[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Repeat of Watchguard XTM User Broadband Restriction. How to?

Posted on 2011-09-19
6
Medium Priority
?
937 Views
Last Modified: 2013-11-16
The original answer to this question does not provide an answer. It shows the user guide steps of how to restrict/guarantee minimum and maximum bandwidth on an interface. BUT, How do you prevent one (1) user from using up the interface's assigned bandwidth? That is the question. The closest I find in the guide is QOS settings but it is not clear how this marking of packets actually work and appears to be interface assigned and NOT user defining. I still have some user that is sucking down the assigned broadband of the Outgoing interface, regardless of what that is. How do I either prevent this or balance the connection load at any given time? It appears that with Watchguard, one cannot take a single interface and restrict a single user from hogging the assigned broadband. If I find an answer, I will post. Thanks to all.
0
Comment
Question by:chappydean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 36562939
The easiest way if it is just one user, would be to have static IP / MAC binding for the user and have a HTTP(?) policy for that user with the lowest bandwith possible.

0
 
LVL 9

Expert Comment

by:Brian
ID: 36574656
Depending on your type of user authentication (Active Directory, RADIUS, Etc..), you could also link that to the WatchGuard and then have an ANY Policy (or just HTTP or FTP, etc)  for each user. If you setup Single Sign On with the WatchGuard, it would then limit the user no matter where they log in automatically.
0
 

Author Comment

by:chappydean
ID: 36595239
Thanks. I had considered that a static IP could be limited. Unforunately, I am using DHCP. Static IP's apparently is the only way to go. Learned this lesson.
I can see the IP addresses of those that are loading at the time wich are subject to change depending on logon time. I may just start limiting blocks of IP addresses are contacting each user and set up their static IP.

The second suggestion bears looking into as I do use active directory. I am not familiar with Single Sign On with Watchguard. Will review the User Guide.

Thanks again.
0
 
LVL 9

Accepted Solution

by:
Brian earned 2000 total points
ID: 36599730
Here are two links that you can read about the WatchGuard Single Sign On and Traffic Management.

Single Sign On: http://www.watchguard.com/help/docs/webui/11/en-US/index_Left.html#CSHID=en-US%2Fauthentication%2Fsso_about_c.html|StartTopic=Content%2Fen-US%2Fauthentication%2Fsso_about_c.html|SkinName=Web UI (en-US)

Traffic Management: http://www.watchguard.com/help/docs/webui/11/en-US/index_Left.html#CSHID=en-US%2Fqos_trafficmanagement%2Ftraffic_mgmt_actions_define_c.html|StartTopic=Content%2Fen-US%2Fqos_trafficmanagement%2Ftraffic_mgmt_actions_define_c.html|SkinName=Web UI (en-US)

The See Also at the bottom of both articles can be helpful for background and further reading.

The solution I would implement is define a Traffic Management action for each user, setup single sign on with Active Directory, and then create a policy for each user and set the Traffic Management rule to that policy.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question