To use QoS with a managed BOVPN tunnel, you must create a VPN firewall policy template and apply that template to the managed BOVPN tunnel. You cannot edit the default Any policy for managed BOVPN tunnels.
You can use QoS marking in a VPN firewall policy template to set different priorities for managed BOVPN tunnels that use different policy templates. The marking action you select is applied to all traffic that uses the policy template.
From WatchGuard System Manager:
- Connect to a Management Server.
- Select the Device Management tab.
- Expand Managed VPNs and expand VPN Firewall Policy Templates.
- Select a VPN firewall policy template in the tree to edit it, or Add VPN Firewall Policy Templates.
- In the Settings section, click Configure.
The VPN Firewall Policy Template dialog box appears. - Select the Advanced tab.
- Select the Override per-interface settings check box.
- From the Marking Type drop-down list, select either DSCP or IP Precedence.
- From the Marking Method drop-down list, select the marking method:
- Preserve — Do not change the current value of the bit. The Firebox prioritizes the traffic based on this value.
- Assign — Assign the bit a new value.
- Clear — Clear the bit value (set it to zero).
- If you selected Assign in the previous step, select a marking value.
If you selected the IP precedence marking type you can select values from 0 (normal priority) through 7 (highest priority).
If you selected the DSCP marking type, the values are 0–56. - In the Prioritize Traffic Based On drop-down list, select the traffic prioritization method:
- Custom Value — Use a custom value to prioritize the traffic.
- QoS Marking — Prioritize traffic based on QoS marking settings for this policy template.
- If you selected Custom Value, in the Value drop-down list, select a priority level.
For more information about traffic priority values, see the table in Enable QoS Marking and Prioritization in a Policy.
- Click OK.