Traffic Shaping Query

Forum|Forum|7 years ago
June 20, 2018
1 reply
4854 views

I am looking at implementing a Traffic Shaping policy so a particular IP range has an a guaranteed 100Mbps bandwidth on our 300Mbps leased line.

I have created the policy now I need to enable it. Do I create a new firewall policy ensuring it is above the current rules?

Will the policy be:

Source = IP Range

Destination = All

Service = Web Browsing

Traffic Shaping = ON Shared Shaper

Once enabled will other IP ranges be limited to 200Mbps, or will they only drop to 200Mbps when the shaping is required (i.e If no IPs on the shaper policy are connected to the internet)

Toshi_Esumi

SuperUser

First, are you running 5.4 or above, or 5.2 or below? If the former, I recommend using shaping-policy instead of FW policy, which FTNT TAC recommended to us. Create a shaping-policy to match the same conditions and apply the shaper you created. If you want to limit the others at 200Mbps, you need to create another shaper&shaping-policy to catch all the others and set the limit. And this is the handbook for 5.4.0. https://docs.fortinet.com...traffic-shaping-54.pdf

snagratAuthor

New Member

We are running 5.2

So the FW policy seems to be the route to go?

Toshi_Esumi

SuperUser

Yes, if that's the case. Then you have to create a new FW policy to match only those first and place it at the top. Then you have to worry about all the other existing policies to see which ones would affect to "the others" to cap at 200Mbps and apply the second shaper to all of those.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded