01-09-2018 05:39 PM
Can PANOS controll / rate limit internet downloads ?
On my squid boxes I can ratelimit and it does this by delaying acks.
Can the PA QOS do this work as well ?
01-10-2018 12:20 AM
Hi @Alex_Samad
yes, the Palo Alto Networks firewall can also perform Quality of Service, please check out this article: Getting Started: Quality of Service
01-10-2018 12:20 AM
Hi @Alex_Samad
yes, the Palo Alto Networks firewall can also perform Quality of Service, please check out this article: Getting Started: Quality of Service
04-16-2018 11:45 PM
Thought I would come back to this.
So it can only apply QOS to the egress interface.
so if you have a PA with eth1 -> internet and eth2 -> proxy server.
you apply QOS for internet download traffic to eth2
you can't apply QOS on eth1 for inbound.
Not exactly what I wanted but atleast now I know
04-17-2018 10:13 AM
The advantage of applying QoS on the egress interface is that at that time paloalto already knows a lot about the traffic that it is processing (specially the app) so it gives you the possibility for very granular bandwidth limitations per app/app group/app filter group...
04-17-2018 02:40 PM
The problem is QOS doesn't just work on sub interfaces it works on the whole interface.
I have a 80G LACP ae and QOS only works up to 40G from memory, so to turn on QOS I have seperarte out interface. I prefer a single trunk with sub int on it.
it would be nice if it slowed ACK's back to the web site for web site downloads.. like squid does
A
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!