| Description | This article describes how to apply traffic shaping via Application Control configuration. |
| Scope | FortiOS. |
| Solution |
Traffic Shaping is a FortiOS feature that allows administrators to limit or guarantee bandwidth to desired traffic.
This goal can be achieved in various ways using FortiOS, the most common being:
The different methods of deployment can be used based on the customer's needs. Each can be more or less granular.
Traffic Shaping As Application Control Action: When there is a need to apply traffic shaping for a specific application, the administrator can take advantage of the shaping action, configurable via CLI. View the example below:
To deploy per-application traffic shaping, execute the following steps: Via GUI, go to Security Profiles > Application Control:
Select the desired Application Control Profile and select 'Edit':
In the Application and Filter Overrides, select Create New to select the action for a specific application:
Use the search field to look for the desired application (Windows Update in this example). Set the action as Monitor, mark the checkbox beside the correct search result, and select 'OK'. Take note of the Application ID (16009 in the example):
With the desired application listed in the Application and Filter Overrides section, select the Edit in CLI button to access the CLI-only settings. Observe the entry under config entries that matches the Application ID:
To add a traffic shaping action, for all traffic matching this application signature, where this Application Control Profile is applied, insert the following lines to the configuration:
config application list
After applying the configuration, the administrator will notice a change in the action defined on the Application and Filter Overrides section of the Application Control Profile in the GUI: It now reflects the traffic shaping action defined via CLI.
.. Verify traffic shapers applied to traffic matching the configured application via traffic logs:
|
