Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco PIX 525 and traffic shaping / policy options

Posted on 2010-09-22
4
Medium Priority
?
786 Views
Last Modified: 2012-06-22
Dear Expert,

I am using a Cisco Pix 525 ver 8.0.4 to access the internet from my company.
I need to give priority or to allow an amount of bandwidth to a specific website.

for exemple I have 10Mbits for the internet access, I need to reserve 8MBits for www.cisco.com and 2Mbits for the rest of the traffic.

How can I do this ?

Thx
Jérémy
0
Comment
Question by:martineit
  • 3
4 Comments
 
LVL 16

Expert Comment

by:InteraX
ID: 33734294
What version of the OS are you running. This will require the QoS Modular Policy Framework feature that is only available in v7.0 and above. This will be a hard limit that cannot be expanded on, so you would have 8Mb exclusively for cisco.com and the 2Mb exlusively for everything else. If you want more flexible packet shaping, you will need to look at a packet shaping device.
0
 
LVL 16

Assisted Solution

by:InteraX
InteraX earned 2000 total points
ID: 33734338
Details of the Cisco PIX/ASA feature can be found at http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008084de0c.shtml

An overview of packet shaping devices etc can be found at http://www.processor.com/editorial/article.asp?article=articles%2Fp2816%2F07p16%2F07p16.asp. There is also the bluecoat packet shaper which used to go by the name packeteer. http://www.bluecoat.com/products/packetshaper
0
 
LVL 1

Author Comment

by:martineit
ID: 33734827
Thanks for the information. I have IOS version 8.0.4.
so the QoS Modular Policy Framework should be available.

Could you give me the piece of code I should put in the configuration in order to allow  8Mbits to Cisco.com and 2 Mbits to the rest ?

Thanks in advance.
J.
0
 
LVL 16

Accepted Solution

by:
InteraX earned 2000 total points
ID: 33736537
The below is provided with the following disclaimer: This is a feature I have used very little and cannot guarantee it will not cause problems. Reading the documentation this is correct to my understanding. Proceed at your own risk.

I would just look at setting up the 2Mbps to the rest. Then the website can have 8Mbps or more if available.

1. Create an ACL to identify the traffic you are interested in.
2. Associate that with a class map
3. Create a policy map (you may already have one)
4. Associate the policy with an interface

access-list Non_Web_Trafic extended deny any <website you want to exclude>
access-list Non_Web_Trafic extended permit any any
class-map Limit_Bandwidth
 match access-list Non_Web_Trafic
policy map QoS
 class Limit_Bandwidth
  police output 2097152
  police input 2097152
service-policy QoS interface outside
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question