Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using QoS in Pix to prioritize VPN Lan2LAN traffic

Hi

Is it possible to do some kind of QoS in the pix to prioritize traffic going into Lan2Lan-tunnels over other outgoing traffic to internet?

Regards Jimmy

3 REPLIES
Silver

Re: Using QoS in Pix to prioritize VPN Lan2LAN traffic

AFAIK it is not possible to mark on the PIX but PIX will copy the ToS frm IP header to the VPN header. If you have a router bfor the PIX, you can do the marking there

Silver

Re: Using QoS in Pix to prioritize VPN Lan2LAN traffic

Picked this from

http://www.ciscopress.com/articles/article.asp?p=379751&rl=1

Prior to PIX 7.0, a Cisco security appliance could inspect and forward traffic only in a best-effort fashion. The first packets into a firewall would be the first packets coming out, regardless of the application being used or the urgency of the traffic.

PIX 7.0 introduces priority queuing on firewall interfaces, so that urgent or time-sensitive traffic can be identified and placed in a strict priority queue. The firewall always makes sure that any packets in a priority queue are sent before any

others. This is an important feature for applications like voice and video, where packets must be delivered in a consistently prompt fashion, without being affected by other traffic passing through the firewall.

Specific traffic can also be identified and held within configured bandwidth constraints. This is known as policing, a handy tool that can be used to keep less desirable or less important applications from hogging the links coming from a firewall.

HTH

New Member

Re: Using QoS in Pix to prioritize VPN Lan2LAN traffic

Richard

CCIE | NNCSE

member --- HSTRA

//

145
Views
0
Helpful
3
Replies
CreatePlease login to create content