cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1476
Views
29
Helpful
13
Replies

Restrict Bandwidth to Guest Internet Connection

jake.kappus
Level 1
Level 1

Hi Everyone,

I am working on network with 3 4404 WLC's on the internal network and now we will be adding another controller to the DMZ to make a anchor controller for a guest WLAN. I have a request to restrict internet bandwidth for this guest network to 25% of total bandwidth or less. The firewall is a Pix 515 running 7.0(2).

Anyone have any ideas on how I can restrict bandwidth on one particular WLAN. I was thinking of QOS on that WLAN, but there has to be an easier or better way.

Thanks everyone...

1 Accepted Solution

Accepted Solutions

It is working fine for us. I have used several tools to verify the bandwidth has been limited and it looks like it has.

View solution in original post

13 Replies 13

ericgarnel
Level 7
Level 7

The pix should support policy maps at 7.0(2) if not upgrade to 7.2.1

here is a sample where the policy is bound to the interface that wifi uses on the PIX:

class-map p2p

match any

policy-map WIFI-nonweb

class p2p

police output 756000 37500

!

service-policy global_policy global

service-policy WIFI-nonweb interface policy-dmz

Ah...policy maps! I forgot about those! I'll try this and let you know how it goes. Thanks!

Is this config going to restrict bandwidth per session or for all connections to this interface?

Thanks!

Jake

It will restrict the total bandwidth for that VLAN. I would think that QoS would be easier to configure on the controllers for that one vlan. If you click on "Controllers", on the left at the bottom you should see "QoS Profiles". Edit the "Bronze" profile under "Per-User Bandwidth Contracts" to the bandwidth you want your guests to have. Mine are set to 512K Average and 768k bursts, then save the profile. Then under your guest WLAN, set the Quality of Service to Bronze and you will be set.

The only catch is you will have to disable the 802.11G and A radios prior to editing the QoS profiles. You can do this by clicking on "Wireless" and in the left column click "802.11B/G Network". then under the "General" area, uncheck the checkbox that says "802.11b/g Network Status".

Hope this helps.

Hi David,

Very nice thinking here! 5 points for this helpful advise.

Take care,

Rob

Does Qos on the controllers actually work now?

We tried using it back in 3.x, and it did not meet our needs.

It is working fine for us. I have used several tools to verify the bandwidth has been limited and it looks like it has.

Thanks guys for the info. I'll try this. I was hoping there was an easier way than having to limit the bandwidth on the interface. Turns out that's really not the best solution anyway.

Thanks!

That did the trick! Thanks again!

Great info beaver, I have recently implemented this QoS package on our public wireless and have tested it with our local speed test server and have noticed that it only throttles download, upload still runs unchecked. Is this just poor design or am I missing an option somehwere?

Sounds like it should be submitted to TAC. Perhaps it is a bug.

Possibly, although it does satisfy my needs at the moment I just wanted to give everyone else the heads up. These tests were run on a 1242 radio with a 4404 running 4.1.185.0

The speedtests are very reliable.

2007/11/20 14:54:35 3,845,032 3,300,464 995 4 61%

2007/11/20 14:57:59 795,240 3,336,864 980 3 62%

I tried tabbing this out but no luck, fields are; date, time, download, upload, max pause, rtt, qos.

I had set my averages at 768 with a burst of 1024.

Only with WMM, the bi-directional traffice can be controlled, otherwise only download can be applied

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: