Howto request: BWM for IPSec/L2TP/VPNs

mMontana
mMontana Posts: 1,351  Guru Member
Fifth Anniversary Community MVP 50 Answers 1000 Comments

This howto

https://mysupport.zyxel.com/hc/en-us/articles/360010431759--ZyWALL-USG-How-to-configure-BWM-QoS-on-Zyxel-firewalls

reports how to configure specifically VoIP/SIP rule for BWM. Mostly can be replicated with some other considerations for other services/applications/service group.

Fine.

What about create a proper, working and correct rule for VPNs connection? My goal is to reserve some traffic to the connections, slowing other traffic when needed.

Currently I can only reserve traffic in/out/ for in-tunnel application, but if the tunnel is "costrained" by other data flows… i cannot preserve tunnel bandwidth?

I mean.. delay downloads/uploads of file to internet might be lower priority than allow smooth experience on traffic via VPN…

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,163  Zyxel Employee
    Third Anniversary 100 Answers 500 Comments Friend Collector

    Hello @mMontana

    Thank you for your further inquiry. May we know if you want to apply Bandwidth Management (BWM) for IPSec/L2TP/VPN-related traffic and prioritize those traffic when you need it?


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • mMontana
    mMontana Posts: 1,351  Guru Member
    Fifth Anniversary Community MVP 50 Answers 1000 Comments

    I'd love to reserve for a specific tunnel (6 are built, with different gateways) enough bandwidth to have stable dehaviour.

    If not possible the single tunnel, at least the gateway.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,163  Zyxel Employee
    Third Anniversary 100 Answers 500 Comments Friend Collector

    OK, noted it. Please let us clarify it internally.


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • mMontana
    mMontana Posts: 1,351  Guru Member
    Fifth Anniversary Community MVP 50 Answers 1000 Comments

    If you have any question or… explaination, feel free to ask

  • mMontana
    mMontana Posts: 1,351  Guru Member
    Fifth Anniversary Community MVP 50 Answers 1000 Comments

    Up.
    Willing to share any status or possible ETA? :-)

    Thanks.

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,163  Zyxel Employee
    Third Anniversary 100 Answers 500 Comments Friend Collector

    Hello mMontana

    I sent a private message to you, please check it. Thanks.


    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • mMontana
    mMontana Posts: 1,351  Guru Member
    Fifth Anniversary Community MVP 50 Answers 1000 Comments

    Up.

    via PM @Zyxel_Jeff provided me an untested way to create BWM policy rule for manage the IPSec VPN.

    However, I was not cleared to test any not tested/official solution; I was not glad about that, however… I'm waiting for a Zyxel tested/official howto for create this kind of BWM rule

Security Highlight