Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 7460 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Limit total bandwidth used by UTM external interface

Ifor Davies

I've got a Sophos UTM running V9.317-5 connected to a 20Mbps leased line. I want to stop the UTM from using more than 16 Mbps when downloading from external locations, as I have other devices connected to the leased line, and I want to prevent the UTM from using all the available bandwidth. Unfortunately, putting these other devices behind the UTM so I can use QOS to protect their share of the bandwidth is not an option available to me.

So, what's the best way of limiting the total download bandwidth? Do the figures for downlink/uplink speed that I enter for an interface in Quality of Service > Status actually have a effect on limiting the bandwidth, or are they just used for QOS calculations? Do I need to add a throttling rule to the external interface - and if so, would this also limit downloads being made by the web proxy and the SMTP proxy?

Any suggestions gratefully received!

Ifor



This thread was automatically locked due to age.
Parents
  • 0

    EDIT: I don't think this will help.  Please read the rest of the thread.

    Really, having them behind the UTM wouldn't change anything about the blocking required.  It would just require another rule above the one for everything else.  As you've correctly surmised, the solution is to limit 'Any -> Any -> Any' to 16Mbps using a Download Throttling rule on the External interface.

    Cheers - Bob

  • 0 in reply to BAlfson

    You know, Ifor, I wasn't paying enough attention when I wrote that.  In fact, there's not much you can do.  If your ISP offers QoS, you could have them limit the traffic sent to the IP of "External (Address)," but if they fill a 20Mbps pipe with that traffic, I suspect that having the UTM drop 20% of the traffic will just prolong the pain.  Please let us know the result of your tests.

    Cheers - Bob

Reply
  • 0 in reply to BAlfson

    You know, Ifor, I wasn't paying enough attention when I wrote that.  In fact, there's not much you can do.  If your ISP offers QoS, you could have them limit the traffic sent to the IP of "External (Address)," but if they fill a 20Mbps pipe with that traffic, I suspect that having the UTM drop 20% of the traffic will just prolong the pain.  Please let us know the result of your tests.

    Cheers - Bob

Children
No Data