06-12-2009 12:56 PM - edited 03-09-2019 10:21 PM
Hi,
My Setup is :-
Internet----Internet_RTR----PIX----L3_Switch
Internet Bandwidth = 3MB
We are hosting Servers and LAN Users browse internet using the same link.
I want to dedicate internet Bandwidth as
Web-Server Hosting = 2MB
Internet_Browsing for Lan Users = 1MB
LAN Users are on VLAN#5
Web-Server on VLAN#10
Microsoft_ISA_Server on VLAN #15 ( Internet Proxy Server to share internet for LAN Users )
Lan_Users : 192.168.100/24
Web_server : 10.10.10.1/24
Microsoft ISA_Server : 192.168.1.0/24
Pix Firewall IP : 172.20.17.1/29
L3_Switch IP : 172.20.17.2/29
Can Someone Help based on the information how could i allocate bandwith for services.
06-26-2009 02:58 PM
What PIX OS version are you running?
06-28-2009 04:55 AM
You can do tis on either the L3 switch, PIX (v 7.0 +) and Ur Internet router.
On the L3 switch this can be done on the L3 link connecting to the firewall. On the PIX inside interface if ios version is greater than or equal to 7.0, and on the internet router Inside interface if you are no doing NAT on the PIX and doing it on the router.
For doing this u need to write down access-lits differnetiating the server and proxy etc.
then u need to create class-map and match the access-lists into them, create policy-maps and intergrate the classes into them and finally bind it to the interface using a service policy.
I can provide the detail config which i have to spend some time, but i suggest you to do some reading w.r.t "Policing (QOS)" in order to understand what ur are doing so that u can handle any issues that might occur later.
All the best.
07-10-2009 04:54 AM
Please note that inbound and outbound traffic need diferent policies.
I wrote this post some weeks ago for inbound traffic:
You need one external address for each policy.
Guido.
Please rate all the helpful comments.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide