Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 20889 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Limit bandwidth to Guest WiFi Network per user / IP

MiroslavCacija

Hi,

 

I want to limit bandwidth for Guest WiFi network, lets say to 2 Mb up/down, per individual IP. The only way i managed to achieve this is by creating entire guest WiFi subnet IP's as clientless users, and then apply user traffic shaping to the rule. Is this the right and only way to archive this ?



This thread was automatically locked due to age.
Parents
  • 0

    MiroslavCacija said:

    I want to limit bandwidth for Guest WiFi network, lets say to 2 Mb up/down, per individual IP. The only way i managed to achieve this is by creating entire guest WiFi subnet IP's as clientless users, and then apply user traffic shaping to the rule. Is this the right and only way to archive this ?

     
    Miroslav Cacija,
     
    Go to Configure > System Services > Traffic Shaping.  Decide which User-Based Individual rule (Restriction Type) you wish to use.  You can also create your own.
     
    Now go to Protect > Firewall.  Edit the firewall rule covering your Guest Wi-Fi Zone.  (Add a Firewall Rule if you don't have one for your Guest Wi-Fi.)  In the firewall rule, set the Traffic Shaping Policy in Advanced to the rule you chose or made above.
     
    That's it!
  • 0 in reply to David Birdsall

    Yes, but whole IP subnet needs to be created as users ???

  • 0 in reply to MiroslavCacija

    Do as david suggested above and create a network traffic shaping rule (policy association >rules) and change the bandwidth type to shared. Lets call this rule throttle guests. Now create a firewall rule and make sure that match known users is unchecked and in traffic shaping policy use throttle guests as your policy. This will throttle the whole network without assigning any usernames etc.

    Keep in mind though that if you have 100mb for your guest network available one user will be able to use all that bandwidth when downloading torrents etc. Use individual bandwidth type in traffic shaping rule if you want to throttle each user individually. But assigning individual bandwidth will limit each user to assigned bandwidth even if there is more bandwidth available.

  • 0 in reply to Billybob

    Have you actually tried this, or you think that it SHOULD work that way ? I've tried all the variations, and as I've said, only the one with creating users actually works if you want to have 2 Mbit limit per IP.

  • 0 in reply to MiroslavCacija

    Here are my firewall rules. Even if I hadn't tried it, david's advice above is correct. 

Reply Children
  • 0 in reply to Billybob

    Try to test it than ... use let's say two cellphones simultaneously and start Speedtest on each device at the same time. You should get let's say 2 Mbit/sec on each device, simultaneously.

     

    Best Regards.

  • 0 in reply to MiroslavCacija

    You are correct, it considers the rule as shared bandwidth and not individual bandwidth. Definitely a bug when using individual policy bandwidth profile in firewall rules .

    I guess my guests never complained when they were getting throttled down to hardly nothing[:D]

    Edit: Open a support case with sophos if you are not a home user. They need to fix this as I am sure there are many other users like myself that had that rule working previously just assume that it is working correctly now.

  • 0 in reply to Billybob

    Don't know if this was working before, but it seems it's by design ... so there is a way to get this working, but having one /22 subnet defined as clientless users, is just not that nice way to achieve something that should be achieved more easily ... someone else have similar experience maybe ?

    Best Regards.