nevesis
asked on
QoS over VPN?
We currently have a VPN setup with 3 satellite offices.
The VPN begins at our ISP on an unknown device, hits the internet, terminates at the offices on Pix 501s (each connected via a different ISP).
We have a T1 from our ISP to our main office.
Our T1 averages 20% usage, but spikes to 100% inbound traffic all too often. This makes the VPN speeds unbearable.
We would like to implement some sort of QoS to prioritize traffic hitting the T1. Our ISP says they aren't aware of any QoS implementations that would work for our scenario.
They suggest bonding an additional T1. (even though we average 20%)
Any suggestions?
The VPN begins at our ISP on an unknown device, hits the internet, terminates at the offices on Pix 501s (each connected via a different ISP).
We have a T1 from our ISP to our main office.
Our T1 averages 20% usage, but spikes to 100% inbound traffic all too often. This makes the VPN speeds unbearable.
We would like to implement some sort of QoS to prioritize traffic hitting the T1. Our ISP says they aren't aware of any QoS implementations that would work for our scenario.
They suggest bonding an additional T1. (even though we average 20%)
Any suggestions?
Oh and they can prioritize/rate limit inbound and outbound :)
ASKER
Thank you for your suggestion. I'm looking into it now.
Sadly, I doubt the ISP will go for it because it would have to be placed on their end before the sometimes-congested T1.
Cisco seems to offer QoS for encrypted traffic, but I'm not sure about implementing it with the PIX devices. Perhaps I need to contact Cisco.
Sadly, I doubt the ISP will go for it because it would have to be placed on their end before the sometimes-congested T1.
Cisco seems to offer QoS for encrypted traffic, but I'm not sure about implementing it with the PIX devices. Perhaps I need to contact Cisco.
Well it looks like it's possible:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/gtqosips.html
I'm looking into it a little further.
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t8/feature/guide/gtqosips.html
I'm looking into it a little further.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008080dfa7.shtml
Example uses QoS for VoIP prioritization.
I'm not sure if I could use this example for what I need though.
Basically I just need a IAD 2400 series to prioritize incoming VPN traffic over all other incoming traffic.
Example uses QoS for VoIP prioritization.
I'm not sure if I could use this example for what I need though.
Basically I just need a IAD 2400 series to prioritize incoming VPN traffic over all other incoming traffic.
You might want to look into a Packeteer packet shaper. They can prioritize on just about any protocol, IP address, etc...that you can think of. It probably would take long to get your ROI on the Packeteer vs. a new T1. They are definitely worth you looking into.
http://www.packeteer.com/
I've used all the way up to the 10,000 series and they are excellent devices. Customer support is fantastic as well.