Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 40 subscribers
  • Views 17636 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Seperate down/up default bandwidth - Feature Request

TronyTigno

Hello.  Under System, Traffic Shaping Settings.  Is there a way to specify default download/upload bandwidth separately for a WAN link?  The XG has only a single entry and it sets the limit both ways.  :(  WAN circuits sometimes have different download/upload limits.

When setting an individual traffic shaping policy, setting the bandwidth separately has this feature but multiple policies could compete for the main default bandwidth.

Thank you.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to sachingurung

    Thank you Sachin for explaning different traffic shaping policies and uses.

    In some cases, download and upload speed is different, it is not symmetric. How can we configure it on WAN interface?

    In my case I have 50Mb/10Mb. How can I setup 10Mb on upload side?

    See screenshot.

  • 0 in reply to sachingurung

    Thank you Sachin for the traffic shaping information.  The ask is really about specifying the bandwidth limits on the actual WAN links.  This is the missing piece to the formula for the firewall to control the traffic correctly in/out of the WAN interface.  The traffic shaping policies are part of the puzzle but they could overwhelm (or underwhelm) the WAN link if the firewall does not know actual interface limits, hence the ask.

    It does not seem the feature is currently available (that I've seen) in XG so I don't expect an immediate answer.  I do hope it's a strongly considered feature in future versions.

    Again, thank you.

  • 0 in reply to TronyTigno

    Hi Luk/ Trony,

    The concerned Traffic Shaping Settings page is used to configure default Traffic Shaping settings.

    This setting is not used to control the bandwidth (ingress & egress) for a WAN link; it is generally a sum of all WAN links' maximum limits. 

    The Administrator can enforce the handling of all internet-bound traffic by any Traffic Shaping Policy (ref. previous links) applied to it. If there is no Policy applied to the traffic, it will be handled by the Default Policy. Hence, The Default Policy will be applicable to the traffic which does not have any Traffic Shaping Policy applied.

    Yes, Upload Limit is not available which can be reported as a Feature Request, but I am not certain why someone will Limit any available bandwidth (ingress or egress) from a default settings option. It should be defined explicitly for granular hosts. 

    Feature Request link:

    http://feature.astaro.com/forums/330219-sophos-xg-firewall

    Thanks

    Sachin Gurung

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Sachin,

    thank you for your explanation. On UTM, on WAN interface, you set the Download and Upload bandwidth available, in this way UTM know how much bandwidth has in both direction and also when you create traffic shaping rules, it displays a message when you override the limit.

    How can the XG know how much Upload bandwidth does it have? Maybe we or you are missing some concepts![:S]

    I will open the feature request!

Unfiltered HTML