this is my router qos configuration:
Class Map match-all FTP (id 8)
Match protocol ftp
Class Map match-all IPSEC (id 1)
Match protocol ipsec
Class Map match-any R5 (id 6)
Match access-group 170
Class Map match-any URL-RESTRICT (id 7)
Match protocol http url "*youtube*"
Match protocol http url "*video.google*"
Match protocol http url "*myspace*"
Match protocol http url "*220.ro*"
Match protocol http url "*trilulilu.ro*"
Policy Map WAN
Bandwidth 15 (%) Max Threshold 64 (packets)
Flow based Fair Queueing
Bandwidth 0 (kbps) Max Threshold 64 (packets)
Policy Map LimitR0
police cir 80000 bc 2500 pir 90000 be 2812
fastEthernet 0 is my outsite (WAN) interface
fastEthernet 1 is one of my inside (LAN) interface
policy WAN is applied on fastEthernet0 outside direction
policy LimitR0 is applied on fastEthernet1 on inside direction
The problems are:
1) the URL restriction doesn't work. I belive that I would have access denied to those sites. Is this correct?
2) ftp restriction is not working. I am able to transfer ftp with 300KB. I want to limit ftp for the subnet that is connected to fastEthernet1 to maximum 1Mbps.
3) when I do a "sh policy-map int fast0", ipsec traffic is 0: Class-map: IPSEC (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol ipsec
Output Queue: Conversation 266
Bandwidth 15 (%)
Bandwidth 15000 (kbps)Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
can U please take a moment and clear this for me?