To connect traffic shaping settings with the forwarding firewall ruleset, you must apply an existing or new QoS band. To configure a new QoS band, proceed as follows:
Step 1. Create a QoS Band
To create a new QoS band, complete the following steps:
- Go to CONFIGURATION > Configuration Tree > Box > Traffic Shaping.
- Click Lock.
- Click the QoS Band tab.
- Right-click the QoS Band table and select Add new QoS Band.
- In the Name field, enter a descriptive name. (The ID field specifies the index number of the new QoS band.)
- Click OK.
In the QoS Band Rule window, you can edit the following settings to specify the priority, interface, and conditions for traffic that is handled by the QoS band:
Setting Description Priority From this list, select the priority class that is assigned to data packets that are handled by the QoS band.
Virtual Device From this list, select the virtual interface into which the data packets will be fed, should this rule apply. ToS To specify a value that must be matched by the TOS in the IP header, select this check box. Traffic Limit To specify a data limit that must not be exceeded by network sessions, select this check box. Time Period To specify specific dates and times during which this rule can be applied, select this check box. Weekday/Hour To specify specific weekdays and times during which this rule can be applied, select this check box. - Click OK.
- Click Send Changes and Activate.
Example Scenario
Step 2. Apply the QoS Band to a Firewall Rule
To apply traffic shaping to an access or application rule, complete the following steps:
- Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > Firewall > Forwarding Rules.
- Click Lock.
- Create or double-click the access or application rule to which you are applying the QoS band. For example, LAN-2-INTERNET-https.
- To apply the QoS band to an access rule:
Select the QoS band from the QoS Band (Fwd) and QoS Band (Reply) list in the Policy section. For example, Background.
- To apply the QoS band to an application rule:
Select the Change QoS Band (Fwd) check box in the Policy section and select the QoS band from the list.
- To apply the QoS band to an access rule:
- Click OK.
- Click Send Changes and Activate.
You can also apply traffic shaping settings to multiple rules. In the rule editor window for the rules, specify the following settings:
- In the Rule Settings section, configure the Forward Band and Reverse Band settings.
- In the TCP Policy section, configure the Syn Flood Protection setting.
For more information, see How to Edit, Copy, Clone, Deactivate, or Delete Access Rules.
Applying Traffic Shaping to VPN Tunnels
You can implement traffic shaping with VPN. For more information, see How to Apply Traffic Shaping to a VPN Tunnel.