Hello,
We have FortiGate 6.4.9, my question about Traffic shapping policy i can configure the speed with ip address and work fine,
Now i configure the speed by username but don't work, for example:
User1 max speed 10MB
User2 max speed 20MB
don't apply to username when i use the username and ip in Traffic shapping policy.
Thank you
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't think that you can limit per user/name, don't remember reading something about this.
Hello,
But in the document here:
https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/885253/per-ip-traffic-shaper
say allocates each user/IP address, or they mean by ip only ?
I think that they mean the fact that each user which has a unique IP in the network, that's why it's referenced as user/IP.
Since in the example in the firewall rules or traffic shaping, there isnt referenced a user or group I would think that is the case.
But in fortigate traffic shipper police i can select username or group the option there buf as i say if i select username and ip thw police not working
The Fortigate needs to have a means of knowing who the users are. You need something like FSSO so the FortiGate can know which user is which on the network.
Hello,
The fortigate should know the user becouse we use proxy to give user access to the Internet or do i need FSSO, if we need FSSO can we replace it with Aruba clearpass??
Thanks
can you please show your traffic shaping policy?
Also how are your users authenticating to the proxy?
Do you see them listed in 'diag firewall auth list'?
Hello, gfleming,
I connect the LDAP with a proxy so the user connects to the internet, yes like you say my problem with authenticating is I can't use it with a proxy i find it here but old post:
https://www.fortinetguru.com/2017/02/the-fortigate-explicit-web-proxy/2/
i don't know if they add in the new version
Do you see them listed in 'diag firewall auth list'?
yes I can see the users in FortiGate proxy vdom.
----------------------------------
if i use another vdom to make the user access the internet by configure both Firewall Policy and Traffic Shaping Policy with IP and user without use proxy in PC it work!! by give me login page to enter username and password.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1643 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.