Traffic Shaping (bandwidth limiting)

//Traffic Shaping on Cisco ASA. This  should limit the bandwidth of the 192.168.20.0 network to 10/10Mbps
//You can only have ONE per interface, so use a policy-map name that can work for many classes inside it

-Create Access-Lists, one for inbound and one for outbound traffic for an internal subnet you want to limit
    )#access-list Canabru_Coffee_Limit_Up_ACL extended permit ip 192.168.20.0 255.255.255.0 any
    )#access-list Canabru_Coffee_Limit_Down_ACL extended permit ip any 192.168.20.0 255.255.255.0

-Create class maps to map the access-lists    
    )#class-map CB_Up_CLASS
        #)match access-list Canabru_Coffee_Limit_Up_ACL
    )#class-map CB_Down_CLASS
        #)match access-list Canabru_Coffee_Limit_Down_ACL
        
-Create policy maps to map the policy to the class
    )#policy-map OUTSIDE_POLICY            
        )#class CB_Up_CLASS
            )#police output 10485500        //limiting the output to roughly 10Mbps
        )#class CB_Down_CLASS
            )#police input 10485500            //limiting the input to roughly 10Mbps
        
//*You would create as many up and down classes under the above policy to cover all traffic shaping on the interface that you're going to assign it to below, as you can only apply one service-policy to an interface
            
-Apply the new policies to your outside interface(s)
    )#service-policy OUTSIDE_POLICY interface OUTSIDE

-Clear current connections from a given address to activate poicy. Only neccessary if the device you will test traffic shaping with already has an active connection.
    #clear conn add x.x.x.x

-Clear current translations to activate new policy active. Only neccessary if the device you will test traffic shaping with already has an active connection.
    #clear xlate



//THE END

Was this answer helpful?

 Print this Article

Also Read

Basic ASA Setup

//this will explain how to setup the basics of a Cisco firewall device//This is based on is...

Powered by WHMCompleteSolution