Traffic Shaping per Wireless Client?


is it possible to set an upload-/downloadlimit (Traffic Shaping) per wireless client?

We have a guest wlan environment with hotspot voucher with many powerusers, who steal each other the broadband for the internet.

We would like to have an equal distribution.

Our environment has an SG125 as internet gateway-->XG-Firewall-->A55/c Access Points

  • Hi  

    You can create a traffic shaping policy or select one of the pre-defined policies under System Services > Traffic Shaping. Make sure you leave the default setting of Individual. This allows you to set a bandwidth limit for each user.

    You can then apply this policy to a firewall rule. If you have an existing firewall rule for just your Wireless users, you would select the Traffic Shaping policy you created in that rule under Advanced Settings > User Applications > Traffic Shaping Policy and that traffic shaping policy will be applied to each wireless user.

    For further details, please follow our KB Article: Sophos Firewall: How to apply bandwidth restriction on a user



  • In reply to Karlos:

    Hi Karlos,

    this wont work. I can't see the new created TS-Policy in my FW-Rule. I see that our guest-WLAN is bridged to VLAN 114. The Sophos XG, has also an IF on the same VLAN and it is the gateway for this VLAN.

    So we talking about a TS for every IP-Adress on VLAN 114. The hotspot is set to the VLAN-IF 114. I see there is also able to set a TS-Policy at the hotspot. But I don't see the new created TS-Policy in the hotspot TS-policy-settings.

    Here is a screensho of my created TS-policy:

  • In reply to MichaelSchmand:


    The TS-policy you created is 'User' based, you would need to delete that and create a new policy that is 'Rule' based so that you can apply it to your hotspot firewall rule. User based TS policy works if you are using the Match Known Users checkbox on your firewall rule and specifying users or groups.