08-04-2017 06:55 AM - edited 03-12-2019 02:46 AM
Dear all, I've an ASA 5516 and I'm trying to limit the http based traffic download from users.
192.168.99.0/24 is my local network and I'm using these rules:
access-list global_mpc extended permit tcp any 192.168.99.0 255.255.255.0 eq www
class-map global-class1
match access-list global_mpc
!
class global-class1
inspect http
police input 100000 1500
police output 100000 1500
But it doesn't work, it works only if I remove "eq www" so limit for the download on every port.
Anyone have suggestions?
08-07-2017 04:07 PM
Hi,
Can you try by changing ACL to...
access-list global_mpc extended permit tcp any eq www 192.168.99.0 255.255.255.0
Thx
MS
08-07-2017 11:51 PM
I'll make a test on next days by using cli. With ASDM there's no option to set the source port (only destination) when configuring ACL for QoS.
Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: