Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BW Policy on VPN Concentrator

I need clarification on the BW policies. With the new software release 4.x it is possible to specify a default BW policy which is applied to the public interface. And you can also specify a BW policy for every group and/or LAN-to-LAN. If you don't specify a specific BW policy, the default policy is applied. Let's say, for example, my default policy is 128 k. Does that mean every group and LAN-to-LAN gets 128 k each if nothing else is specified, or do all the groups and LAN-to-LANs in total get 128 k?

Thanks, Meg


Re: BW Policy on VPN Concentrator

With the bandwidth policy applied to an interface, every user connecting to that interface will get a fixed amount of bandwidth. This amount depends on the configured value. If you leave it at the default, and if the default is 128K, every user will get 128K reserved bandwidth and also access to the remaining unreserved bandwidth. I found this great example in one of the documents. "Suppose the link rate on your public interface is 1,544 kbps. And suppose you apply a reserved bandwidth policy to that interface that sets the reserved bandwidth to the default: 56 kbps per user. With this link rate and policy setting, only a total of 27 users can connect to the VPN Concentrator at one time. (1544 kbps per interface divided by 56 kbps per user equals 27 connections.) The first user who logs on to the VPN Concentrator gets his reserved 56 kbps plus the remainder of the bandwidth (1488 kbps). The second user who logs on to the VPN Concentrator gets his reserved 56 kbps plus he shares the remainder of the bandwidth (1432 kbps) with the first user. When the twenty-seventh user connects, all users are throttled to their minimum of 56 kbps per connection. When the twenty-eighth user attempts to connect, the VPN Concentrator refuses the connection. It does not allow any additional connections because it cannot supply the minimum 56 kbps reserve to more users".

You could also refer to

CreatePlease login to create content