asked on

Cisco asa 5520 limit traffic

Hi there,
We are having constant 10Mb outbound traffic , offsite backup.
It is between 1 particular internal IP address and 1 external IP address.
How can I limit that IP address to 1Mb ?
Internal or External one , does not matter. Whatever easier.
Thank you.

Pete Long

You need to throttle onie internla IP to 1 MB Ill assume it 192168.1.0

access-list throttle_me extended permit ip host 192.168.1.0 any
access-list throttle_me extended permit ip any host 192.168.1.0
!
class-map throttle-me
match access-list throttle_me
!
policy-map throttle-policy
class throttle-me
police output 10240 10240
police input 10240 10240
!
service-policy throttle-policy interface outside

PL

PCF IT

ASKER

I guess I need more informatuion on how to. Please see below

PDPFirewall> enable
Password: *************
PDPFirewall# access-list throttle_me extended permit ip host 10.32.6.50 any
^
ERROR: % Invalid input detected at '^' marker.
PDPFirewall#

PCF IT

ASKER

PDPFirewall# access-list throttle_me extended permit ip host 10.32.6.50 any
^

ASKER CERTIFIED SOLUTION

Pete Long

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

PCF IT

ASKER

That works.
The only question is as per another article:
http://slazyk.com/2009/08/bandwidth-policing-throttling-cisco-asa/

The IP address 1.1.1.1 represents a public address that is statically mapped to a private address behind a sub-interface on ASA.

So should I use local IP or external IP of another party?

Thank you.

Pete Long

post 8.3 use the translated address m8 - I wrote it up yesteday

Cisco ASA 5500 - Throttling (Rate Limiting) Traffic

Pete