I currently have a ASA5510 installed and operational. I also have three vpn tunnel established that are operational. Recently, I became concerned with the time it was taking for traffic to reach my system from the vpn offices. I was wondering if anyone knows how the ASA allocates bandwidth to the tunnels? Does each tunnel get a predetermined amount of bandwidth? It seems that all of my tunnels access my local network at about the same speed. If anyone can answer this perplexing question for me, I would appreciate it. Thanks.
Hi .. The ASA offers the QoS feature which can help you to prioritzie your traffic on a per user or per VPN - tunnel. If you have not configured it yet then the bandwidth will be consumed without a fair treatment. If the ASA is perfoming OK then I suggest you to start looking in to this feature and perhaps on a bandwidht upgrade if needed.
"As the Internet community of users upgrades their access points from modems to high-speed broadband
connections like DSL and cable, the likelihood increases that at any given time, a single user might be
able to absorb most, if not all, of the available bandwidth, thus starving the other users. To prevent any
one user or site-to-site connection from consuming more than its fair share of bandwidth, QoS provides
a policing feature that regulates the maximum bandwidth that any user can use.
QoS refers to the capability of a network to provide better service to selected network traffic over various
technologies for the best overall services with limited bandwidth of the underlying technologies.
The primary goal of QoS in the security appliance is to provide rate limiting on selected network traffic
for both individual flow or VPN tunnel flow to ensue that all traffic gets its fair share of limited
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...