cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
893
Views
0
Helpful
7
Replies

Bandwidth polycing for Remote VPN Sessions on ASA

aashihmin
Level 1
Level 1

Can I police bandwidth for my VPN sessions on ASA?

I didn't find that in ASDM

7 Replies 7

andrew.prince
Level 10
Level 10

You would need to write an ACL with destination/source IP then apply the bw limitations based on the ACL.

HTH>

With this I will not police VPN session. I will police all VPN traffic. Am I right?

MMMM that all depends on how you have your VPN tunnels configured and where you actually apply the policy.

If the traffic is entering a VPN tunnel over the internet - simple QoS will not fix the issue.....as how can you tell the VPN encrypting device there is congestion 2 hops away in the internet - you can't.

Please explain your issue and topology with as much detail as you have and lets see if we can fix it. All info in a diagram would be best - real IP addresses are not required for this.

HTH>

Inside -> ASA <- INTERNET

Users from Internet connects via Cisco VPN Client with ASA. Some users take too much bandwidth. I want to fix that, I want to allocate bandwidth for each VPN sessions and police or shape them with threshold 1Mbps

OK - not sure if you can do it per users/session, but I suppose if each user gets a specific IP every time then it's possible.

In the past I have performed QoS Policing on a specific group of users = the tunnel remtoe VPN group.

HTH>

This link doesn't open

Forbidden File or Application

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: