Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cargotank
New Contributor II

Created on ‎07-21-2023 12:08 AM

FortiGate 50e Traffic shaping

Greetings,

I work in a small company with around 15 colleagues. We currently have a FortiGate 50e firewall, but there is no traffic shaping configured. it currently leads to problems if someone is downloading large files and interrupts high-priority traffic. I have read-only access to the firewall, as the network is operated by an external IT company.
I would like to ask for some advice on how to set up traffic shaping on the FortiGate 50e.

I am thinking of dividing the bandwidth equally between users, and then limiting the download and upload speeds from certain websites such as WeTransfer, Mega, and Dropbox. However, I am open to other suggestions. Are there best practice examples on how to set up traffic shaping?

Is there a calculator that I can use to find out how much bandwidth I need? Also, do you have any common mistakes that the external IT company might have made when setting up our FortiGate?

I am tired of being dismissed by IT support when I report problems with my network, cause they know that I do not have a deep understanding of their work. I am determined to learn more about networks so that I can better understand my problems and confront IT support when they are wrong. What would you think be the first step to achieve this goal?

Cheers

Labels:
932
0 Kudos
4 REPLIES 4
kgeorge
Staff
Staff

Created on ‎07-21-2023 02:40 AM

Hello,

 

In order to limit/control the bandwidth or allocate a specific bandwidth for any kind of traffic on FortiGate, it is Traffic Shaping that is required and there is no other way out on this.

 

In order to configure Traffic Shaping, we need to have Read/Write access to FortiGate, and I am sure that you are aware of this.

 

In order to know more about Traffic Shaping, you can refer this documentation,

https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/297431/traffic-shaping

 

And, regarding the Best Practices/Set up related of FortiGate, you can check this,

 

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/436606/security-best-pra...

 

Regards,

Klint George

Regards,
Klint George
910
cargotank
New Contributor II
In response to kgeorge

Created on ‎07-21-2023 04:56 AM

thank you for the best practices link!

883
0 Kudos
ebilcari
Staff
Staff

Created on ‎07-21-2023 02:42 AM

In my opinion the better approach is to limit the speed for abusing apps/sites like file shares and video streaming for everyone (a quarter or half of the full Bandwidth ex. 50Mbps). Setting up a fixed speed for every user will cause discomfort on their daily tasks. Most of the user traffic is in spikes that require high bandwidth for a short period of time even for legitimate web access.

shaping.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
908
cargotank
New Contributor II
In response to ebilcari

Created on ‎07-21-2023 04:45 AM

Thank you!

887
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.