Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 18578 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN Upload bandwidth not being throttled

SoulDragon

Hello,

I have remote access SSL and L2TP VPNs set up and have been trying to throttle users to 1m down/up.  I have been able to successfully get the throttle to work for downstream, but upstream is still unthrottled.  My throttling rules are fairly simple.

Here are the traffic selectors:

 

Here are the Throttling Rules:

 

Here are the results of the speed test when on VPN:

 

Does anyone have any suggestions?  I cannot find anything and have been beating my head on this all week.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Soul,

    Configure a throttling bound to interface "Internal", you can find this option to the right of the new download throttling button. I think this should help as the traffic will be uploaded and the navigation will be internal to external.

    Any help?

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Here are better pictures:

     

     

    Also, I don't know if Sachingurung's suggestion will work as this deployment is strictly for the VPN, and thus only has one interface that all traffic flows through:

     

  • 0 in reply to SoulDragon

    If your "In and Out" interface doesn't have a public IP on it, L2TP/IPsec Remote Access can't work.

    There's no such thing as an upload throttle" in WebAdmin.  Delete your #2 Download Throttling rule as it can have no effect.

    You will need to create a Bandwidth Pool with an upload limit on the same interface for each individual VPN IP you want to control.  With L2TP/IPsec, you can assign a fixed IP for each user.  With the SSL VPN, the individual IPs assigned are in the sequence 2, 6, 10, 14, 18, ...  The easiest is probably to spend a few weeks with no Bandwidth Pools and then check the logs to see which IPs had been used.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    It does indeed have a public IP or it would indeed not work.  The speedtest screenshot was from a user on the VPN.

     

    I suppose I will go about creating a bandwidth pool for each individual IP to limit the upload, but this implementation seems very unwieldly.

     

    Thanks for your help.

Reply
  • 0 in reply to BAlfson

    It does indeed have a public IP or it would indeed not work.  The speedtest screenshot was from a user on the VPN.

     

    I suppose I will go about creating a bandwidth pool for each individual IP to limit the upload, but this implementation seems very unwieldly.

     

    Thanks for your help.

Children
Unfiltered HTML