Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Getting lost with Traffic Shaping / QoS

Hi all,

We have a very busy site, with a 1Gb leased line connected to an XGS2100.

I'm reading the Sophos literature on traffic shaping and wanted to check really how to get a simple approach fixed.

Note, half our users are mac based, so we don't have users authenticating to the XG.  So in my head, user based rules will fail straight off?

So ideally I'd like to set a minimum bandwidth per user of say 5Mbps, so that at any given point, if users are going really heavy, everyone else still has "at least" 5Mb bandwidth for Teams calls etc, and light browsing / emails

If possible, it would also be good to be able to set a "maximum download bandwidth of 400Mbps per user" in addition to the minimum 5Mbps.

Is this easily possible?

I've had a look at traffic shaping settings and i'm assuming on a 1024Mbps line, with overheads, I set the Total bandwidth to 115000 KBps

Then enable VOIP and Enforce guaranteed bandwidth.

Guarantee I've set to 1250 KBps, which I assume is an all round minimum setting, as in never allow the speed to drop less than 10Mbps

But Limit, I guess I set to 1150000 KBps (920 Mbps) ?

And is that page more for all round, and not user / IP / App specific?

And then os QoS policies, do I add a Rule / Guarantee / Individual rule, for minimum 625 KBps (5Mbps) and add to our generic LAN to WAN rule?

But then how do I set a max 400Mb individual policy?

Thanks in advance



This thread was automatically locked due to age.
Parents Reply Children
  • Thanks.  I have read that, and still have the questions as it's not that clear to me.

    The article shows how I can apply a "limit" QoS policy to a Lan to Wan rule, but does not indicate how I can give users both a guaranteed bandwidth in addition to limiting them.

    The policy only allows one level of limit, and I can only apply one policy to a firewall rule.

    And I assume I cannot have 2 x LAN to WAN rules, one for each QoS policy?