in traffic shaping, should i put 100% in media reservation since i'm using the wan port as a lan port in my network ? (the uc540 is not my router)

Mmm, I should have read your topology more closely... so your data network routers actually handle the VPN?

If that is the case, traffic shaping would have to be configured on them instead.

yes exactly, i've got a cisco rv180w handling my VPN

I guess i'm not the only using remote phone over vpn! I'm sure there's a solution for my problem.

What are the port used when people are speaking together between vpn tunnel ? I'll priorise them.

Ports for RTP (voice) are 16384 to 32767 UDP.

Keep in mind that you probably can't just prioritize those on the WAN interface of your router -- by the time they reach there they are already encrypted and wrapped in IPSEC (or SSL).

There is a solution for your problem -- MPLS (or PTP).

Voice on a VPN over the internet CAN work... if the conditions are favorable. There is no way to garuantee that though.

what's mpls and ptp

http://en.wikipedia.org/wiki/Multiprotocol_Label_Switching

Basically, MPLS is a connection that you buy to connect multiple offices to each other. It is similar to an internet connection, but is ONLY used for communication between offices. You are also garuanteed a certain amount of bandwidth, and can prioritize traffic (such as voice) all the way across the tunnel, to ensure voice quality.

A PTP is similar... but it a single one-to-one tunnel (and you have to configure your own QOS -- and usually provide your own T1 capable routers for it too).

http://en.wikipedia.org/wiki/Point-to-point_(telecommunications)#Basic_point-to-point_data_link

Unfortunately, neither is cheap. (for small businesses anyway)

ok it's not a possible solution for use since we're a small business.

if we buy another uc540 and put it in the remote network and link both uc540 together, will it be better ?

Maybe? As I said before, over the internet -- you have no garuantees.

The best you can do is configure traffic shaping (on whichever peice of a equipment is your gateway to the internet) and hope for the best. As mentioned before, increasing bandwidth can sometimes help as well.

I don't know much about the RV180W... if the UC500 has better traffic shaping capabilities, and you had a UC500 on each end as the gateway -- maybe it would work better... but I would consult Cisco STAC about that; as I said, I don't have experience with that router.

By the way, if you are able to get a packet capture of the RTP traffic to/from the UC, Wireshark is capable of analyzing it and telling you the reason for voice issues (jitter, loss, etc). Might be worth a look.

would it be better if we would put the uc540 as the router/inter gateway thatn using it by the wan port?

Will we have less problem and more stability ?

Possibly -- since CCA is able to configure traffic shaping properly on the UC500.

However, there is no garuantee.

ok but you said this :

Keep in mind that you probably can't just prioritize those on the WAN interface of your router -- by the time they reach there they are already encrypted and wrapped in IPSEC (or SSL).

so i guess it's the same thing if the uc540 is the router/firewall

There are ways around that.

This is kind of technical but... http://packetlife.net/blog/2009/jun/17/qos-pre-classification/

I am not sure if CCA's traffic shaping config is setup for this or not...

I would really recommend opening a case with Cisco to discuss this.

They can review all your config files.