PDA

View Full Version : QOS on VPN problems



paulbenignos
2012-04-24, 22:17
Hi,

I just want to ask a help regarding the proper QOS implementation with VPN site to site. Here is my setup.

Lan --- Checkpoint (SPLAT) -- WAN -- Edge -- Lan2

I just noticed some things when i tried doing the QOS based on the documentation

a. Enabled the QOS on the WAN interface on Checkpoint (SPLAT) and Edge - QOS rule (with limit) does not work on outbound - it goes to "All others" thus neglecting the QOS policy - the test traffic goes beyond the set limit
b. Enabled QOS on the Internal interface on Checkpoint - QOS is now working (setting limits) - we can see on Smartview Monitor that the traffic is being shaped to desired bandwidth.

The problem on this setup is that QOS with no limit (normal weight) does not work because it is seeing the Internal interface of the firewall has a bandwidth of 100Mbps - setting the bandwidth of the internal interface to 128Kb would work
but this would not be applicable since there are many Edge branches. I also tried setting the QOS on the UTM-1 Edge (Centrally managed) but still the traffic seen on the smartview monitor is not shaped.

Anyone has similar problems?

Thank you!