On Fri, May 8, 2009 at 3:45 PM, Jeff LaCoursiere <[email protected]> wrote:
> > On Fri, 8 May 2009, Aurimas Skirgaila wrote: > > > Despite the VPN overhead, running VOIP through VPN is good idea because > VPN > > reorders encapsulated UDP packets in correct order. Security matters as > > well. > > Reorders? How so? I think it will maintain the order, only if they have > arrived in the "correct" order. UDP doesn't guarantee that over long way packets arrive in correct order, while TCP based VPN would sort them correctly ;) well, I'm not sure if all kinds of VPN are SSL/TCP based. The author mentioned remote offices so this might be useful for him. > > > > > > I'd suggest to route VNC packets rather over internet than VPN (so do I), > as > > VPN usually has the highest priority. > > > > Unless QoS is implemented packets are first come first served. There is > no "usually has the highest priority". Routing one over the Internet > versus over the VPN won't change that priority. > ok. probably I've misread somewhere about switches which QoS enabled is by default. By the way we do ask our ISP to prioritize VPN packets and they do. > > j > > > On Thu, May 7, 2009 at 11:33 PM, Roberto Piola <[email protected] > >wrote: > > > >> I do not have examples, but if you are using the 1700 series router in > >> order to originate the ipsec vpn, you may use command qos pre-classify > >> (please search for it on cco.cisco.com) > >> > >> On Thu, May 7, 2009 at 9:54 PM, Brent Davidson < > >> [email protected]> wrote: > >> > >>> I've got multiple satellite office all linked back to the main office > >>> via VPN. Each office has their own asterisk server which registers > back > >>> to the main office's Asterisk server. Each office also has a 1Mb > >>> downstream / 384k - 768k upstream connection. The branches are using > >>> Speex for their connections back to the main office. The issue I'm > >>> having is that there are times that I need to VNC in to machines at the > >>> various offices for tech support while the user is also on the phone. > >>> Unfortunately the VNC connection apparently takes priority and makes it > >>> impossible for me to understand anything the person on the phone is > >>> saying, although they can still hear me fine. > >>> > >>> Our Main office uses a Cisco PIX 506 for the main firewall and VPN > >>> concentrator. Each branch office used a Cisco 1700 series router with > >>> IPSec enabled in the IOS. Is there any sort of QoS I can turn on on > the > >>> main router or the branch routers to make sure the voice quality takes > >>> precedence over the VNC? (Any example configs would be greatly > >>> appreciated) > >>> > >>> Would I be better off routing the voice packets over the internet > rather > >>> than the VPN, and could I safely do that without exposing the asterisk > >>> boxes to unnecessary security risks? (At present all of our asterisk > >>> boxes are behind the firewalls and only talk to each other over the > >>> VPN. All PSTN connection is done through TDM boards so they have no > >>> direct exposure to the internet.) > >>> > >>> > >> _______________________________________________ > >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > >> > >> asterisk-users mailing list > >> To UNSUBSCRIBE or update options visit: > >> http://lists.digium.com/mailman/listinfo/asterisk-users > >> > > > > > > > > -- > > Mvh, > > Aurimas Skirgaila > > > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- Mvh, Aurimas Skirgaila
_______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
