Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 294
  • Last Modified:

Cisco asa 5520 limit traffic

Hi there,
We are having constant 10Mb outbound traffic , offsite backup.
It is between 1 particular internal IP address and 1 external IP address.
How can I limit that IP address to 1Mb ?
Internal or External one , does not matter. Whatever easier.
Thank you.
0
D_Batona
Asked:
D_Batona
  • 3
  • 3
1 Solution
 
Pete LongConsultantCommented:
You need to throttle onie internla IP to 1 MB Ill assume it 192168.1.0

access-list throttle_me extended permit ip host 192.168.1.0 any
access-list throttle_me extended permit ip any host 192.168.1.0
!
class-map throttle-me
match access-list throttle_me
!
policy-map throttle-policy
class throttle-me
police output  10240 10240
police input 10240 10240
!
service-policy throttle-policy interface outside


PL
0
 
D_BatonaAuthor Commented:
I guess I need more informatuion on how to. Please see below


PDPFirewall> enable
Password: *************
PDPFirewall# access-list throttle_me extended permit ip host 10.32.6.50 any
               ^
ERROR: % Invalid input detected at '^' marker.
PDPFirewall#
0
 
D_BatonaAuthor Commented:
PDPFirewall# access-list throttle_me extended permit ip host 10.32.6.50 any
                             ^
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
Pete LongConsultantCommented:
go to configure terminal mode first

PDPFirewall> enable
Password: *************
PDPFirewall# configure terminal
PDPFirewall(conf)#
0
 
D_BatonaAuthor Commented:
That works.
The only question is as per another article:
http://slazyk.com/2009/08/bandwidth-policing-throttling-cisco-asa/

The IP address 1.1.1.1 represents a public address that is statically mapped to a private address behind a sub-interface on ASA.


So should I use local IP or external IP  of another party?

Thank you.
0
 
Pete LongConsultantCommented:
post 8.3 use the translated address m8 - I wrote it up yesteday

Cisco ASA 5500 - Throttling (Rate Limiting) Traffic

Pete
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now