Link to home
Create AccountLog in
Avatar of cegepdematane
cegepdemataneFlag for Canada

asked on

Limit bandwidth on a single PC with Cisco ASA

I try to test the QOS possibilities of the ASA5520 so i've throttle my IP but i didn't seem to slow down

And in the config i've put this

hostname(config)# access-list myPC permit tcp host 10.6.18.40 any
hostname(config)# class-map myPC
hostname(config-cmap)# match access-list PC
hostname(config)# policy-map restrict_PC
hostname(config-pmap)# class myPC
hostname(config-pmap-c)# police output 256000 20000

service-policy restrict_PC interface outside

Is there anything wrong in my syntax ?
Avatar of harbor235
harbor235
Flag of United States of America image

How are you test throughput? you have defined 256K bps with max burst of 20K Bps.

Do the following;

show service-policy myPC, what do youo see? also look for ACL hits

-harbor235 ;}
Avatar of cegepdematane

ASKER

sh service-policy interface outside

Interface outside:
  Service-policy: restrict_PC
    Class-map: myPC
      Output police Interface outside:
        cir 256000 bps, bc 20000 bytes
        conformed 0 packets, 0 bytes; actions:  transmit
        exceeded 0 packets, 0 bytes; actions:  drop
        conformed 0 bps, exceed 0 bps

At the very least you seem to have a typo - myPC vs PC:

hostname(config)# access-list myPC permit tcp host 10.6.18.40 any
hostname(config-cmap)# match access-list PC
It's likely also an issue that you match again a 10 address on the outside interface.
Sorry it was a mistake there were no typo error in my config ..only here

you've right it should be applied on the inside interface ?
ASKER CERTIFIED SOLUTION
Avatar of Voltz-dk
Voltz-dk
Flag of Denmark image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer