. Our 3030 is lightly utilized and can handle the extra traffic. The 831 is running across a .5 km wireless link using 128bit WEP. Wireless signal strength and quality are above 75% with a low retry rate. I am having some choppy audio, and am beginning to suspect the 831 cannot handle the load. Processor utilization averages 25% with spikes to 60%. I have another site in a remote area using wireless with just WEP (no VPN) and it works great for the same number of phones. Does anyone have any ideas for how to track this down? Is anyone else doing VoIP with VPN, and what equipment are you using for how many phones?


Re: VoIP over VPN

Choppy audio? My first question would be what are you doing to prioritize the voice packets over the data packets? What are you doing about fragmentation as well?

New Member

Re: VoIP over VPN

I worked with TAC to derive this from my current QoS for serial links. QoS works great and has been tested under load. A single phone call does not cause problems, but more than two and they start breaking up.

class-map match-any voice-signaling

match access-group 111

class-map match-any voice-traffic

match access-group 110

policy-map voip_ipsec

class voice

priority 240

class call-setup

bandwidth 8

class class-default



policy-map shaper

class class-default

shape average 1544000

service-policy voip_ipsec

policy-map qos-in

class voice-signaling

class voice-traffic

access-list 110 permit udp any any range 16384 37276

access-list 111 permit ip any any dscp af31

interface Ethernet0

service-policy input qos-in

crypto ipsec client ezvpn xxxxxx inside

hold-queue 100 out


interface Ethernet1

duplex auto

service-policy output shaper

no cdp enable

crypto ipsec client ezvpn xxxxxx

New Member

Re: VoIP over VPN

Is your wireless link a PTP or Multipoint connection, in other words is your central access point serving more than just one remote. Also are you sending more than just voice across the wireless link.

I have done some fairly extensive testing with voip over wireless in the area you are describing and found it "iffy" at best. Some days it works great, other days it plain just stinks.

We have rolled out some major projects using wireless and have gotten burnt. Now running fiber between the buildings. Big up front cost but much more reliable and more robust in the long run.

Just my 2 cents worth.


CreatePlease to create content