i have c2600 router connected with ipsec VPN to ASA5520. I want to apply QoS on router, because link is congested by corporate regular traffic. I want to prioritize traffic communicating on ports 5061-5064 (voice, video...).
What can be the best QoS strategy for this scenario?
Since you mention VPN, I'm assuming this is across the Internet? If true, are the Internet links used by the VPN used by other than just this one VPN connection? If so, very difficult to impossible to guarantee service.
If there's just the VPN connection across the Internet, I've found an effective QoS strategy to be to shape such that bandwidth bottlenecks are avoided except at the Internet endpoints, and for those, use CBWFQ to implement QoS to treat traffic as necessary (e.g. LLQ for real-time traffic such as VoIP).
I'm not familar with the capabilities of the ASA. What all the 2600 can do depends on the IOS.
Like Joseph stated, if this goes over the internet, it's best effort. That being said, I have a client that was having this issue and as a test we gave priority to the remote end IP. It has resolved most of their VoIP issues over the VPN.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...