QOS: cisco ipsec vpn server and voip



  • I might be involved in switching a business over to a asterisk based PBX and need a new router that is really good at QOS. They want to use sip/iax trunks for long distance calls. From what I have read pfsense seems to have the best QOS performance, of all the pre build linux/BSD firewalls.
    There are 3 static ips: 1 for their cisco vpn server, 1 for the exchange mail server and 1 for the router (1.do they need another one for the computer network?) All of these servers have to be managed with QOS/traffic shaping. The asterisk server would be on the general computer network and doesn't need its own public ip (It can be behind NAT with the workstations) I've never used pfsense or m0n0wall and only linux based routers in single dynamic IP situations. 1:1 NAT won't work on the vpn server. (2. Is this correct?)
    3. Is it possible to have the vpn server and mail server not use NAT and have pfsense do QOS/traffic shaping for all the IPs? 4. Is pfsense stable enough to run in multiuser environment like this?



  • The answer to my own question is no. I need a transparent traffic shaper to do these things. Pfsense doesn't seem to support this at the moment. However I was able to setup m0n0wall as a transparent traffic shaper.


Log in to reply