QoS to Client VPNs

New here

QoS to Client VPNs

Do the QoS rules also apply to traffic destined to a Client VPN (Windows laptops etc)


So say i, "suddenly" have 200 client VPNs connecting in, can I create QoS rules / whatever to differentiate traffic from different internal hosts going outbound and if so, what limitation / caveats/gotchas am i likely encounter?



Kind of a big deal

Which do you want first, the bad news or the bad news?


You can't prioritize traffic over the general internet and certainly not from home offices with residential internet.


The whole internet is being stressed right now and I would try to find other solutions besides VPN wherever possible.  For example, file sharing through Dropbox or similar and screen share with VNC, etc.


Client VPN is just going to work a little worse than any other type of connection because of the encryption overhead and resources it takes on the firewall and client machine.



Kind of a big deal
Kind of a big deal

As @BrandonS says, if you have 'fat client' devices like Windows or Mac PCs using local applications and clients connecting to central servers and applications, it's going to be quite bad with people working from home.


Solutions are:


  • Cloud services, OneDrive syncing local files to central server for example, however this only moves the problem as has been seen today
  • Set up the VPN and use a system such as riverbed that has a compression agent on the client PC and a server in the Datacenter
  • VPN with Citrix XenApp in Datacenter, works over mobile connections and basic broadband
  • VPN with VDI in Datacenter, more performant than Citrix XenApp but bigger overhead.

We've gone with options 1 and 3 initially.



Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.