I have been struggling to make sense of the QoS features of ASL v4 for a couple of days now. We use Astaro to allow VPN connections in to our main office from 3 different locations, as well as using the NAT/Proxy features of the product to allow internal users in the main office to access the Internet. The problem is that the users at the main office slow the VPN connections to a crawl whenever they're downloading large files, viewing streaming media, etc. I need to limit the amount of bandwidth these internal users consume. As best as I can figure, I need to configure an alias interface for each external IP address I want to use in my NAT rules, and then create a QOS rule that restricts the amount of bandwidth traffic from the Internet to that interface can use. For example, I create an alias interface for the Internet-facing eth1 under Network/Interfaces:
interNAT1 (200.200.200.101/32)
and then create a NAT rule that translates for a specific pc:
John_PC -> Internet / All (src: interNAT1_interface) (dst: None)
Then I add QOS rule:
From Svc To Wt Borrow
Internet Any inat_1_Interface__ low Don't Borrow
Unfortunately, this does not appear to work. Surely someone else out there has had to resolve a similar issue, preventing internal users from using all of organization's Internet bandwidth. What's the secret?
Thank you in advance. Beer and pizza will be sent to the winning entry. [:)]
This thread was automatically locked due to age.
