Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
865
Views
7
Helpful
3
Replies

Guidance on QoS set-up for voice between IPSEC VPN connected sites

mitchen
Level 2
Level 2

‎02-24-2011 07:49 AM - edited ‎03-04-2019 11:33 AM

I have 3 sites.  Each site has a Cisco 1841 as its WAN router with a 10Mb direct internet access circuit connected to Fa0/0.  The sites are then connected to each other via site-to-site IPSEC VPN.  (The LAN switches in use at each site are Cisco 3750 series)

Site A    10.10.1.0/24 – data (VLAN50)

                10.50.1.0/24 – voice (VLAN55)

Site B     10.10.2.0/24 – data (VLAN50)

                10.50.2.0/24 – voice (VLAN55)

Site C     10.10.3.0/24 – data (VLAN50)

                10.50.3.0/24 – voice (VLAN55)

Now, Site A has already been set-up with VoIP telephony.   The plan is to extend this to the other 2 offices.

Auto QoS has been set-up on the switches and data and voice VLANs created in the same way for each office.

The question is, how should/do we extend the QoS for the voice over the WAN to ensure voice quality remains for site to site calls.  And what special considerations do we have to make for it being IPSEC VPN connectivity between the sites?  The actual IP telephony system itself is being set-up by a 3rd party and not a lot of information on their requirements has been forthcoming so far – essentially all we have really been told is that they would like us to “reserve” a certain amount of bandwidth for the voice traffic between each site.

Can anyone offer any advice/guidance on this?

Thanks.

Labels:
0 Helpful
3 Replies 3

sakella
Level 1
Level 1

‎03-04-2011 11:51 AM

Here is an example for site A

--------------------------------------

10.10.1.0/24 – data (VLAN50)

10.50.1.0/24 – voice (VLAN55)

access-list 100 permit udp 10.50.1.0 0.0.0.255 any
access-list 101 permit ip 10.50.1.0  0.0.0.255

class-map match-any VOICE
match access-group 100
!
class-map match-any DATA
match access-group 101

policy-map QOS
!
class voice
priority per 50<-(change the bandwidth as per your requirments)
!
class data
bandwidth 10


int fa0/0 (configure on the outgoing WAN interface on site A)
service-policy out QOS


Here is the  document for preclassify
http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008017405e.shtml

http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a00800b3d15.shtml#t4

mitchen
Level 2
Level 2
In response to sakella

‎03-07-2011 08:27 AM

Thanks, that information looks very helpful.

0 Helpful

tj.mitchell
Level 4
Level 4
In response to mitchen

‎03-07-2011 11:47 AM

Yes.. Setup QoS as you would for a normal WAN based on the circuit speed, total number of calls, Codec etc..

The use the QoS-preclassify command on the interfaces for the VPN tunnel.

You'll also need to remember that if your sending voice over the internet, then you'll be at the mercy of the internet and it's issues.

Customers Also Viewed These Support Documents