Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 817 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN-Bandwith, limit VPN-Bandwith to max. 80% of bandwith

Uwe Bohnhoff

Hello,

we have a SG for one VPN-Tunnel and IP-Telephonie, no other function. We want to limit the VPN-Bandwith for example to 80% of possible bandwith.

Is it possible ? If yes, where are a description or whitepaper.

Thank you

Best regards,

Uwe



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Uwe,

    If the links supplied by Philipp don't give you a clear picture of what to do, please be more specific about whether you want to limit outbound traffic, inbound traffic or both.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hallo Bob,

    we want to limit Inbound and outbound, if it's possible. We have a DSL (50/10) Connection, so we want to limit the traffic for the VPN (site-by-site) to max. 80 % outgoing of 10 Mbit and Ingoing to max. 80% of 50 Mbit.

    we want to limit by %, because DSL are not garanteed.

    Cheers - Uwe

  • +1 in reply to Uwe Bohnhoff

    There's no option to do QoS by %, Uwe, just by Mbps.  Even then, limiting non-TCP traffic is not totally predictable.

    For outbound, make two Bandwidth Pools on the External interface.  In order:

    1. Guarantee 1 Kbps to External (Address) -> IPsec -> Any
    2. Guarantee 2 Mbps to Any -> Any -> Any

    For inbound traffic, only one Download Throttling rule is needed on the External interface.  Assuming that speed never drops below 45 Mbps:

    Limit to 36 Mbps for Any -> IPsec -> External (Address)

    Any luck with this approach?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • +1 in reply to Uwe Bohnhoff

    There's no option to do QoS by %, Uwe, just by Mbps.  Even then, limiting non-TCP traffic is not totally predictable.

    For outbound, make two Bandwidth Pools on the External interface.  In order:

    1. Guarantee 1 Kbps to External (Address) -> IPsec -> Any
    2. Guarantee 2 Mbps to Any -> Any -> Any

    For inbound traffic, only one Download Throttling rule is needed on the External interface.  Assuming that speed never drops below 45 Mbps:

    Limit to 36 Mbps for Any -> IPsec -> External (Address)

    Any luck with this approach?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML