Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment.
The purpose of the Recommended Read is to instruct on how to configure QOS to limit user bandwidth.
Step1: Trafic-Shaping Policy
To limit the bandwidth to 10 Mbps, go to CONFIGURE > System services > Traffic Shaping Step2: Firewall rule Go to PROTECT > Rules and policies> Add.
Step3:Testing of Results
Go to web browser and test on any speed test site (ex. https://www.speedtest.net/)
Step1: Creating User Base
Here we’re using clientless users. Go to CONFIGURE > Authentication > Clientless usersStep2: Traffic Shaping Policy
Under Traffic> Policy association, Click Users Radio button.Step3: Enabling User's Policy
Under the Firewall rules > Other security features. Select the policy created.
Step4: Results
Example for Individual concept: #4 users 1 firewall rule 1QOS 1mbps individual each wil get 256 #Same for 2 firewall rules 2 users each rule 1QOS 1mbps individual Each will get 512 #Now 4 rules for 4 users 1 user each firewall rule. each will get 1MBPS Example for Shared concept: #4 users 1 firewall rule 1QOS 1mbps Shared #Same for 2 firewall rules 2 users each rule total of 4 users 1QOS 1mbps shared Each will get 256 #Now 4 rules for 4 users 1 user each firewall rule. each will get 256 Individual - multiplying factor. Shared - Within that QOS range.Note - To illustrate the conceptual difference between the two options, we used 1 Mbps as an example.To convert Mbps to KB/s, there is a link - https://www.gbmb.org/mbps-to-kbsI hope this article has helped you achieve your requirement and clarified your doubts!
Hello!
Is there any way to disable User-based QoS for a certain Firewall rule? User-based QoS policies are applied to all Firewall rule that have the user, including LAN to LAN traffic.
As an example: If you create a custom QoS policy for a certain user directly for LAN to WAN traffic, all other Firewall rules that have the same user as authentication will also fall to the same QoS policy.
Because of this, if you have a 10 Mbit/s QoS policy for WAN, even the internal LAN to LAN traffic that doesn't need any QoS will also be limited to 10 Mbit/s
Thanks!
If a post solves your question use the 'Verify Answer' button.
XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.
Hey Prism ,Thank you for such an interesting query, well I did check in my labs be it LAN to LAN OR LAN to VPN...etc.. If the User-based QoS is applied the user's bandwidth will be still me limited to 10 Mbit/s. So As of now this a limitation and we can not disable User-based QoS for a certain firewall rule. This can be raised as a FR or submit as a feedback from the product itself. A workaround would be to create a MAC/IP base rule that prioritizes bandwidth usage.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.