Re: ASA 5510 8.0(4) QoS

r.d.schnitzer · ‎04-05-2010

Is there a way to limit the traffic that is sent over a Lan-to-Lan IPSec VPN tunnel configured on an ASA 5510 8.0(4)? We would like to limit the traffic being sent over one of our VPN tunnels to to 12 Mbps so that the rest of our traffic going out our outside interface is not negatively impacted. I'm guessing the answer to my question is that it's not possible, but let me know if you can think of what my best solution would be.

Thanks!

Jon Marshall · ‎04-05-2010

r.d.schnitzer wrote:
Is there a way to limit the traffic that is sent over a Lan-to-Lan IPSec VPN tunnel configured on an ASA 5510 8.0(4)?  We would like to limit the traffic being sent over one of our VPN tunnels to to 12 Mbps so that the rest of our traffic going out our outside interface is not negatively impacted.  I'm guessing the answer to my question is that it's not possible, but let me know if you can think of what my best solution would be.
Thanks!

Yes you can do this. You could police the traffic on the tunnel so it did not exceed 12Mbps. Have a look a this doc and if you have further questions come back -

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008084de0c.shtml

Jon

Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.

r.d.schnitzer · ‎04-05-2010

Should the following accomplish what I've set out to do? Any suggestions?

class-map SIRA
match flow ip destination-address
match tunnel-group x.x.x.x

policy-map global_policy

class SIRA
police output 12582500

service-policy global_policy global

Thanks!

Ryan Schnitzer