What’s new in FortiOS Version 4.0 MR1 Traffic shaping enhancements
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 77
http://docs.fortinet.com/ • Feedback
<LDAPgroupstring> is an LDAP Distinguished Name (DN) specifying the group, for
example CN=group1,CN=Users,DC=test,DC=com. You can specify multiple groups by
separating the group DNs with a semicolon (;).
When the FortiGate unit authenticates an LDAP user in the FortiGate user group, the
user’s group memberships on the LDAP server must match at least one of the groups
listed in the ldap-memberof keyword value.
Traffic shaping enhancements
FortiOS Version 4.0 MR1 introduces accounting, traffic quotas, and per-IP traffic shaping.
The existing traffic shaper is now called a shared traffic shaper.
Shared traffic shaping
The traffic shaper is renamed to Shared Traffic Shaper. Go to Firewall > Traffic Shaper >
Shared. Traffic shaping options are unchanged from the previous version, but accounting
and traffic quota options have been added. See “Accounting and quota enforcement”,
below.
Per-IP traffic shaping
In FortiOS 4.0 MR1, you can configure traffic shaping that is applied per IP address,
instead of per policy or per shaper. As with the shared traffic shaper, you select the per-IP
traffic shaper in firewall policies.
To configure a per-IP traffic shaper - web-based manager
1 Go to Firewall > Traffic Shaper > Per-IP.
2 Enter the following information and then select OK.
Figure 6: Configuring a per-IP traffic shaper
Name Enter a name for the traffic shaper.
Maximum Bandwidth Select the check box and enter the maximum allowed bandwidth in
Kbps. This limit applies to each IP address. Range 1 to
2 097 000. Enter 0 to disable bandwidth limit.
Quotas and Accounting See “Accounting and quota enforcement”, below.
IP List
IP/Range An IP address or range of addresses that this shaper controls.
To Next Page
Loading...
Need help?
General