Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
1
Replies

VPN Packet differentiation in a router?

admin_2
Level 3
Level 3

‎11-08-2002 12:34 PM - edited ‎02-21-2020 12:10 PM

I have IPSec VPN going out of a PIX515 to a 2611 router. Through this PIX is going out aslo non-VPN Web trafic like MP3. At the router which has two interface with fixed IP address connected to the Internet (1xADSL, 1x64kbps), I would like the VPN traffic to always use the ADSL while forcing the other trafic to lower level and use the 64kbps, and if room, use what is left of the ADSL.

How then recognise and prioritize at the router level VPN traffic? By the packet type, IPSec? Is the 2611X enough for that (45 users at this site and 30 remote).

Labels:
0 Helpful
1 Reply 1

mnlatif
Level 3
Level 3

‎11-12-2002 04:10 PM

You can identify the IPSec Traffic by the Source and Destination Port numbers.

For ISAKMP i.e. Initial Tunnel Setup and then Key Re-negotiation - UDP, 500 (For both source and destination)

IPSec Encapsulation - Protocol Number = 50 (ESP)

If using PPTP then TCP - 1723 (Destination Port), For Control Setup

and GRE (Protocol Number=47) for Encapsulation

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents