Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 1701 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to throttle Netflix and YouTube on certain devices?

Tiwaz

I'm trying to set up my home network and after watching the network usage for the last few weeks it looks like youtube and Netflix seem to be the issue.  I have Download Throttling Rules set up for Youtube and Netflix with a limit on each (512kbit/s for each source) but I don't think it's working properly.  I'm also seeing a lot of traffic to Netflix that doesn't seem to be grouped into the Netflix server list.

I searched the forums to find something and I wasn't able to locate anything that seemed helpful.  I'd like to either set up a monthly pool for each device on the network, or alternatively throttle certain devices to Standard Definition or 720p.  Currently it's listing a lot (51.6%) of traffic as "unclassified", YouTube is at 23.94% and Netflix is at 15.91%.

I'm unsure if I'm setting things up incorrectly or if the UTM 9 simply can't do what I need it to do.

 

Please help,

 

Tiwaz



This thread was automatically locked due to age.
Parents
  • 0

    Is web filtering enabled for the internal devices that are using those services?  Transparent or Standard mode?   With or without decrypt-and-scan?

    Is web filtering configured to skip filtering on streaming services?

  • 0 in reply to DouglasFoster

    I did have it turned on and transparent without decrypt-and scan I believe it was set to URL filtering only.

     

    I had web filtering on but it actually broke the configuration I had set up, it allowed any device to do anything it wanted bypassing the primary firewall rules:

    The way I have the firewall set up currently the default Network Protection rule Internal > any > any is disabled which should block any unknown devices from accessing the network. I have it set up currently so that each mac is bound to a static IP, each static/mac is then tied to a network definition "kid 1 roku" for example, those devices are tied to time period definitions.

    If there is a better way to block all unknown devices from accessing the network (the kids have the password to the wifi and acquired rogue devices that were accessing content that wasn't age appropriate) I'm all ears.

     

    Edit example rule in case this helps:

    firewall rule object REF_PacPacAnyFromInter3

    • status switch (status) = 1
    • group (group) = empty value
    • sources list (sources)
      1. interface network object "Internal (Network)"
    • services list (services)
      1. any service object "Any"
    • destinations list (destinations)
      1. any address object "Any"
    • action (action) = accept
    • comment (comment) = empty value
    • time (time) = recurring time period object "Living Room"
    • log switch (log) = 1
    • source MAC filter (source_mac_addresses) = MAC address list object "REF_MacMacLivinRoomRoku"
Reply
  • 0 in reply to DouglasFoster

    I did have it turned on and transparent without decrypt-and scan I believe it was set to URL filtering only.

     

    I had web filtering on but it actually broke the configuration I had set up, it allowed any device to do anything it wanted bypassing the primary firewall rules:

    The way I have the firewall set up currently the default Network Protection rule Internal > any > any is disabled which should block any unknown devices from accessing the network. I have it set up currently so that each mac is bound to a static IP, each static/mac is then tied to a network definition "kid 1 roku" for example, those devices are tied to time period definitions.

    If there is a better way to block all unknown devices from accessing the network (the kids have the password to the wifi and acquired rogue devices that were accessing content that wasn't age appropriate) I'm all ears.

     

    Edit example rule in case this helps:

    firewall rule object REF_PacPacAnyFromInter3

    • status switch (status) = 1
    • group (group) = empty value
    • sources list (sources)
      1. interface network object "Internal (Network)"
    • services list (services)
      1. any service object "Any"
    • destinations list (destinations)
      1. any address object "Any"
    • action (action) = accept
    • comment (comment) = empty value
    • time (time) = recurring time period object "Living Room"
    • log switch (log) = 1
    • source MAC filter (source_mac_addresses) = MAC address list object "REF_MacMacLivinRoomRoku"
Children
No Data
Unfiltered HTML