ASA防火墙限速

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ASA防火墙限速相关的知识,希望对你有一定的参考价值。

目的:对192.168.57.0段用户限速30M(即下载速度30/8,上传同),192.168.57.1和192.168.57.127除外


access-list rate-limiting extended deny ip any  192.168.57.1 255.255.255.255

access-list rate-limiting extended deny ip 192.168.57.1 255.255.255.255 any

access-list rate-limiting extended deny ip any  192.168.57.127 255.255.255.255

access-list rate-limiting extended deny ip 192.168.57.127 255.255.255.255 any

access-list rate-limiting extended permit ip 192.168.57.0 255.255.255.0 any 

access-list rate-limiting extended permit ip any  192.168.57.0 255.255.255.0


class-map rate-limiting

match access-list rate-limiting

policy-map xs10m

class rate-limiting

police input 30000000

police output 30000000

!


service-policy xs10m interface inside  //应用在inside口。在outside应用时不生效,因nat的应用,使得内外网IP不是一一对应,不法正常限制。


以上是关于ASA防火墙限速的主要内容,如果未能解决你的问题,请参考以下文章

浅谈Cisco ASA的基础

思科防火墙asa5505路由配置

cisco asa防火墙关机命令是啥

cisco asa5520 防火墙如何配置路由,希望大虾帮忙!

ASA防火墙的日志管理

求cisco 思科ASA5505 中文使用说明书