Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
858
Views
5
Helpful
2
Replies

Per User Bandwidth Rate Limiting on an ASA v9.8

N3t W0rK3r
Level 3
Level 3

‎09-24-2018 01:45 PM - edited ‎02-21-2020 08:16 AM

I am looking to understand if it is possible (and how) to implemented traffic policing on a per user (or per host) basis on a Cisco ASA 5525-X with FirePower Services running v9.8 software?

 

We can do this kind of thing on our wireless controllers, but I would like to do this at our Internet edge to prevent some users from monopolizing our pipe.


Thanks in advance.

 

John

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎09-24-2018 01:58 PM

just putting some sample configuration.(may be some syntax may change depends on version)

 

config t
!
access-list inet_1mb extended permit ip 10.10.10.0 255.255.255.0 any
!
class-map inet_limit
match access-list inet_1mb
!
policy-map throttle_inet
class inet_limit
!
police output 1000000 2000 conform-action transmit exceed-action drop   <-- 1Mb Limit
police input 1000000 2000 conform-action transmit exceed-action drop  <-- 1Mb Limit
!
service-policy throttle_inet interface inside

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

N3t W0rK3r
Level 3
Level 3
In response to balaji.bandi

‎09-25-2018 11:20 AM

Thank you Balaji. 

 

I believe your config just limits the aggregate bandwidth of ALL the hosts specified in the access-list to 1 Mbps.  Or does it apply the 1 Mbps policy to EACH host in the range?

 

Please clarify.


Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card