Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 40 subscribers
  • Views 11746 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Limiting bandwidth on a VLAN does not work

Speatech

Hi,

I have created a Guest VLAN (Port1.2) with a DHCP (10.0.0.0/24) to isolate the visitors connected on Unify APs. Unify APs Guest SSID is pointing to this Guest VLAN. ipconfig from a guest computer gives me : 10.0.0.2. So everything works fine and I get internet access.

Now I want to limit the bandwidth for all users on this Guest VLAN. So I set up a traffic shaping policy (100Mbps is for test purpose :) ) :

Then I put new rule on the top of firewall rules:

  • WAN-ANY >> LAN-Port1.2
  • Traffic shaping policy : Limited Share Bandwidth

But download bandwidth is not limited on my guest computer and all traffic goes though default firewall rules (bottom one).

What am I doing wrong?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    the XG operates with KB not kb, so you need to divide you required value by 8 when filling in the field.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Tks, did not pay attention.

    Even though, i can download at more than 16Mbps(2000KB/s)

    And that does not explain why all the traffic goes through the default firewall rules (Port1) and not the first.

  • 0 in reply to Speatech

    Hi,

    please post your firewall rules and in which order they are?

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Here are an overview of the firewall rules. I am using a Guest VLAN (Port1.2) but the traffic goes though rule ID 2.

    I tested the traffic shaping policy on rule ID 2 and it works. So no issue with the policy settings.

    Guest rule advanced section:

     

    Tks!

  • 0 in reply to Speatech

    I found the issue ( or should I call it a bug? )...

    In my firewall rule, I was using as a source : LAN, Port1.2

    I've replaced the Port1.2 by it associated network (10.0.0.0/24) and it works.

     

    So why is Port1.2(VLAN)  being seen as Port1(LAN)? Physically they are the same, but they are two distinct networks.

  • 0 in reply to Speatech

    Because it is a limitation of the current XG. You could even give it a network name and that would work.

    I haven't seen any release plans for a fix or improvement. There are a number of similar issues with networking and being able to select objects.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    They should at least remove the VLAN port selection for now until they fix this. I am surely not the only one using VLANs and policies.

    Tks for the info. I'll keep that in mind. 

  • 0 in reply to Speatech

    No, we all tried it and failed. I haven't tried again since early in v17.0.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data
Unfiltered HTML