My network looks as follows:
10Mbps Internet Circuit>>Cisco 2821 Router>>Cisco ASA5510>>Cisco 4506 Switch
In the past when a user was downloading something from the internet, that user could essentially take up all the bandwidth. This was a problem because a lot of my internal users use RDP over a site-to-site VPN I have configured on the ASA, and when a user was downloading a large file using all the bandwidth, these users performance would suffer. So for web traffic I implemented the following policy on my Cisco 2821 Router
class match-any web
match protocol http
interface fa0/0 (WAN INTERFACE)
service-policy input http
This made sure that web traffic only uses 5Mbps. Now, this is great for my users who use RDP over VPN as they have enough bandwidth now to do their job, but for web users, especially my boss, is still not happy. If a user is downloading a file, that one users could essentially take up most of the 5Mbps allotted for web traffic, so if my boss is surfing the net, its slow to him. Of course if we don't have any downloads going on, I have no complaints on web speed. Large downloads of files happen often at this office daily. I am trying to think of a creative way to make the boss happy. Is there a way, for example, to possibly always have 1Mbps at his disposal? The traffic policing is done on the WAN connection, so I'm not sure how I would ensure he always had at least 1Mbps at his disposal, or even if its possible. Any thoughts?