Solved

How Do I Create An Application Firewall Object For ALL Traffic?

Posted on 2009-06-30
4
757 Views
Last Modified: 2012-06-27
I have a Sonicwall NSA 5000 and I am trying to limit bandwidth for a particular subnet (we do hosting).  I can see with Application Firewall I can limit bandwidth based on Application objects (MP3, HTTP, etc.).  My question is, I don't want to limit it based on type, I want to limit ALL of it - how do I create an Application object that I can use in a policy that encompasses ALL traffic from that subnet?

Thanks!
Chris
0
Comment
Question by:idealaccount
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
Ugo Mena earned 125 total points
ID: 24749488
what you want to do can be achieved with an Address Object for the subnet .. We use this setup to limit the bandwidth available to our VPN client tunnels and it works great.

but before you can start managing your bandwidth you will need to enter your WAN connection speeds within the Network Interfaces/Advanced/Bandwidth Management section (remember here that Ingress is download speed, Egress is upload speed).
Then create an Address Object range for the subnet you would like to limit.
Next from the Firewall/Access Rules section you create a rule for that Address Object with services set to Any... Next, from within the Access Rules/Advanced tab you set the Limit the connections allowed to X (think sessions here, not users)... Then from within the Access Rules/Ethernet Bandwidth Management tab you should Enable EBM and then set your Guaranteed (Min) % and Max % of your WAN's available bandwidth that can be used by that Address Object.

0
 

Author Comment

by:idealaccount
ID: 24784699
I don't want to limit sessions, though, just total, bandwidth on the interface (per-vlan basically).  I have people paying for specific amounts of bandwidth (we do hosting) so I need to limit it by amount, not session count.
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 24836743
you dont have to enable connection limiting to use the EBM max and min bandwidth mgmt. leave it unchecked and blank and it will be limiting by bandwidth only.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello All, I have been training on Multicast for a while now and whenever I start the topic , I find out that my friends /  Colleagues mention that they do not know how to test Multicast Joins. As most of the multicast would be video traffic and …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question