Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
935
Views
5
Helpful
3
Replies

QoS on VPN traffic

bigeric
Level 1
Level 1

‎09-15-2004 06:16 PM - edited ‎02-20-2020 11:37 PM

Dear All,

I would like to know how to classify IPSec VPN traffic for QoS. Shall I only classify the IPSec port or there is other ports in the VPN connection.

thx

0 Helpful
3 Replies 3

aacole
Level 5
Level 5

‎09-16-2004 08:01 AM

If you want to give IPSec priority over other traffic then prioritise IP protocol 50, which is IPSec ESP. This is the most common form of IPSec.

You may also want to include ISAKMP, key management for setting up the tunnel, this runs over UDP port 500. However the exchanges are so small that I dont really think you will get any benefit, I'd just stick with ESP which is your encapsulated data.

The alternative IPSec protocol is AH, this runs over IP protocol 51 but I've never seen it deployed in the real world.

Andy

0 Helpful

bigeric
Level 1
Level 1
In response to aacole

‎09-16-2004 06:06 PM

Dear Andy,

Thanks for your reply, Can I clarify a bit more?

After the IPSec tunnel was estabished, are all traffic passing through the tunnel using protocol 50/51 ?

In fact, I would like to priortiy all IPSec VPN traffic so I need to know what ports/protocols are involved.

thanks

Eric

0 Helpful

aacole
Level 5
Level 5
In response to bigeric

‎09-21-2004 02:09 AM

Hi Eric,

Your on the case, once the tunnel is up all the traffic will be encapsulated in IP protocol 50, this assume your using IPSec ESP which would be normal.

So set your prioritisation for IP protocol 50 and your there. Hope that clarifies the situation.

Andy

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card