<span class="Apple-style-span" style="border-collapse: collapse; ">Despite the VPN overhead, running VOIP through VPN is good idea because VPN reorders encapsulated UDP packets in correct order. Security matters as well.<br>
<br><div>I'd suggest to route VNC packets rather over internet than VPN (so do I), as VPN usually has the highest priority.</div></span><br><div class="gmail_quote">On Thu, May 7, 2009 at 11:33 PM, Roberto Piola <span dir="ltr"><<a href="mailto:roberto.piola@visiant.it">roberto.piola@visiant.it</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">I do not have examples, but if you are using the 1700 series router in order to originate the ipsec vpn, you may use command <div>
qos pre-classify (please search for it on <a href="http://cco.cisco.com" target="_blank">cco.cisco.com</a>)<div class="im"><br>
<br><div class="gmail_quote">On Thu, May 7, 2009 at 9:54 PM, Brent Davidson <span dir="ltr"><<a href="mailto:brent@texascountrytitle.com" target="_blank">brent@texascountrytitle.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I've got multiple satellite office all linked back to the main office<br>
via VPN. Each office has their own asterisk server which registers back<br>
to the main office's Asterisk server. Each office also has a 1Mb<br>
downstream / 384k - 768k upstream connection. The branches are using<br>
Speex for their connections back to the main office. The issue I'm<br>
having is that there are times that I need to VNC in to machines at the<br>
various offices for tech support while the user is also on the phone.<br>
Unfortunately the VNC connection apparently takes priority and makes it<br>
impossible for me to understand anything the person on the phone is<br>
saying, although they can still hear me fine.<br>
<br>
Our Main office uses a Cisco PIX 506 for the main firewall and VPN<br>
concentrator. Each branch office used a Cisco 1700 series router with<br>
IPSec enabled in the IOS. Is there any sort of QoS I can turn on on the<br>
main router or the branch routers to make sure the voice quality takes<br>
precedence over the VNC? (Any example configs would be greatly appreciated)<br>
<br>
Would I be better off routing the voice packets over the internet rather<br>
than the VPN, and could I safely do that without exposing the asterisk<br>
boxes to unnecessary security risks? (At present all of our asterisk<br>
boxes are behind the firewalls and only talk to each other over the<br>
VPN. All PSTN connection is done through TDM boards so they have no<br>
direct exposure to the internet.)<br>
<br></blockquote></div>
</div></div>
<br>_______________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br></blockquote></div><br><br clear="all"><br>-- <br>Mvh,<br>Aurimas Skirgaila<br>