Traffic Shaping Issue on PIX 515

Aug 12th, 2009
I tried to set up traffic shaping on our PIX to restrict users from reaching th 3mb limit of our bonded Ts. One I applied it to the outside interface, all outbound traffic was shutdown completely. When i removed it from the interface, traffic immediately began to flow again. Below is the config I added:

(config-pmap)#policy-map shape_policy

(config-pmap)# class class-default

(config-pmap-c)# shape average 2560000 30960

(config-pmap-c)# service-policy shape_policy interface outside

Anonymous (not verified) Tue, 08/18/2009 - 08:40
The following example enables traffic shaping for all traffic on the outside interface, and prioritizes traffic within VPN tunnel-grp1 with the DSCP bit set to ef:

hostname(config)# class-map TG1-voice

hostname(config-cmap)# match tunnel-group tunnel-grp1

hostname(config-cmap)# match dscp ef

hostname(config)# policy-map priority-sub-policy

hostname(config-pmap)# class TG1-voice

hostname(config-pmap-c)# priority

hostname(config-pmap-c)# policy-map shape_policy

hostname(config-pmap)# class class-default

hostname(config-pmap-c)# shape

hostname(config-pmap-c)# service-policy priority-sub-policy

hostname(config-pmap-c)# service-policy shape_policy interface outside


