Hi,
We have recently installed a UTM SG330 v9.510-5 to replace an existing multi part system we were using.
We have one internal and one external interface. We operate a transparent web proxy and are trying to use QoS rules to shape the traffic from 4 internal ip ranges within our internal subnet. We use a network definition for each internal range, we then put those into 4 groups (along with a few other random IPs), we then use those groups to form 4 selectors and from there 4 bandwidth pools attached to our external interface (a low bandwidth Satellite connection 1mbps upload).
Using watch -n .2 'tc -s qdisc' from the shell access I can see activity within the QoS groups, but we do have a few other ports open outbound (default is drop) and I don't believe we're seeing the HTTP/HTTPS traffic from the machines in those ranges. Which leads me to wonder whether the traffic, by the time it reaches the QoS section, is now only seeing the Proxy IP rather than the source client ip. Our users have reported a slow down for them in the priority range and the personal range are suggesting an improvement which makes me also think the QoS'ing is not behaving as expected.
If my wondering is true, is there a way we can QoS the HTTP(S) traffic based on client ip?
If my wondering is false, what would be the best way to dig deeper and actually see outbound traffic and what QoS rules have been applied to it?
Appreciate any assistance or pointers. Not a Linux person and new to some of these concepts, so might have easily made wrong assumptions! Found the command above from https://community.sophos.com/kb/en-us/115402
Thanks in advance for any assistance you can offer.
Jon
This thread was automatically locked due to age.