I'm having some trouble with my QoS statements, on my ASA5505.
The config is done like this:
access-list SIP extended permit tcp any any eq sip
access-list SIP extended permit udp any any eq sip
access-list SIP extended permit tcp any eq sip any
access-list SIP extended permit udp any eq sip any
access-list tcp-trafikk extended permit tcp any any
match access-list SIP
match access-list tcp-trafikk
police input 1200000 256000
police output 1200000 256000
service-policy Voice interface outside
My goal is to restrict users from taking more than 1.2 Mbits of bandwidth on the outside interface, in either direction.
In the attachment, i have put two screenshots, made while downloading from an external site via ftp. As you can see, the ASDM outside interface log window shows speeds up to 1.8 Mbits, while the CLI command "show service-policy interface outside", shows conformed bps on input, to only 800+ Kbps. This means that the policing never really kicks in, as i have set it to 1.2 Mbits. Can someone explain to me what this means, or if i'm of track completely?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...