11-16-2016 07:22 PM - edited 03-12-2019 01:32 AM
Hi, we have a Cisco ASA5520 as our Firewall, lately a lot of users are having some downloads, video stream, etc. Though we can see under monitoring which IP address is hogging the bandwidth, my question is, I know that only web filters are able to block sites with streaming, etc...
Is there a bandwidth limitation which Cisco ASA can do to that specific port or IP?
Thanks
Jeff
Solved! Go to Solution.
11-17-2016 12:13 AM
On the ASA you can configure MPF, where you describe traffic in a class-map based on address and port. These classes are referenced in a policy-map where you can police the traffic. That means that all traffic above the given policing-rate is dropped.
All in all, this will be a nightmare to configure. Given that the ASA 5520 is approaching EOL, it's time to look for a replacement. The Cisco Meraki MX appliances are really powerful when it comes to traffic control like you want to do it.
11-17-2016 12:13 AM
On the ASA you can configure MPF, where you describe traffic in a class-map based on address and port. These classes are referenced in a policy-map where you can police the traffic. That means that all traffic above the given policing-rate is dropped.
All in all, this will be a nightmare to configure. Given that the ASA 5520 is approaching EOL, it's time to look for a replacement. The Cisco Meraki MX appliances are really powerful when it comes to traffic control like you want to do it.
11-17-2016 07:15 AM
I see, luckily we're on the part where we thought of migrating to a NGFW.
Thanks though for the input.
Jeff
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide