FTD 1150 implement rate limit bandwidth

Roberto Casagrande · ‎05-28-2021

Hi,

we have installed a couple of firepower 1150 in substitution of asa 5520.
in the asa I had configured rate limit bandwidth for networks that request internet connection.

Is it possible to configure it without FMC?

Thanks a lot

R

balaji.bandi · ‎05-28-2021

check FMC config - hope that help you.

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/quality_of_service__qos__for_firepower_threat_defense.html#id_16325

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Roberto Casagrande · ‎05-28-2021

Thanks but I didn’t see anything

rschlayer · ‎06-01-2021

I believe you have to use FlexConfig on FDM to achieve this. You can use ASA CLI commands for it.

BR
Rick

Roberto Casagrande · ‎06-01-2021

Thanks Rick for support,

but the problem is the commands, some commands not the same of ASA. We have try to transfer the old ASA configuration but nothing, FTD not accept some command

Below the commands of ASA

service-policy inside-policy interface inside
!
!
!
policy-map inside-policy
class inside-class2
police input 80000000 2000000
police output 80000000 2000000
!
class-map inside-class2
match access-list inside_mpc_2
!
!
access-list inside_mpc_2 extended permit object-group DM_INLINE_SERVICE_8 192.168.19.0 255.255.255.0 any
access-list inside_mpc_2 extended permit object-group DM_INLINE_SERVICE_9 any 192.168.19.0 255.255.255.0
!
!
object-group service DM_INLINE_SERVICE_8
service-object tcp-udp
service-object ip
service-object tcp
service-object tcp eq ftp
service-object tcp eq ftp-data
object-group service DM_INLINE_SERVICE_9
service-object tcp-udp
service-object ip
service-object tcp
service-object tcp eq ftp
service-object tcp eq ftp-data

rschlayer · ‎06-01-2021

Yea I am sorry but I believe you cannot create ACLs (not bound to interfaces) in FDM yet.

I would highly recommend going for FMC in that case.