Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 1298 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[7.306] QOS bandwidth limits not working for IPSEC traffic

BarryG
This has probably been discussed before, but I can't find it...

I've got a 7.306 with 2 interfaces, and some IPSEC site-2-site VPN tunnels...

In the QOS settings, I've got the external interface bandwidth set to 9999 for both uplink and downlink.

I've got an scp process running over the VPN, and it's using 20mbits!

Do I need to setup some traffic pools or ?

Thanks,
Barry


This thread was automatically locked due to age.
  • 0
    Yep, you'll need to setup QoS completely, with application pools (services, by DSCP tag, etc.).  Note that you can't affect traffic traversing any VPN connections, but you can control the amount of bandwidth the tunnel uses itself on the external interfaces...

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    For now, I'm creating a Traffic Selector for ANY-ANY-ANY, and a pool with guaranteed bandwidth 9999 and limited to 9999.

    When I try to enable this, a popup appears which says 
    "QoS Bandwidth settings do not make sense" and it doesn't appear to turn on (but actually it does turn on).

    I edited it to 9990 and 9998, but I still get the error message.
    I'm not sure why.

    Thanks,
    Barry
  • 0 in reply to BarryG
    That's interesting... since this looks like it's on a box w/ Platinum Maintenance, would you like to start a ticket on it?

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Cookie Information Banner