MichaelBalack
asked on
How to use traffic shaping to reserve more bandwidth for one application on firewall?
This is using Fortigate 80c firewall. The firmware version is v4.0 mr2 patch 4. Basically, 2 main interfaces are Internal (or switch) and WAN 1 (untrusted). There are few policies configured to govern the inbound traffic to and outbound internet surfing. For inbound traffic, few port-forwarding policies in place to allow Internet users to access company web server, CCTV, and others. For outbound traffic, 1 policy was configured to allow Internal office network user to access Internet with common Internet protocol, such as, http, https, ftp, DNS, SMTP, POP3, and port 4443. Port 4443 is to allow users to open fortinet VPN client to connect to a Internet Fortinet VPN server, that listen at port 4443. All these allowed ports are defined in "Internet browsing protocols" as attached.
Now, a lot of users complained that Fortinet VPN server access is very slow. So management ask me that is there a way to "reserve" more bandwidth so as accessing to the server could becomes faster. I am thinking of using traffic-shaping, but, how should I do to achieve the objective? Shall I create one more policy and then apply a "high-priority" shaper? or else
Appreciate any help!
Now, a lot of users complained that Fortinet VPN server access is very slow. So management ask me that is there a way to "reserve" more bandwidth so as accessing to the server could becomes faster. I am thinking of using traffic-shaping, but, how should I do to achieve the objective? Shall I create one more policy and then apply a "high-priority" shaper? or else
Appreciate any help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Myramu for the article. The traffic shaping works perfectly.
Thank you
ASKER