06-18-2020 09:49 AM
could someone advise me to set rate-limit for guest(10.1.10.0/24) traffic in this topology
I read the article that We need to apply policy on egress interface always. Hence, for upload, it's on outside interface connected to Internet and for download it is on inside interface (ae) connected to SW
(1) Internet Speed 500 Mbps
(2) Rate-limit for Guest traffic (10.1.10.0/24 GW is on Firewall ae.10 ) to any traffic both download and upload -100 Mbps
(3) All internal IP addresses both Guest and Enterprise Networks are translated to same Public IP
if I want to achieve it,
(1) Create QoS Profile " MyQos" with Egress max -100 Mbps and I don't add any classes as I know there is no Voice or video from Guest Network Range like below
(2) apply this to outside interface connected to internet and also to aggregate interface "ae.10 "
(3)Create QoS Policy - Here do I need two policies - one from Trust -->untrust zone
and for download , Untrust --> to Trust
also, what IP ranges I need to select in source selection, is it before NAT or post NAT
Thanks in advance
07-31-2020 09:39 AM
Hi ,
QOS policy is evalauted before the NAT, so always it should be for Pre-NAT ip.
Thanks,
Ram
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
