08-04-2017 06:55 AM - edited 03-12-2019 02:46 AM
Dear all, I've an ASA 5516 and I'm trying to limit the http based traffic download from users.
192.168.99.0/24 is my local network and I'm using these rules:
access-list global_mpc extended permit tcp any 192.168.99.0 255.255.255.0 eq www
class-map global-class1
match access-list global_mpc
!
class global-class1
inspect http
police input 100000 1500
police output 100000 1500
But it doesn't work, it works only if I remove "eq www" so limit for the download on every port.
Anyone have suggestions?
08-07-2017 04:07 PM
Hi,
Can you try by changing ACL to...
access-list global_mpc extended permit tcp any eq www 192.168.99.0 255.255.255.0
Thx
MS
08-07-2017 11:51 PM
I'll make a test on next days by using cli. With ASDM there's no option to set the source port (only destination) when configuring ACL for QoS.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide