USG5000 limit the FTP client download and upload speed.

Publication Date:  2012-11-09 Views:  234 Downloads:  0
Issue Description
USG5000,version:V100R001C01B021
Networking:            
FTP client --------------USG5000------------ FTPServer
the client want to limit the download and upload speed
Note:FTP client IP:192.168.1.220
FTP client connect to USG5000 trust domain  
Alarm Information
none
Handling Process
USG configuration:
[USG5350]firewall statistic system enable (enable FW system statistic function)
[USG5350]firewall car-class 1 50000 (ip bandwidth class configuration, use 1,bandwidth 50000bps)
[USG5350]acl number 2000
[USG5350-acl-basic-2000]rule 0 permit source 192.168.1.220 0(1)configure the basic ACL,the IP bandwidth rule command will connect the ACL)
[USG5350]acl number 3000
[USG5350-acl-adv-3000]rule 0 permit tcp source 192.168.1.220 0 destination-port eq ftp(the function of advanced acl is point to limit which flow)
[USG5350]firewall zone trust
[USG5350-zone-trust]statistic enable ip inzone
[USG5350-zone-trust]statistic enable ip outzone(enable inzone and outzone statistic function)
[USG5350-zone-trust]statistic car ip inbound 1 acl-number 2000
[USG5350-zone-trust]statistic car ip outbound 1 acl-number 2000(use basic acl to band ip bandwidth configuration)
[USG5350-zone-trust]statistic ip-stat inbound acl-number 3000
[USG5350-zone-trust]statistic ip-stat outbound acl-number 3000(use advanced acl to point the limit flow)
Root Cause
none
Suggestions
Through the above configuration can realize the bandwidth limit of FTP download and upload to the server launched by the client, two-way flow is 50000 bps. Pay attention that the server connection is launched by the client, if the client connection launched by server don’t be limited of the above configuration.

END