I've established a hub (Cisco 1921-G2) n spoke (Cisco 887VA) Easy VPN environment using network extension mode. The VPNs are configured to carry data and Voice traffic.
I've got separate VLAN on the HUB for data (vlan 1) and voice (vlan 10) and allowed traffic from both VLANs over Easy VPN tunnel. VPN establish without any issue and works fine for Data but for voice remote user can hear other caller just fine but his voice to the other end gets jitters and not clear. (Especially when we are running uploads: Found out during DSL speed test)
On the remote user end (Spoke- Cisco 887-VA) Avaya IP phones, point direct to VLAN 10 on Hub via IP 192.168.5.0/24 network. But the internal LAN IP of the phone is allocated via local Cisco 887-VA DHCP. I've implemented outbound QoS on Virtual-Template 1 VPN interface but it has not helped
Our remote users have only ADSL lines with appox 10Mbps download and 0.8 Mbps upload. I know its not ideal but if there is something I can do to increase the VoIP call quality.
Shall I create a sperate VLAN on the spoke routers as well for IP phone? And allow both VLANs from Spoke through VPN to communicate with HUB. I've given this a try before but it didn't helped and then I tried QoS. Shall I try voice VLAN and QoS both at the same time now?
If there is any spefic QoS you would like me to add, please let me know.
I've already adjected the tcp mss to 1356 on VLAN 1, shall I apply it on any other interface as well?
The command, "sh crypto ipsec sa" shows MTU as 1500, do I need to decrease ths MTU size here?
I've included the config of the spoke router, if any one want to have a look in case.
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...
Dear Team Suppose we have hundreds of rules in access policy on cisco fmc device. Now I want to fetch all access policy rules in which I have mentioned some specific port number X. Can anyone help me with the process to fetch the same?
Greetings everyone, Happy New Year! I would like to thank you all for making our ISE demos in dCloud a great success!
The ISE instant demo has been in the top 5 of Enterprise demos for a long time now and recently just moved into the #1 and 2 slots...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
A More Intuitive Cognitiv...