I have ASA 5505 which is running Site to Site VPN and i use One Mbps Internet Connection. My question is " can i set fixed bandwidth for VPN and others for internet usage ??? "
With a class-map to identify the VPN traffic, and a policy-map to police it down to the rate you want, (outbound on each side), you could control the volume of VPN traffic right at the ASAs.
Thanks Keith... can u share more information on this ..
Here is the concept:
Identify the traffic with a class-map.
match access-list vpn-ACL
Have a policy map call upon the class map, for identifying the traffic, and then apply the policing.
police output 256000
This would then be applied with a service-policy.
There is an example here.
Excuse my ignorance of all things security. On routers we police incoming (TCP) traffic to stop flooding and shape outgoing. Is this the same on ASA or can you only police ?
On the ASA, regarding QoS, we can police inbound, police outbound, and prioritize outbound. The outbound prioritization uses LLQ as its only option.