How Do I Create An Application Firewall Object For ALL Traffic?

I have a Sonicwall NSA 5000 and I am trying to limit bandwidth for a particular subnet (we do hosting).  I can see with Application Firewall I can limit bandwidth based on Application objects (MP3, HTTP, etc.).  My question is, I don't want to limit it based on type, I want to limit ALL of it - how do I create an Application object that I can use in a policy that encompasses ALL traffic from that subnet?

Thanks!
Chris
idealaccountAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ugo MenaCommented:
what you want to do can be achieved with an Address Object for the subnet .. We use this setup to limit the bandwidth available to our VPN client tunnels and it works great.

but before you can start managing your bandwidth you will need to enter your WAN connection speeds within the Network Interfaces/Advanced/Bandwidth Management section (remember here that Ingress is download speed, Egress is upload speed).
Then create an Address Object range for the subnet you would like to limit.
Next from the Firewall/Access Rules section you create a rule for that Address Object with services set to Any... Next, from within the Access Rules/Advanced tab you set the Limit the connections allowed to X (think sessions here, not users)... Then from within the Access Rules/Ethernet Bandwidth Management tab you should Enable EBM and then set your Guaranteed (Min) % and Max % of your WAN's available bandwidth that can be used by that Address Object.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
idealaccountAuthor Commented:
I don't want to limit sessions, though, just total, bandwidth on the interface (per-vlan basically).  I have people paying for specific amounts of bandwidth (we do hosting) so I need to limit it by amount, not session count.
0
Ugo MenaCommented:
you dont have to enable connection limiting to use the EBM max and min bandwidth mgmt. leave it unchecked and blank and it will be limiting by bandwidth only.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.