11-23-2012 09:50 AM - edited 02-21-2020 06:30 PM
11-29-2012 09:24 AM
You can use match tunnel-group in MPF on ASA.
Please refer to configuration guide:
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/conns_qos.html
12-10-2012 12:13 PM
Sorry to the late reply.
My question is like, set a maximum number of traffic a IPsec user can use from the tunnel. For instance, 10 G a week.
I didnt find your document has a relavent part to it. Correct me if I am wrong.
thanks,
Han
12-15-2012 11:38 PM
Hi Han,
I don't see myself possibility to do that.
You can limit data transferred in one IPSEC SPI before renegotiation using
crypto ipsec security-association
but this is not what you are looking for.
I guess if you really want to achieve it you would need to use some external script going to ASA periodically through SSH and parsing output of some show commands.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide