Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
444
Views
0
Helpful
1
Replies

Selecting traffic for QoS for a VPN client

James.Longman
Level 1
Level 1

‎05-15-2012 01:59 PM - edited ‎03-11-2019 04:07 PM

Hi,

How can I select specifc traffic for QoS when a VPN client connects?

I have:

class-map vpn-qos

match flow ip destination-address

match tunnel-group vpn-group

To prioritise all traffic for a VPN group, but what of I want to only prioritise their HTTP traffic (for example) over everything else they put through the VPN? I thought I would match TCP/80 as a source port with an ACL and add match access-list to the class-map.

However, the ASA responds that I can't mix these commands...

Am I missing something? Thanks!

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎05-15-2012 05:10 PM

Hello James,

You cannot mix an ACL with the Tunnel-group match command over a class map.

You could do it like this:

class-map test

match port tcp eq http

match tunnel-group test123

Regards,

Do rate all the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card