Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
216
Views
5
Helpful
1
Replies

GRE with Qos

adancso
Level 1
Level 1

‎01-08-2003 07:07 AM - edited ‎03-09-2019 01:36 AM

Hi Everyone,

I've got a problem, maybe someone can help me.

Here's teh description:

1 client, 2 sites, both sites have a PIX between the lan and the outside, a 2600 series router handles the serial line both sites (internet connections).

On each site there's only 1 IP address from the provider, so between the PIXes and routers we are using a private IP subnet.

The two PIXes are connected with an IPsec tunnel. (with isakmp)

In order to avoid NATing with the routers we have configured a GRE tunnel over the internet.

Looks like this:

LAN -> PIX -----(IPsec)----> 2600 ------(GRE)------ 2600 <---(IPSec)----PIX<----LAN

I know that it would be nice to set up a direct IPsec link between the two routers, but it's not an oprion (the client wants the IPsec built by the firewalls)

It works very nice, but they have a new request.

They want to have two traffic classes over the connection with a simple priority queueing.

We made 2 IPsec tunnels, so the routers will be able to separate the traffic to two classes, but the problem is that GRE does not support queueing as far as I know.

How can we provide QoS with this IPSec over GRE solution?

Thanks for the help,

Attila

Labels:
0 Helpful
1 Reply 1

jfrahim
Level 5
Level 5

‎01-08-2003 07:17 AM

Hi Attila,

See if this is something that you are looking for:

http://www.cisco.com/warp/public/105/qostunnel.html

Jazib

Customers Also Viewed These Support Documents