Solved

Repeat of Watchguard XTM User Broadband Restriction. How to?

Posted on 2011-09-19
6
923 Views
Last Modified: 2013-11-16
The original answer to this question does not provide an answer. It shows the user guide steps of how to restrict/guarantee minimum and maximum bandwidth on an interface. BUT, How do you prevent one (1) user from using up the interface's assigned bandwidth? That is the question. The closest I find in the guide is QOS settings but it is not clear how this marking of packets actually work and appears to be interface assigned and NOT user defining. I still have some user that is sucking down the assigned broadband of the Outgoing interface, regardless of what that is. How do I either prevent this or balance the connection load at any given time? It appears that with Watchguard, one cannot take a single interface and restrict a single user from hogging the assigned broadband. If I find an answer, I will post. Thanks to all.
0
Comment
Question by:chappydean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36562939
The easiest way if it is just one user, would be to have static IP / MAC binding for the user and have a HTTP(?) policy for that user with the lowest bandwith possible.

0
 
LVL 9

Expert Comment

by:Brian
ID: 36574656
Depending on your type of user authentication (Active Directory, RADIUS, Etc..), you could also link that to the WatchGuard and then have an ANY Policy (or just HTTP or FTP, etc)  for each user. If you setup Single Sign On with the WatchGuard, it would then limit the user no matter where they log in automatically.
0
 

Author Comment

by:chappydean
ID: 36595239
Thanks. I had considered that a static IP could be limited. Unforunately, I am using DHCP. Static IP's apparently is the only way to go. Learned this lesson.
I can see the IP addresses of those that are loading at the time wich are subject to change depending on logon time. I may just start limiting blocks of IP addresses are contacting each user and set up their static IP.

The second suggestion bears looking into as I do use active directory. I am not familiar with Single Sign On with Watchguard. Will review the User Guide.

Thanks again.
0
 
LVL 9

Accepted Solution

by:
Brian earned 500 total points
ID: 36599730
Here are two links that you can read about the WatchGuard Single Sign On and Traffic Management.

Single Sign On: http://www.watchguard.com/help/docs/webui/11/en-US/index_Left.html#CSHID=en-US%2Fauthentication%2Fsso_about_c.html|StartTopic=Content%2Fen-US%2Fauthentication%2Fsso_about_c.html|SkinName=Web UI (en-US)

Traffic Management: http://www.watchguard.com/help/docs/webui/11/en-US/index_Left.html#CSHID=en-US%2Fqos_trafficmanagement%2Ftraffic_mgmt_actions_define_c.html|StartTopic=Content%2Fen-US%2Fqos_trafficmanagement%2Ftraffic_mgmt_actions_define_c.html|SkinName=Web UI (en-US)

The See Also at the bottom of both articles can be helpful for background and further reading.

The solution I would implement is define a Traffic Management action for each user, setup single sign on with Active Directory, and then create a policy for each user and set the Traffic Management rule to that policy.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question