At various points, data traffic can be assigned to a traffic group and a DSCP value can be specified, which is then used to tag the corresponding packets before they are forwarded by the LANCOM R&S®Unified Firewall. Specifying these is always optional. Specifying a traffic group allows the related data traffic to be prioritized using a shaping configuration. The value in the field Outgoing DSCP allows other devices in the network to classify the related packets and to handle them in the configured manner.
Desktop connections
These settings affect the data traffic relating to the desktop connection that is being edited. The setting options for desktop connections behave like those for NAT settings: They can be made both for the entire desktop connection and for individual rules within this connection. The settings in both those cases are made via the Traffic Shaping tab (either at the connection or rule level). In the rule list, the checkboxes in the second column (TS) can be used to see and adjust whether the settings on the connection level should be used or not.
On the Traffic Shaping tab you can configure the traffic shaping settings for the traffic on the selected connection:
Input box | Description |
---|---|
Traffic Group |
Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping.
Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.
|
Outgoing DSCP | From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation. |
These settings for the connection can then be used in a firewall rule or overwritten there by service-specific settings.
The tab for the settings under Traffic Shaping has the following options:
Input box | Description |
---|---|
Traffic Shaping | Choose from the following options:
|
Traffic Group |
Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping.
Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.
|
Outgoing DSCP | From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation. |
IPsec connections and templates
Under
or you can use the traffic shaping rules for IPsec connections or IPsec connection templates.In the Traffic Shaping tab you modify the following fields:
Input box | Description |
---|---|
Traffic Group |
Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on
this connection. See also Traffic shaping.
Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom
shaping configuration.
|
Outgoing DSCP | From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation. |
App routing profiles
This item contains the settings not on a separate tab, but directly at the top level of the editor for an app routing profile under
.Input box | Description |
---|---|
Traffic Group | Optionally select the name of a traffic group. This means that the rules defined for this group are applied to the traffic that the application filter has assigned to the rules that were selected in the routing profile. The data traffic must first also correspond to the desktop connection that uses the edited app routing profile. See also Traffic shaping. |
Outgoing DSCP | From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation. |