Howto request: BWM for IPSec/L2TP/VPNs

Options
mMontana
mMontana Posts: 1,344  Guru Member
Community MVP First Anniversary 10 Comments Friend Collector

This howto

https://mysupport.zyxel.com/hc/en-us/articles/360010431759--ZyWALL-USG-How-to-configure-BWM-QoS-on-Zyxel-firewalls

reports how to configure specifically VoIP/SIP rule for BWM. Mostly can be replicated with some other considerations for other services/applications/service group.

Fine.

What about create a proper, working and correct rule for VPNs connection? My goal is to reserve some traffic to the connections, slowing other traffic when needed.

Currently I can only reserve traffic in/out/ for in-tunnel application, but if the tunnel is "costrained" by other data flows… i cannot preserve tunnel bandwidth?

I mean.. delay downloads/uploads of file to internet might be lower priority than allow smooth experience on traffic via VPN…

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,113  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hello @mMontana

    Thank you for your further inquiry. May we know if you want to apply Bandwidth Management (BWM) for IPSec/L2TP/VPN-related traffic and prioritize those traffic when you need it?

  • mMontana
    mMontana Posts: 1,344  Guru Member
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    I'd love to reserve for a specific tunnel (6 are built, with different gateways) enough bandwidth to have stable dehaviour.

    If not possible the single tunnel, at least the gateway.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,113  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    OK, noted it. Please let us clarify it internally.

  • mMontana
    mMontana Posts: 1,344  Guru Member
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    If you have any question or… explaination, feel free to ask

  • mMontana
    mMontana Posts: 1,344  Guru Member
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    Up.
    Willing to share any status or possible ETA? :-)

    Thanks.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,113  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hello mMontana

    I sent a private message to you, please check it. Thanks.

  • mMontana
    mMontana Posts: 1,344  Guru Member
    Community MVP First Anniversary 10 Comments Friend Collector
    Options

    Up.

    via PM @Zyxel_Jeff provided me an untested way to create BWM policy rule for manage the IPSec VPN.

    However, I was not cleared to test any not tested/official solution; I was not glad about that, however… I'm waiting for a Zyxel tested/official howto for create this kind of BWM rule

Security Highlight