Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Point to point IPSEC VPN and QoS

Hello, we are deploying Cisco 871 routers to our customers, we do a simple IPSEC point to point VPN connection. We want to ensure the VoIP traffic is granted over the data traffic.

I did this config but I don't know if I'm doing it right, because I think you have to do an special configuration to make QoS work under IPSEC VPN.


policy-map policy1

class voice

priority percent 75

class default-traffic

bandwidth percent 25



interface Vlan1

ip address

no ip redirects

no ip proxy-arp

ip nat inside

ip virtual-reassembly

Is it right ?

Cisco Employee

Re: Point to point IPSEC VPN and QoS


There are some questions left before one can tell, if your config is right. I can tell right away that it is not copmplete, but some parts are missing.

First, how did you define the classes "voice" and "default-traffic"? Could you provide the "class-map" commands configured? Unless the class-maps describe traffic properly your policy will not work as expected.

Second, where do you apply the QoS policy? In order to apply the policy you must configure "service-policy output policy1" at the interface, which might be congested.

Third, what is your network situation, i.e. how are the routers connetced to the LAN and to the internet? Which LAN switch are you using? Did you configure QoS there?

So in brief, the configuration excerpt you posted is not doing any QoS, nor is it complete. Could you please provide the rest of the configuration and also a bit more info on your setup? Then we can assist you effectively.



Re: Point to point IPSEC VPN and QoS

You need to post the complete configurations. You can find some good examples on this page: