I am trying to setup QoS rules on a cluster of two 3600 Appliances to prioritise Microsoft Teams traffic. It is setup on their Teams admin centre to use certain ranges of ports for real-time media traffic instead of any port in the range 1024-65535. I have already created a GPO to add the DSCP values to Teams audio, video and screen sharing traffic. I have used Wireshark to confirm these DSCP values are being added to the packets. I have created three separate services within SmartConsole as below and created rules on the QoS blade to target those services. However looking at the logs, all Teams traffic is hitting the first audio rule including video and screen sharing. Is this happening because Checkpoint only looks at the destination port, not the source port for QoS and that the destination port is the same for all three services?

Services created:

Version running is R81.20 JHT 120 on Checkpoint firewalls