I have a question regarding Palo Altos and bandwidth throttling. I know that the Palo Altos can do QoS to limit the bandwidth for specific applications, but can the Palo Altos just do bandwidth throttling with different networks? Say for instance, we have an office and guest network going to a Palo Alto firewall. Can you do a QoS with the Guest network so that its bandwidth doesn't go above a specific limit, say 20Mbps? Any help is appreciated.
QOS on the palo alto device is applied only on the egress interfaces, however you can apply Qos profiles for traffic ingressing from a specific source subnet.
So for example if you want to rate limit upload traffic from your guest/office network:
Here QOS is enabled on the Untrust (egress)interface, but you can configure multiple QOS profiles for traffic egressing Untrust, based on the source interface/subnet as well.
I'm guessing this may answer your original question partially unless you want to rate limit traffic ingressing Untrust interface like downloads, hope it helps.
Thanks for all the input everyone!
Does anyone know of documentation besides the one posted above that can better explain QoS profiles? I keep trying to test QoS in the labs and whenever I set up my profile and QoS settings, it gives me an error that states "the regular traffic guaranteed bandwidth is less than the sum of the total guaranteed bandwidth of its children." I tried modifying my bandwidth settings, but I'm not sure what to change. I know that the max/guaranteed bandwidth for each class has to be less than or equal to the max/guaranteed of the profile, but is there any other rules that I should know about?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!