Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510 QoS

I have an ASA 5510 with the newest OS. The ASA is connected to a broadband internet connection.

Is there a way to limit per user traffic to a proportional subset of the total available bandwidth. As an example suppose a single user is accessing the internet, as the sole user they should be allowed to utilize the entire pipe. Suppose four other users begin accessing the internet resulting in a total of five internet users. At this point each user should be allowed to use a proportional amount of the internet connection, specifically one-fifth.

If that is possible I would prefer an even more intelligent route where all users are allowed as much bandwidth as they require unless another user is limited to less than a proportional amount. Suppose 5 users on a 1mbit connection. If 4 of the users were only utilizing 1/10 of the bandwidth each, the other user would be allowed to use the remaining bandwidth. In effect each user would be guaranteed a proportional bandwidth percent but if they aren't using that bandwidth it divided among the remaining users.

Is this possible with an ASA and if so can someone please offer a detailed config.


Re: ASA 5510 QoS

From what I can remember, this is not possible on ASA, unless you want to setup a QoS policy with each class matching ACL that matches specific user's source IP address and then police (rate limit) that class. Such configuration would not be flexible and dynamic as you requested. ASA has a per-flow QoS, but it only works for VPN tunnel-groups, where each external user's VPN connection would be rate limited to a specified bandwidth.