I would like to understand bandwidth limitation steps on Internet download and upload Example - lets say i want to restrict steaming url category on download and upload 1. create QOS policy to map traffic going to inside to Internet youtube as Class 8 with DSCP marking 2. Create QOS Profile with class 8 to egress max/guaranteed 3. Apply QOS Interface on Egress INSIDE Interface for cleartext and Tunneled to its address DOWNLOAD 4. Apply QOS Interface on Egress INTERNET Interface for cleartext and Tunneled to its address UPLOAD Questions: Do i need seperate QOS policy to match INGRESS from Internet and EGRESS to Internet separately to apply different mappings ? or does Palo capable of doing the QOS based on session with single QOS policy for traffic going to Internet ?
... View more
hi..I'm working on a virtual-wire solution where the firewall is connecting to single switch fabric, so the ingress and egress is between same firewall and switch. Is it possible to create a virtual wire pair with different sub-interface tags ? eg: If ingress to firewall from switch is on vlan 10 and egress from firewall to switch is on vlan 20, would the firewall remap the packets from 10 and 20 and vice-versa is this acceptable configuration with virtual wire ? or should the pair of sub-interface have SAME TAGS ?
... View more