1. Home
  2. Cisco Systems
  3. QoS RDP on a 1720

QoS RDP on a 1720

Hi, I'm trying to implement QoS for RDP on my router. I have a couple of remote RDPers and a T1 connection. Any time someone internal downloads a file, the RDP sessions slow to a crawl.

Can someone help me come up with a way to implement QoS for RDP on my router?

This is my config:

Current configuration : 6162 bytes ! version 12.2 service timestamps debug datetime localtime service timestamps log datetime localtime service password-encryption no service dhcp ! hostname router ! logging buffered 4096 debugging logging rate-limit 10000 enable secret 5 ********** ! memory-size iomem 25 clock timezone central -6 ip subnet-zero no ip source-route ip name-server ***.***.***.*** ip name-server ***.***.***.*** ! ip inspect name fw tcp ip inspect name fw udp ip inspect name fw ftp ip audit notify log ip audit po max-events 100 ! ! ! interface FastEthernet0 ip address 192.168.10.5 255.255.255.0 no ip proxy-arp ip nat inside ip inspect fw in speed auto no cdp enable ! interface Serial0 no ip address encapsulation frame-relay IETF frame-relay lmi-type ansi ! interface Serial0.1 point-to-point ip address ***.***.***.*** 255.255.252.0 ip access-group 101 in no ip proxy-arp ip nat outside no cdp enable frame-relay interface-dlci 16 ! ip nat inside source list 1 interface Serial0.1 overload ip nat inside source static 192.168.10.250 ***.***.***.*** ip nat inside source static 192.168.10.249 ***.***.***.*** ip nat inside source static 192.168.10.62 ***.***.***.*** ip nat inside source static 192.168.10.55 ***.***.***.*** ip nat inside source static 192.168.10.13 ***.***.***.*** ip nat inside source static 192.168.10.56 ***.***.***.*** ip nat inside source static 192.168.10.57 ***.***.***.*** ip nat inside source static 192.168.10.58 ***.***.***.*** ip nat inside source static 192.168.10.59 ***.***.***.*** ip nat inside source static 192.168.10.60 ***.***.***.*** ip nat inside source static 192.168.10.61 ***.***.***.*** ip nat inside source static 192.168.10.8 ***.***.***.*** ip nat inside source static 192.168.10.6 ***.***.***.*** ip nat inside source static 192.168.10.9 ***.***.***.*** ip classless ip route 0.0.0.0 0.0.0.0 216.81.252.1 no ip http server ! logging 192.168.10.250 access-list 1 permit 192.168.10.0 0.0.0.255 access-list 5 permit ***.***.***.*** 0.0.0.255 access-list 100 permit udp any any eq isakmp access-list 101 remark ---- BEGIN MAIL SERVER -------- access-list 101 permit tcp any host ***.***.***.*** eq smtp access-list 101 permit tcp any host ***.***.***.*** eq www access-list 101 permit tcp any host ***.***.***.*** eq 443 access-list 101 remark ---- END MAIL SERVER ---------- access-list 101 remark ----------------------------------- access-list 101 remark ---- BEGIN HOSTING ------------ access-list 101 permit tcp any host ***.***.***.*** eq www access-list 101 permit tcp any host ***.***.***.*** eq 443 access-list 101 permit tcp any host ***.***.***.*** eq ftp access-list 101 permit tcp any host ***.***.***.*** eq ftp-data access-list 101 permit tcp any host ***.***.***.*** eq ftp-data established access-list 101 remark ---- END HOSTING -------------- access-list 101 remark ----------------------------------- access-list 101 remark ---- BEGIN Bomgar ------------- access-list 101 permit tcp any host ***.***.***.*** eq www access-list 101 permit tcp any host ***.***.***.*** eq 443 access-list 101 permit tcp any host ***.***.***.*** eq 8820 access-list 101 remark ---- END BOMGAR ------------------ access-list 101 remark ----------------------------------- access-list 101 remark ---- BEGIN TERMINAL SERVER ------------ access-list 101 permit tcp any host ***.***.***.*** eq 3389 access-list 101 remark ---- END TERMINAL SERVER ------------- access-list 101 remark ----------------------------------- access-list 101 remark ---- BEGIN REMOTE SUPPORT -------- access-list 101 permit tcp any any eq 5631 access-list 101 permit udp any any eq 5632 access-list 101 permit tcp any any eq 3389 access-list 101 permit tcp any any eq 1503 access-list 101 permit tcp any any eq 1720 access-list 101 permit tcp any any eq 1731 access-list 101 remark tcp any any range 6881 6889 access-list 101 remark ---- END REMOTE SUPPORT ------------- access-list 101 remark ----------------------------------- access-list 101 remark ---- Cisco VPN BEGIN ---------- access-list 101 permit gre ***.***.***.*** 0.0.0.255 any log access-list 101 remark gre any any access-list 101 remark esp any any access-list 101 remark ahp any any access-list 101 remark udp any any eq 1701 access-list 101 remark udp any any eq 4500 access-list 101 remark udp any any eq isakmp access-list 101 remark tcp any any eq 10000 access-list 101 remark udp any any eq 10000 access-list 101 remark ---- Cisco VPN END------------- access-list 101 remark ----------------------------------- access-list 101 remark ---- PING BEGIN---------------- access-list 101 remark icmp any any packet-too-big access-list 101 remark icmp any any administratively-prohi access-list 101 remark icmp any any time-exceeded access-list 101 remark icmp any any traceroute access-list 101 permit icmp any any unreachable access-list 101 permit icmp any any access-list 101 remark ---- Ping END ----------------- access-list 101 remark ------------------------------------- access-list 101 remark ---- Anti-spoofing BEGIN ------ access-list 101 deny ip 127.0.0.0 0.255.255.255 any log access-list 101 deny ip 10.0.0.0 0.255.255.255 any log access-list 101 deny ip 169.254.0.0 0.0.255.255 any log access-list 101 deny ip 172.16.0.0 0.15.255.255 any log access-list 101 deny ip 192.168.0.0 0.0.255.255 any log access-list 101 deny ip 224.0.0.0 15.255.255.255 any log access-list 101 deny ip host 0.0.0.0 any log access-list 101 remark ---- Anti-spoofing END -------- access-list 101 remark ----------------------------------- access-list 101 deny icmp any any echo log access-list 101 deny icmp any any redirect log access-list 101 deny udp any range 1 65535 any range 1 65535 log access-list 101 deny tcp any range 1 65535 any range 1 65535 log access-list 101 deny ip any any log access-list 101 remark ----------------------------------- no cdp run ! line con 0 password ----------- login line aux 0 password ------------- login line vty 0 4 password ------ login ! no scheduler allocate sntp server --------------- end

Reply to
kaydenfox
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.