Solved: Re: 876 QoS Config Help

rasoftware · ‎06-26-2008

Hi we have an 876 which connects to our main sites via IPSEC. I want to limit the bandwidth between hosts 10.100.8.201 too 10.100.3.220 at our mainsite. The traffic between the two flows via an IPSEC tunnel 10.100.8.0/24 -> 10.100.3.0/24 I only have control of the remote site 10.100.8.0/24 and want to limit bandwidth between the two hosts using QoS on the 876. My question is can this be done before the traffic is processed by the IPSEC rule. I have Qos enabled on dialer2. I have tried policing using an ACL list but it doesn't seem to work.

Thanks

n.nandrekar · ‎06-26-2008

hi!

Yes! You are right. After that command, u can apply qos as normal. That command will ensure that the packets are classified before they are encrypted, so that you can match on the original ip values.

Regards,

Niranjan

(Pls rate the post if helpful)

View solution in original post

n.nandrekar · ‎06-26-2008

Hi!

You can use the qos pre-classify feature on the router in order to classify the packets before they are encrypted.

refer following for details :

http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfvpn.html

Regards,

Niranjan.

(pls rate if helpful)

rasoftware · ‎06-26-2008

Hi thanks for that. Do I understand once this is applied I setup QoS as normal?

Router(config)# crypto map secured-partner-X

Router(config-crypto-map)# qos pre-classify

The add the police via ACL?

n.nandrekar · ‎06-26-2008

hi!

Yes! You are right. After that command, u can apply qos as normal. That command will ensure that the packets are classified before they are encrypted, so that you can match on the original ip values.

Regards,

Niranjan

(Pls rate the post if helpful)

rasoftware · ‎06-27-2008

Thanks thats worked for me.