Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 30691 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

have anyone problem to apply traffic shaping limit bandwidth?

BrunoZavettieri

HI all,

after installing a Sophos XG by a customer users occasionally report an internet line lock. The monitoring exercise showed an excessive bandwidth use of some PC saturating traffic (traffic type was microsoft windows update it seems).

We tried to put some limitations with the policy of traffic shaping. We have created a clientless host for each PC and applied a traffic policy to limit the bandwidth for each host.

But it seems that the bandwidth continues to be saturated at random by some hosts.And seems that traffic shaping policy is not applied.

Someone has already had the goalscoring stakes type of problems?

thanks,



This thread was automatically locked due to age.
Parents
  • 0

    Hi Bruno,

    Please explain, which traffic shaping policy have you configured? Can you please post the screenshots so that I can look at the configurations.

    Thanks

  • 0 in reply to sachingurung

    Hi,

    the problem was in the windows update. If i drop windows update DNS the bandwidth usage is normal. Seems policy doesn't match policy. This is the screenshot first and after:

    I have applied drop after 11.00 AM. 

    So, firstly i have configurate a clientless policy for all IP in subnet:

    this policy doesn't work for all clientless user. one or two client saturate network traffic.(view previous screenshot)

    Now i have insert this rule:

    I have also try to insert a policy of traffic shaping to this rule but seems to not work. this is the policy that i have try to apply to this "drop rule":

    This is the Traffic Shaping policy Settings:

    Seems that some client windows 10 and some service doesn't match policy. I have test configuration with a Virtual Machine with windows 10. I try to download update and to download a File with FTP and in this case all policy of traffic shaping work.

    thanks,

  • 0 in reply to BrunoZavettieri

    I have the same problem, we have tried this:

    Set bandwidth of connection correctly.

    Create category limit policy of 2Mbps (256KBps) and apply as shared limit to web categories Information Technology and ~Updates

    Create application limit policy of 1Mbps (125KBps) and apply a share limit to appropriate applications

    Tick both boxes on policy to apply web category and application bandwidth controls 

    Most gets controlled but some seem to get through even though they are identified correctly and bandwidth saturation occurs.  Also we have only about 20% of the disk in use even though we have enabled caching.

    We are running MR1 at the moment on these firewalls.

    Cheers,

    Charles

Reply
  • 0 in reply to BrunoZavettieri

    I have the same problem, we have tried this:

    Set bandwidth of connection correctly.

    Create category limit policy of 2Mbps (256KBps) and apply as shared limit to web categories Information Technology and ~Updates

    Create application limit policy of 1Mbps (125KBps) and apply a share limit to appropriate applications

    Tick both boxes on policy to apply web category and application bandwidth controls 

    Most gets controlled but some seem to get through even though they are identified correctly and bandwidth saturation occurs.  Also we have only about 20% of the disk in use even though we have enabled caching.

    We are running MR1 at the moment on these firewalls.

    Cheers,

    Charles

Children
No Data