QoS_Rate-Limit_Guest Network_NAT query_Configuration example


ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

L1 Bithead

QoS_Rate-Limit_Guest Network_NAT query_Configuration example

could someone advise me to set rate-limit for guest( traffic in this topology





I read the article that We need to apply policy on egress interface always. Hence, for upload, it's on outside interface connected to Internet and for download it is on inside interface (ae) connected to SW

(1) Internet Speed 500 Mbps

(2) Rate-limit for Guest traffic ( GW is on Firewall ae.10 ) to any traffic both download and upload -100 Mbps

(3) All internal IP addresses both Guest and Enterprise Networks are translated to same Public IP 


if I want to achieve it, 

(1) Create QoS Profile " MyQos" with Egress max -100 Mbps and I don't add any classes as I know there is no Voice or video from Guest Network Range like below 



(2) apply this to outside interface connected to internet and also to aggregate interface "ae.10 "




(3)Create QoS Policy - Here do I need two policies - one from Trust -->untrust zone 

and for download , Untrust --> to Trust


also, what IP ranges I need to select in source selection, is it before NAT or post NAT 


Thanks in advance

L2 Linker

Hi ,

QOS policy is evalauted before the NAT, so always it should be for  Pre-NAT ip.




Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!