cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1998
Views
0
Helpful
3
Replies

Limit an IPSec user's traffic volume

hanwucisco
Level 1
Level 1

Is there anyway to limit a user's traffic volume on ASA8.4? if there is, how?

Thanks,

Han

3 Replies 3

pkupisie
Cisco Employee
Cisco Employee

You can use match tunnel-group in MPF on ASA.

Please refer to configuration guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/conns_qos.html

Sorry to the late reply.

My question is like, set a maximum number of traffic a IPsec user can use from the tunnel. For instance, 10 G a week.

I didnt find your document has a relavent part to it. Correct me if I am wrong.

thanks,

Han

Hi Han,

I don't see myself possibility to do that.

You can limit data transferred in one IPSEC SPI before renegotiation using

crypto ipsec security-association 

but this is not what you are looking for.

I guess if you really want to achieve it you would need to use some external script going to ASA periodically through SSH and parsing output of some show commands.