FortiGate Cookbook - Traffic Shaping Limiting Bandwidth (5.6)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video you'll learn how to configure traffic shaping on your FortiGate to limit the bandwidth first specific IP address when a particular IP address on your network is using too many resources you can prevent the device with that IP from consuming your bandwidth indiscriminately this video will explain how to configure traffic shaping to set a maximum bandwidth limit for uploads and/or downloads to 200 kilobits per second note that it's only when the traffic on the policy exceeds your set bandwidth that traffic shaping takes effect traffic shaping also requires that certain traffic be set to different priority levels go to system feature select and under additional features enable traffic shaping your changes go to policy and objects addresses to the address you would like to limit select create new and select address from the drop down menu enter the name limited bandwidth set typed to the IP net mask and subnet IP range to the internal IP you wish to limit last please that interface to any and make sure it will show up in the address list next go to policy and objects traffic shapers to create a new traffic shaper profile select create new and set type to shared a shared shaper effects upload speeds whereas pry Pichet purrs affect both upload and download speeds in this example you could just as easily use a per IP shaper but using a shared shaper gives you more options shared shapers allow you to distribute a set amount of bandwidth to be shared by all policies using the shaper name the policy limited bandwidth set traffic priority to medium set the max bandwidth to 200 kilobits per second if you would like to set a guaranteed bandwidth make sure that it's lower than your configured max bandwidth apply your changes by default shared Schafer's apply shaping by evenly distributing the bandwidth to all policies using you can also enable per policy shaping to apply shaping individually to each policy right-click your new limited bandwidth shaper and select edit and CLI from the drop down menu enter the following command set per policy enable end now that per policy shaping is enabled edit your limited bandwidth shaper and set apply shaper to per policy now all policies using the shaper will get 200 kilobits per second each next go to policy and objects ipv4 policy and take a look at your general internet access policy take note of the incoming interface outgoing interface source and destination if necessary edit your policy and ensure that logging options is set to all sessions for testing purposes go to policy and objects traffic shaping policy and select create new to create a shaping policy that will set regular traffic to high priority under matching criteria set source destination service to match your internet access policy under apply shaper set the outgoing interface to match your internet access policy and enable shared shaper and reverse shaper shared shapers effect upload speeds and reverse shapers effect download speeds set both shapers to high-priority apply your changes and select create new to create a second traffic shaping policy that will affect the IP address we wish to limit under matching criteria set source to limited bandwidth set destination and service to all apply the Schaefer to the same outgoing interface enable shared shaper and reverse shaper and set both shapers to limited bandwidth apply your changes order your traffic shaping policies so that your more granular limited bandwidth policy is above your general high priority internet access policy the more restrictive policies should always be placed at the top of the list priority should be set with application control shapers of the very top shared shapers next and IP shapers last when a computer with the IP you've specified browses the internet from your internal network its bandwidth will be restricted by the amount we set in your Schaefer go to policy and objects traffic shapers to see which shapers are active next go to 40 view sources and filter by the IP is the device you have set to limited bandwidth you can also go to 40 view traffic shaping for more details you can see that users on the local network are prioritized over the IP address of the device you've limited you can also change the graph type to see the results in a bubble chart simply double click on either shaper to see more granular information and select the destinations tab to see which websites are using up the most bandwidth we're watching for more tutorials like this one subscribe to our channel or view the text version here

Info

Channel: Fortinet

Views: 107,828

Rating: undefined out of 5

Keywords: Fortinet, FortiGate, 5.6, network, cookbook, security, firewall, traffic shaping, IP address, traffic shaping policy, bandwidth consuming, Cybersecurity, Network Security, Fortinet Tutorial, Fortinet Demo, FortiGate 5.6, Cookbook, FortiGate Cookbook, bandwidth limiter

Id: IZ_ocOJZqbk

Channel Id: undefined

Length: 6min 7sec (367 seconds)

Published: Wed May 24 2017