Traffic group assignment and DSCP values for outbound traffic

Desktop connections

These settings affect the data traffic relating to the desktop connection that is being edited. The setting options for desktop connections behave like those for NAT settings: They can be made both for the entire desktop connection and for individual rules within this connection. The settings in both those cases are made via the Traffic Shaping tab (either at the connection or rule level). In the rule list, the checkboxes in the second column (TS) can be used to see and adjust whether the settings on the connection level should be used or not.

On the Traffic Shaping tab you can configure the traffic shaping settings for the traffic on the selected connection:

Input box	Description
Traffic Group	Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping. Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.
Outgoing DSCP	From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

Input box

Description

Traffic Group

Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping.

Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.

Outgoing DSCP

From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

These settings for the connection can then be used in a firewall rule or overwritten there by service-specific settings.

The tab for the settings under Traffic Shaping has the following options:

Input box	Description
Traffic Shaping	Choose from the following options: Use Connection Settings – This setting applies the traffic shaping settings made on connection level. See Desktop connection settings. Use Service Specific Settings – This setting allows you to adjust the settings for traffic shaping for each service. The settings described below are displayed for this purpose.
Traffic Group	Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping. Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.
Outgoing DSCP	From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

IPsec connections and templates

Under VPN > IPsec > Connections or VPN > IPsec > Templates you can use the traffic shaping rules for IPsec connections or IPsec connection templates.

In the Traffic Shaping tab you modify the following fields:

Input box	Description
Traffic Group	Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping. Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.
Outgoing DSCP	From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

Input box

Description

Traffic Group

Optionally select the name of a traffic group. This applies the rules defined for this group to traffic on this connection. See also Traffic shaping.

Note: If it is a route-based IPsec tunnel, traffic within a tunnel can be prioritized using a custom shaping configuration.

Outgoing DSCP

From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

App routing profiles

This item contains the settings not on a separate tab, but directly at the top level of the editor for an app routing profile under UTM > Application Management > Routing Profiles.

Input box	Description
Traffic Group	Optionally select the name of a traffic group. This means that the rules defined for this group are applied to the traffic that the application filter has assigned to the rules that were selected in the routing profile. The data traffic must first also correspond to the desktop connection that uses the edited app routing profile. See also Traffic shaping.
Outgoing DSCP	From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.

Input box

Description

Traffic Group

Optionally select the name of a traffic group. This means that the rules defined for this group are applied to the traffic that the application filter has assigned to the rules that were selected in the routing profile. The data traffic must first also correspond to the desktop connection that uses the edited app routing profile. See also Traffic shaping.

Outgoing DSCP

From the list, select an optional DSCP value for outbound data traffic. The list contains the designations from the relevant RFCs (e.g. "CS0") and the group (e.g. "Default"). Also, the value is numerically represented in various bases (binary, hexadecimal, and decimal). The list can be searched according to these representations, so that you can quickly find the desired value regardless of your preferred representation.