Lync traffic is not prioritized with correct DSCP values


How to prioritize Lync traffic when clients are connected on IAP


How to prioritize Lync traffic when clients are connected on IAP


Since  Lync clients uses Secure SIP for control traffic, IAP cannot sniff the traffic to understand the port number negotiated for data traffic(RTP traffic).


Currently IAP does not communicate with Lync SDN to fetch details about RTP ports which would be used for Data traffic between Lync Clients.


Hence recommendation is to limit the port ranges available for negotiation to carry RTP traffic.


Please find below Microsoft article on how to configure Lync server to limit the port range:


Once we limit the port range on Lync server, we can write ACL's on user role to prioritize the RTP ports with appropriate DSCP values.


Here is the sample ACL configuration prioritizing the RTP ports with DSCP value 46.

wlan access-rule Aruba

index 3

rule any any match tcp 5061 5061 permit classify-media disable-scanning  <<<< Note here tos 46 is not needed for Control Session

rule any any match udp 50000 50015 permit tos 46 <<<<<<<<<< Here we are using port number 50000 to 50015 and assigning TOS value of 46

rule any any match any any any permit

Version history
Revision #:
2 of 2
Last update:
‎03-28-2017 09:16 AM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: