Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1127
Views
0
Helpful
1
Replies

ASA 5510 ver 8.2 rate limit

forman102
Level 1
Level 1

‎01-18-2012 01:01 PM - edited ‎03-11-2019 03:16 PM

Hello,

I'm trying to limit one of my inside hosts, since it's been a little of a hog. I have 3Mb available from my ISP via 2x T1. I'm testing this on a computer in a lab:

PC 10.10.10.10------Cisco2960-------- 10.10.10.1 Inside - ASA - Outside 208.66.x.1------------------------208.66.x.2-Cisco 2811-2xT1

Here's what I've tried so far, please see text in red:

***global (outside) 1 208.66.x.115

***nat (inside) 0 access-list No-Nat

***nat (inside) 1 0.0.0.0 0.0.0.0

asa(config)# access-list Rate_Limit1 extended permit ip host 10.10.10.10 any

asa(config)# class-map Rate_Limit1

asa(config-cmap)# match access-list Rate_Limit1

asa(config)# policy-map Limit_Rate1

asa(config-pmap)# class Rate_Limit1

asa(config-pmap-c)# police output 100000

asa(config)# service-policy Limit_Rate1 interface outside

It didn't work... I was able to max the bandwidth again. I also tried to apply service-policy to inside int, which didn't make a difference.

What am i doing wrong?

Thank you,

forman

Labels:
0 Helpful
1 Reply 1

ajay chauhan
Level 7
Level 7

‎01-18-2012 01:21 PM

You can only guarantee or priorites based on match. Traffic shaping is only for class-default.

Please see the link-https://supportforums.cisco.com/docs/DOC-1230

Thanks

Ajay

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card