03-20-2023 08:26 AM
Hi,
lets say I have 1 hub router and 20 spokes. I am using IPSec with VTI - FlexVPN. The server behind hub router downloads some specific files (traffic can be determined by tcp port) from all spokes sites, besides other things. The question is whether it is possible to apply QOS on all VTI tunnels on the hub router in a way that downloading the mentioned files from the spoke site will work and wont be affected by any other traffic between hub and spoke.
thank you
03-20-2023 12:54 PM
@peter.matuska1 you can use authorisation to apply QoS policies to each virtual-access interface on the hub router. Authorisation can be external (RADIUS) or local. Local authorisation uses attribute list which references the interface command you'd normal define on the router.
Some examples of authorisation.
https://integratingit.wordpress.com/2019/03/20/flexvpn-local-authorization/
https://integratingit.wordpress.com/2018/03/31/configuring-flexvpn-external-aaa-with-radius/
03-21-2023 12:48 PM
ok, but the question is how to apply QoS on all interfaces in a way that specific traffic through all VTI will be prioritise and no other traffic via e.g. Tunnel1 or any other Tunnel interface will block the prioritised traffic because physical interface which is mapped to these interfaces is only 25Mbps and there is like 15 VTIs. thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide