Solved

Congifuring QoS on ASA 5505

Posted on 2010-11-09
5
783 Views
Last Modified: 2012-07-09
Hi,

Recently our company order AT&T 50m internet service, and I need help on setting up QoS on ASA 5505. Also, I'm not sure it's good to connect 50m internet connection directly to ASA 5505.  If anyone could help me on this I would greatly appciate it.
0
Comment
Question by:ndoorsinteractive
  • 2
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
tiago_aviz earned 250 total points
ID: 34098430
Hello, qos on the as is configured on the service policy, right next where you configure the access policies. It's really straightforward, all you have to do is create the conditions and tell it how much bandwidth you want to reserve.
0
 
LVL 4

Expert Comment

by:t509
ID: 34136183
Example VoIP-QoS:

! Enable a priority queue on the outside interface
ASA1(config)# priority-queue outside
ASA1(config-priority-queue)#exit

! Select VoIP traffic for prioritization
ASA1(config)#access-list VoIP-Traffic-OUT extended permit tcp 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 eq h323
ASA1(config)#access-list VoIP-Traffic-OUT extended permit tcp 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 eq sip
ASA1(config)#access-list VoIP-Traffic-OUT extended permit tcp 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 eq 2000

ASA1(config)#access-list VoIP-Traffic-IN extended permit tcp 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0 eq h323
ASA1(config)#access-list VoIP-Traffic-IN extended permit tcp 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0 eq sip
ASA1(config)#access-list VoIP-Traffic-IN extended permit tcp 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0 eq 2000

! Match the ACL and traffic with Expedited Forwarding (EF)
ASA1(config)# class-map Voice-OUT
ASA1(config-cmap)#match dscp ef
ASA1(config-cmap)#match access-list VoIP-Traffic-OUT
ASA1(config-cmap)#exit

! Match the ACL and traffic with Expedited Forwarding (EF)
ASA1(config)# class-map Voice-OUT
ASA1(config-cmap)#match dscp ef
ASA1(config-cmap)#match access-list VoIP-Traffic-OUT
ASA1(config-cmap)#exit
ASA1(config)#class-map Voice-IN
ASA1(config-cmap)#match dscp ef
ASA1(configcmap)#match access-list VoIP-Traffic-IN
ASA1(config-cmap)#exit

! Configure the actual policy that will be applied to the interface
ASA1(config)# policy-map Voice-Policy
ASA1(config-pmap)#class Voice-OUT
ASA1(config-pmapc)#priority
ASA1(config-pmapc)#exit
ASA1(config-pmap)#class Voice-IN
ASA1(config-pmapc)#priority
ASA1(config-pmapc)#exit
ASA1(config-pmap)#exit

! Apply the policy to the outside interface
ASA1(config)# service-policy Voice-Policy interface outside
0
 
LVL 4

Expert Comment

by:t509
ID: 34136200
Above example worked for me, did this several times. It´s using LLQ, the best option for VoIP-Traffic. You can use this with 7.x and 8.x.
It´s not from me, i found it on a website.
0
 

Author Comment

by:ndoorsinteractive
ID: 34148515
Hi t509 and tiago_aviz,

First of all thank you so much for the reply. However, I would like to ask you is there way to configure QoS to divide bandwidth for each department? So we prevent from one department to use all of the bandwidth. If that is possible can you tell me how? I'm really sorry for the bother.

Thanks!
0
 

Author Closing Comment

by:ndoorsinteractive
ID: 34162002
Thank you for the tip!
However, I need to setup each department to share 50m, is there way to split the 50m for each department? If you can answer my question I would greatly appreicate it.

Thanks!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now