Solved

Cisco PIX 525 and traffic shaping / policy options

Posted on 2010-09-22
4
774 Views
Last Modified: 2012-06-22
Dear Expert,

I am using a Cisco Pix 525 ver 8.0.4 to access the internet from my company.
I need to give priority or to allow an amount of bandwidth to a specific website.

for exemple I have 10Mbits for the internet access, I need to reserve 8MBits for www.cisco.com and 2Mbits for the rest of the traffic.

How can I do this ?

Thx
Jérémy
0
Comment
Question by:martineit
  • 3
4 Comments
 
LVL 16

Expert Comment

by:InteraX
Comment Utility
What version of the OS are you running. This will require the QoS Modular Policy Framework feature that is only available in v7.0 and above. This will be a hard limit that cannot be expanded on, so you would have 8Mb exclusively for cisco.com and the 2Mb exlusively for everything else. If you want more flexible packet shaping, you will need to look at a packet shaping device.
0
 
LVL 16

Assisted Solution

by:InteraX
InteraX earned 500 total points
Comment Utility
Details of the Cisco PIX/ASA feature can be found at http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008084de0c.shtml

An overview of packet shaping devices etc can be found at http://www.processor.com/editorial/article.asp?article=articles%2Fp2816%2F07p16%2F07p16.asp. There is also the bluecoat packet shaper which used to go by the name packeteer. http://www.bluecoat.com/products/packetshaper
0
 
LVL 1

Author Comment

by:martineit
Comment Utility
Thanks for the information. I have IOS version 8.0.4.
so the QoS Modular Policy Framework should be available.

Could you give me the piece of code I should put in the configuration in order to allow  8Mbits to Cisco.com and 2 Mbits to the rest ?

Thanks in advance.
J.
0
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
Comment Utility
The below is provided with the following disclaimer: This is a feature I have used very little and cannot guarantee it will not cause problems. Reading the documentation this is correct to my understanding. Proceed at your own risk.

I would just look at setting up the 2Mbps to the rest. Then the website can have 8Mbps or more if available.

1. Create an ACL to identify the traffic you are interested in.
2. Associate that with a class map
3. Create a policy map (you may already have one)
4. Associate the policy with an interface

access-list Non_Web_Trafic extended deny any <website you want to exclude>
access-list Non_Web_Trafic extended permit any any
class-map Limit_Bandwidth
 match access-list Non_Web_Trafic
policy map QoS
 class Limit_Bandwidth
  police output 2097152
  police input 2097152
service-policy QoS interface outside
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
This is about downgrading PIX Version 8.0(4) & ASDM 6.1(5) to PIX 7.2(4) and ASDM 5.2(4) but with only 64MB RAM and 16MB flash. Background: You have a Cisco Pix 515E which was running on PIX 7.2(4) and its supporting ASDM 5.2(4) without any i…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now