QoS RDP on a 1720

Discussion in 'Cisco' started by kaydenfox@gmail.com, May 26, 2009.

  1. Guest

    Hi, I'm trying to implement QoS for RDP on my router. I have a couple
    of remote RDPers and a T1 connection. Any time someone internal
    downloads a file, the RDP sessions slow to a crawl.

    Can someone help me come up with a way to implement QoS for RDP on my
    router?

    This is my config:

    Current configuration : 6162 bytes
    !
    version 12.2
    service timestamps debug datetime localtime
    service timestamps log datetime localtime
    service password-encryption
    no service dhcp
    !
    hostname router
    !
    logging buffered 4096 debugging
    logging rate-limit 10000
    enable secret 5 **********
    !
    memory-size iomem 25
    clock timezone central -6
    ip subnet-zero
    no ip source-route
    ip name-server ***.***.***.***
    ip name-server ***.***.***.***
    !
    ip inspect name fw tcp
    ip inspect name fw udp
    ip inspect name fw ftp
    ip audit notify log
    ip audit po max-events 100
    !
    !
    !
    interface FastEthernet0
    ip address 192.168.10.5 255.255.255.0
    no ip proxy-arp
    ip nat inside
    ip inspect fw in
    speed auto
    no cdp enable
    !
    interface Serial0
    no ip address
    encapsulation frame-relay IETF
    frame-relay lmi-type ansi
    !
    interface Serial0.1 point-to-point
    ip address ***.***.***.*** 255.255.252.0
    ip access-group 101 in
    no ip proxy-arp
    ip nat outside
    no cdp enable
    frame-relay interface-dlci 16
    !
    ip nat inside source list 1 interface Serial0.1 overload
    ip nat inside source static 192.168.10.250 ***.***.***.***
    ip nat inside source static 192.168.10.249 ***.***.***.***
    ip nat inside source static 192.168.10.62 ***.***.***.***
    ip nat inside source static 192.168.10.55 ***.***.***.***
    ip nat inside source static 192.168.10.13 ***.***.***.***
    ip nat inside source static 192.168.10.56 ***.***.***.***
    ip nat inside source static 192.168.10.57 ***.***.***.***
    ip nat inside source static 192.168.10.58 ***.***.***.***
    ip nat inside source static 192.168.10.59 ***.***.***.***
    ip nat inside source static 192.168.10.60 ***.***.***.***
    ip nat inside source static 192.168.10.61 ***.***.***.***
    ip nat inside source static 192.168.10.8 ***.***.***.***
    ip nat inside source static 192.168.10.6 ***.***.***.***
    ip nat inside source static 192.168.10.9 ***.***.***.***
    ip classless
    ip route 0.0.0.0 0.0.0.0 216.81.252.1
    no ip http server
    !
    logging 192.168.10.250
    access-list 1 permit 192.168.10.0 0.0.0.255
    access-list 5 permit ***.***.***.*** 0.0.0.255
    access-list 100 permit udp any any eq isakmp
    access-list 101 remark ---- BEGIN MAIL SERVER --------
    access-list 101 permit tcp any host ***.***.***.*** eq smtp
    access-list 101 permit tcp any host ***.***.***.*** eq www
    access-list 101 permit tcp any host ***.***.***.*** eq 443
    access-list 101 remark ---- END MAIL SERVER ----------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- BEGIN HOSTING ------------
    access-list 101 permit tcp any host ***.***.***.*** eq www
    access-list 101 permit tcp any host ***.***.***.*** eq 443
    access-list 101 permit tcp any host ***.***.***.*** eq ftp
    access-list 101 permit tcp any host ***.***.***.*** eq ftp-data
    access-list 101 permit tcp any host ***.***.***.*** eq ftp-data
    established
    access-list 101 remark ---- END HOSTING --------------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- BEGIN Bomgar -------------
    access-list 101 permit tcp any host ***.***.***.*** eq www
    access-list 101 permit tcp any host ***.***.***.*** eq 443
    access-list 101 permit tcp any host ***.***.***.*** eq 8820
    access-list 101 remark ---- END BOMGAR ------------------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- BEGIN TERMINAL SERVER ------------
    access-list 101 permit tcp any host ***.***.***.*** eq 3389
    access-list 101 remark ---- END TERMINAL SERVER -------------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- BEGIN REMOTE SUPPORT --------
    access-list 101 permit tcp any any eq 5631
    access-list 101 permit udp any any eq 5632
    access-list 101 permit tcp any any eq 3389
    access-list 101 permit tcp any any eq 1503
    access-list 101 permit tcp any any eq 1720
    access-list 101 permit tcp any any eq 1731
    access-list 101 remark tcp any any range 6881 6889
    access-list 101 remark ---- END REMOTE SUPPORT -------------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- Cisco VPN BEGIN ----------
    access-list 101 permit gre ***.***.***.*** 0.0.0.255 any log
    access-list 101 remark gre any any
    access-list 101 remark esp any any
    access-list 101 remark ahp any any
    access-list 101 remark udp any any eq 1701
    access-list 101 remark udp any any eq 4500
    access-list 101 remark udp any any eq isakmp
    access-list 101 remark tcp any any eq 10000
    access-list 101 remark udp any any eq 10000
    access-list 101 remark ---- Cisco VPN END-------------
    access-list 101 remark -----------------------------------
    access-list 101 remark ---- PING BEGIN----------------
    access-list 101 remark icmp any any packet-too-big
    access-list 101 remark icmp any any administratively-prohi
    access-list 101 remark icmp any any time-exceeded
    access-list 101 remark icmp any any traceroute
    access-list 101 permit icmp any any unreachable
    access-list 101 permit icmp any any
    access-list 101 remark ---- Ping END -----------------
    access-list 101 remark -------------------------------------
    access-list 101 remark ---- Anti-spoofing BEGIN ------
    access-list 101 deny ip 127.0.0.0 0.255.255.255 any log
    access-list 101 deny ip 10.0.0.0 0.255.255.255 any log
    access-list 101 deny ip 169.254.0.0 0.0.255.255 any log
    access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
    access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
    access-list 101 deny ip 224.0.0.0 15.255.255.255 any log
    access-list 101 deny ip host 0.0.0.0 any log
    access-list 101 remark ---- Anti-spoofing END --------
    access-list 101 remark -----------------------------------
    access-list 101 deny icmp any any echo log
    access-list 101 deny icmp any any redirect log
    access-list 101 deny udp any range 1 65535 any range 1 65535 log
    access-list 101 deny tcp any range 1 65535 any range 1 65535 log
    access-list 101 deny ip any any log
    access-list 101 remark -----------------------------------
    no cdp run
    !
    line con 0
    password -----------
    login
    line aux 0
    password -------------
    login
    line vty 0 4
    password ------
    login
    !
    no scheduler allocate
    sntp server ---------------
    end
     
    , May 26, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Paul King

    RDP over Wireless SP2

    Paul King, Jun 13, 2005, in forum: Wireless Networking
    Replies:
    4
    Views:
    2,458
    Sooner Al [MVP]
    Jun 13, 2005
  2. Andrew Albert

    QOS for VOIP using 768k of FR / Auto QOS

    Andrew Albert, Feb 6, 2005, in forum: Cisco
    Replies:
    7
    Views:
    1,567
  3. fassler
    Replies:
    15
    Views:
    6,358
    srinath_7
    Nov 21, 2006
  4. dominix
    Replies:
    2
    Views:
    503
    dominix
    Feb 6, 2007
  5. Replies:
    0
    Views:
    1,250
Loading...

Share This Page