Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
870
Views
0
Helpful
1
Replies

Policy MAP Issue on ASA

helpmeplz
Level 1
Level 1

‎03-13-2013 01:59 AM - edited ‎02-21-2020 04:50 AM

Hi i have configured following  Policy MAp to restrict 12.203 to use 5mb bandwidth.

Issue is that i dont recieve any hits when i apply this on outside interface like that

service-policy PM-RATELIMIT interface outside

But when i add permit ip any any in ACL then i receive hits.

Else This map work fine in inside interface but i want to apply it on outside .

Conf are as follows

access-list vlan10_rate_limit extended permit ip host 192.168.12.203 any

class-map CM-RATELIMIT

match access-list vlan10_rate_limit

policy-map PM-RATELIMIT

class CM-RATELIMIT

  police input 5000000

0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-14-2013 05:51 AM

the ACL that you have configured is sourcing from the internal host to any on the outside. So you would need to apply that on the inside interface.

If you would like to limit the return traffic towards that host, then you would need to configure ACL with source any and destination the NATed ip address of that internal host.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card