ASA 5505 Priority Queue by VLAN?

[mjhorn]

Ok, so here's the scenario. We've got a simple wireless setup at the office. The DSL connection comes into the outside interface configured on the ASA. The inside interface connects to a Cisco Aironet 1250 access point, with 3 different VLANs configured, based on who is using which wireless network. What I'd like to do without needing to add any more equipment is to assign traffic from one of those VLANs to a priority queue on the outbound interface.

My initial thought was to use an ACL to filter traffic from the desired VLAN and use it in a class/policy map combo to assign that traffic to the queue. However, it seems the ASA doesn't apply the map until after the traffic has been NAT'd, and therefore the "source address" appears to be the outside address no matter what. With no way I can find to use the incoming interface or something similar as a way to filter, I'm out of ideas.

[cisco-tips]

Hello,

You can use a class map with a policy map and ACL. I assume that the Vlan you need to apply priority is 192.168.1.0/24
-----------------------------------------------------------
ASA(config)#access-list Traffic-OUT extended permit ip 192.168.1.0 255.255.255.0 any

ASA(config)# class-map OUTGOING
ASA(config-cmap)# match dscp ef
ASA(config-cmap)# match access-list Traffic-OUT
ASA(config-cmap)# exit

ASA(config)# policy-map PriorityPolicy
ASA(config-pmap)# class OUTGOING
ASA(config-pmap-c)# priority
ASA(config-pmap-c)# exit

ASA(config)# service-policy PriorityPolicy interface inside
-------------------------------------------------------
Hope that helps