Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
Sophos Firewall allows administrators to define Traffic Shaping Policies for the users of a VPN. These policies enforce bandwidth restriction on network traffic over VPN connections. The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Bandwidth is the amount of data passing through a physical media (like a cable) over a period of time, and is measured in terms of kilobytes per second (KBps) or kilobits per second (kbits) (1 Byte = 8 bits).
Traffic Shaping or Quality of Service (QoS) is a method to guarantee a bandwidth relationship between individual applications or protocols. It is a traffic management approach that allows you to allocate network resources for both critical and normal data, based on the type of network traffic and the priority you assign to that traffic.
The primary objective of a traffic shaping policy is to manage and distribute total bandwidth based on certain parameters, like users, firewall, web category or application. Traffic Shaping policies allocate and limit the maximum bandwidth usage of the user and controls web and network traffic.
Traffic Shaping Policies can be defined for:
Users – This restricts the bandwidth of a particular user.
Rules – This restricts the bandwidth for any entity to which the policy is applied.
Web Categories – This restricts the bandwidth for the URL categorized under the Web category. To implement restriction, a policy is to be assigned through Policy.
Applications – This restricts the bandwidth for the application. To implement restriction, a policy is to be assigned through Policy.
Go to System Services > Traffic Shaping and click Add to create a policy using the following parameters:
Click on Save.
Apply the traffic shaping policy to relevant VPN-related Policies; including VPN-LAN, VPN-WAN, VPN-DMZ or VPN-Custom Zone rules. As an example, we have applied the Traffic_Shaping_on_VPN policy created earlier to a VPN-LAN rule.
You can apply the policy from Firewall so that it is applied to all traffic that matches the rule. To create a rule, go to Policies and click +Add Firewall Rule.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.