Guest User!

You are not Sophos Staff.

Thread Info
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 3353 views
  • Users 0 members are here
Options
Suggested

Sophos Firewall: How to Configure QoS and understanding the conceptual difference between the shared and individual

Vivek Jagad

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Overview

The purpose of the Recommended Read is to instruct on how to configure QOS to limit user bandwidth.

Topology

Configuration 1: Rule Base

Step1: Trafic-Shaping Policy

 To limit the bandwidth to 10 Mbps, go to CONFIGURE > System services > Traffic Shaping
             


Step2: Firewall rule
            Go to PROTECT > Rules and policies> Add.



Step3:Testing of Results

Go to web browser and test on any speed test site (ex. https://www.speedtest.net/)

Configuration 2: User Base

Step1: Creating User Base

Here we’re using clientless users. Go to CONFIGURE > Authentication > Clientless users


Step2: Traffic Shaping Policy

Under Traffic> Policy association, Click Users Radio button.


Step3: Enabling User's Policy

Under the Firewall rules > Other security features. Select the policy created.





Step4: Results

Conceptual Difference between the Shared and Individual

Example for Individual concept:

#4 users
1 firewall rule
1QOS 1mbps individual
each wil get 256

#Same for 2 firewall rules
2 users each rule
1QOS 1mbps individual
Each will get 512

#Now 4 rules for 4 users
1 user each firewall rule.
each will get 1MBPS

Example for Shared concept:

#4 users
1 firewall rule
1QOS 1mbps Shared

#Same for 2 firewall rules
2 users each rule total of 4 users
1QOS 1mbps shared
Each will get 256

#Now 4 rules for 4 users
1 user each firewall rule.
each will get 256

 Individual - multiplying factor.
Shared - Within that QOS range.

Note - To illustrate the conceptual difference between the two options, we used 1 Mbps as an example.
To convert Mbps to KB/s, there is a link - https://www.gbmb.org/mbps-to-kbs

I hope this article has helped you achieve your requirement and clarified your doubts!



Updated Disclaimer
[edited by: Erick Jan at 9:08 AM (GMT -7) on 17 Apr 2023]
Parents

  • Hello, I want to get rid of my doubts about QoS; I hope you can give me a guide on that and I would be grateful.

    Shared 2:1; I must create 1 rule per user IP which I will add a QoS that will be shared for 2 clients.
    Specific plan 30Mbps must show the speed test; when 2 users are connected at the same time it can show you 30Mbps or the guaranteed 15Mbps.

    Shared Public Wifi; I must create 1 general rule which I will add a QoS that will be shared for clients.
    Specific 5Mbps plan must show the speed test; which will have a 5Mbps limit

    Single 1:1; I must create 1 rule for each user IP which will add a QoS that will be unique for each user.
    Specific plan 40Mbps must show the speed test; which will have a limit and guaranteed 40Mbps

    How to create a QoS rule for VPN and prioritize connectivity.
    Can you confirm if the QoS is properly configured, the issue of priority can better explain its functionality.

    drive.google.com/.../1s9fxeyzXAZbHApsRT-LRJ2AVahCoN7FH

    I attach images so that it can be downloaded and they can validate my processes; thank you so much.

Reply

  • Hello, I want to get rid of my doubts about QoS; I hope you can give me a guide on that and I would be grateful.

    Shared 2:1; I must create 1 rule per user IP which I will add a QoS that will be shared for 2 clients.
    Specific plan 30Mbps must show the speed test; when 2 users are connected at the same time it can show you 30Mbps or the guaranteed 15Mbps.

    Shared Public Wifi; I must create 1 general rule which I will add a QoS that will be shared for clients.
    Specific 5Mbps plan must show the speed test; which will have a 5Mbps limit

    Single 1:1; I must create 1 rule for each user IP which will add a QoS that will be unique for each user.
    Specific plan 40Mbps must show the speed test; which will have a limit and guaranteed 40Mbps

    How to create a QoS rule for VPN and prioritize connectivity.
    Can you confirm if the QoS is properly configured, the issue of priority can better explain its functionality.

    drive.google.com/.../1s9fxeyzXAZbHApsRT-LRJ2AVahCoN7FH

    I attach images so that it can be downloaded and they can validate my processes; thank you so much.

Children
Unfiltered HTML