05-28-2009 12:51 PM
Sirs,
I am experiencing the following issue:
- I have an Avaya IP Softphone at my users Notebooks, that when connected directly to the PBX, and I sniff my notebook using Wireshark, I can see the packets are correctly marked with DSCP 46. But when I connect using the VPN Cisco Client, at the user notebook, for some reason the Cisco VPN Client, "remarks" any packet sent to the tunnel with DSCP 0 . This is causing my VoIP network over VPN to have issues. I didn't have these problems before with CheckPoint. Any ideia what might be happenning ? Is it a parameter at my ASA 5540 that is telling the VPN Client to remark any packet to DSCP 0 ? Why can't the Cisco VPN Client just send the packets to the tunnel with the original marking ?
Attached are two session captured, showing the problem. On with CheckPoint VPN Client, working fine! ANd the other with Cisco VPN Client setting the DSCP to 0 , before tunnelating it.
Thanks in advance for your time and help!
Delcio Torres
06-04-2009 11:26 AM
The security appliance does not locally mark/remark any classified traffic, but it honors the Expedited Forwarding (EF) DSCP bits of every packet to determine if it requires "priority" handling and will direct those packets to the LLQ.
06-10-2009 08:55 AM
The issue is that the client is remarking, not the security appliance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide