Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
229
Views
0
Helpful
1
Replies

Cisco ASA - VoIP - VPN

hcarmenates
Level 1
Level 1

‎08-16-2016 07:14 AM

Hello.

We have three offices with Cisco ASA 5505 interconnected via L2L VPNs . In one of these locations we just installed Panasonic VoIP  and we are having some latency. The Panasonic technical guys suggested us to isolate Voice Traffic from the Data Traffic creating a new (separated) VLAN, of course, into another network. For example VLAN2 for Data in 192.168.3.0 and VLAN3 for Voice Traffic in 192.168.3.0

Our questions are:

1- Would you create another VPN for Voice Traffic with that new VLAN3 - Voice Network?

2- If we put the Voice Traffic in another VPN how would we configure QoS? How to setup priority for the Voice VPN over the Data VPN?

3- Or is it better to leave the Traffic not going through (into) a VPN because VPN's algorithms of Autentication, Encryption, etc could create more latency?

In some configuration examples from Cisco I have seen how to apply QoS setting the Voice Traffic with priority through "match DSCP ef" and the Tunnel (with the Data Traffic) into a Shaping Traffic. Is it better than creating another VPN for Voice Traffic?

Thank you in advance.

Labels:
0 Helpful
1 Reply 1

jonathanlunt
Level 1
Level 1

‎08-16-2016 08:07 AM

1. yes, always. it will have to be a different address to the VLAN2 network, so in your example a 192.168.4.0 would do.

2. Read a QoS setup guide, this is an old one but it might be a start:

http://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/qos_solutions/QoSVoIP/QoSVoIP.html

3. This depends on how secure you want your voice traffic to be. I would recommend a VPN

0 Helpful
Customers Also Viewed These Support Documents