• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 396
  • Last Modified:

QOS or ACL on a guest vlan

I have a guest wireless vlan 103 on my network and i want to limit them to 20 meg max. I need a complete Qos or access list to get this done.  I am not sure which will do the trick whichever is easiest  will suffice.

version 12.2 se3 3750G 48port
0
cj_cb
Asked:
cj_cb
  • 5
  • 3
  • 2
  • +1
1 Solution
 
Ken BooneNetwork ConsultantCommented:
How is this guest vlan setup?  Where is the layer 3 gateway  for this vlan? On the AP, layer 3 switch or firewall?  Depending on where and how its setup can drive the different options we have to deal with this.
0
 
cj_cbAuthor Commented:
great question the vlan is setup on the switch

thanks CJ
0
 
Bryant SchaperCommented:
is this 20mbps total or per client, can we just limit the interface?
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
cj_cbAuthor Commented:
again great question 20mb total.
0
 
Ken BooneNetwork ConsultantCommented:
ok so let me be more specific.  Obviously the vlan is set up on the switch.. Where is the layer 3 interface for the vlan that all of this traffic will have to pass through in order to get to the internet?
0
 
cj_cbAuthor Commented:
on the same switch, it handles all layer 3 traffic.
0
 
Ken BooneNetwork ConsultantCommented:
Okay so the layer 3 interface is on the switch, what kind of firewall are you using?
0
 
cj_cbAuthor Commented:
its an ASA 5505
0
 
AkinsdNetwork AdministratorCommented:
You need a combination of both

NOTE!
The IOS version of your software may determine which commands you have available to you

Here is a simple configuration
Identify the traffic you want to monitor by an ACL
eg
GUEST VLAN 50 = 10.85.50.0 /24

Switch(config)#ip access-list standard BW<20Mb-ACL
Switch(config-std-nacl)#permit 10.85.50.0 0.0.0.255


Then Configure QoS

- Create a class map
Switch(config)#class-map BW<20Mb-CM
Switch(config-cmap)#match access-group name BW<20Mb-ACL


- Create a policy map
Switch(config)#policy-map BW<20Mb-PM
Switch(config-pmap)#class BW<20Mb-CM
Switch(config-pmap-c)#police 20000000 conform-action transmit exceed-action drop


- Apply the policy to the interface
Switch(config)#interface vlan 50
Switch(config-if)#service-policy output BW<20Mb-PM


Here is a simple step by step video
https://www.youtube.com/watch?v=axd1YqKJMy8

If you want more detail info on QoS, watch the video below
https://www.youtube.com/watch?v=aHySjaG6uvw
0
 
cj_cbAuthor Commented:
this is great thanks for the help
0
 
AkinsdNetwork AdministratorCommented:
You're welcome
All the best
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now