Inaccurate Traffic shapers

Question

Traffic shaper in my FortiGate is not accurate and sometimes it doesn't work. I create several Per-IP traffic shapers profiles, then i apply in into policy. When i test internet speed in website speedtest.net. The speed is under what i limit. when i monitor it for one more day, all traffic shapers doesn't work and user can access the internet with full speed, while i haven't changed any configuration. Sometimes traffic shapers is under what is limit. sometimes all user can access the internet with full speed.

Here is my configuration.

config firewall shaper per-ip-shaper edit "3-MB" set max-bandwidth 3072 next

config firewall policy edit 16

set srcintf "port11" set dstintf "port9" "port10" set srcaddr "200.200.4.1-200.200.4.30_3MB" set dstaddr "all" set action accept set schedule "always" set service "ALL" set utm-status enable set av-profile "default" set webfilter-profile "Block_BadSite" set spamfilter-profile "default" set ips-sensor "default" set application-list "Block_Torrent" set profile-protocol-options "default" set ssl-ssh-profile "certificate-inspection" set per-ip-shaper "3-MB" set nat enable

ede_pfau · Accepted Answer

Hi, I wouild split this policy into 2, one for each destination port. Chances are that counting is simply wrong if you have a policy for multiple interfaces.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded