QoS_Rate-Limit_Guest Network_NAT query_Configuration example

Showing results for 
Show  only  | Search instead for 
Did you mean: 

QoS_Rate-Limit_Guest Network_NAT query_Configuration example

L1 Bithead

could someone advise me to set rate-limit for guest( traffic in this topology





I read the article that We need to apply policy on egress interface always. Hence, for upload, it's on outside interface connected to Internet and for download it is on inside interface (ae) connected to SW

(1) Internet Speed 500 Mbps

(2) Rate-limit for Guest traffic ( GW is on Firewall ae.10 ) to any traffic both download and upload -100 Mbps

(3) All internal IP addresses both Guest and Enterprise Networks are translated to same Public IP 


if I want to achieve it, 

(1) Create QoS Profile " MyQos" with Egress max -100 Mbps and I don't add any classes as I know there is no Voice or video from Guest Network Range like below 



(2) apply this to outside interface connected to internet and also to aggregate interface "ae.10 "




(3)Create QoS Policy - Here do I need two policies - one from Trust -->untrust zone 

and for download , Untrust --> to Trust


also, what IP ranges I need to select in source selection, is it before NAT or post NAT 


Thanks in advance


L3 Networker

Hi ,

QOS policy is evalauted before the NAT, so always it should be for  Pre-NAT ip.




Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!