Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Speed Limit from Client Devices to WAN interface is not working

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 85 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      Cloufish
      last edited by Cloufish

      Hi Team

      I'm struggling with setting up a simple speed limit with the schedule to WAN
      I want to limit my internet bandwidth at certain hours

      I have this rule at the top, so it should always apply, right?
      There's also another Default rule to allow traffic at the bottom

      b948afa4-cfda-402e-a21d-46073eb22cd3-image.png

      01672def-8f2e-4932-ac93-787adb0869da-image.png

      You can see right away, that there are no states in the first rule

      I have an alias defined:
      7c5a8bed-0a6a-4b15-80ff-7b516cdad7c9-image.png

      And a schedule:
      4cd8087a-8dc1-4eff-91c2-9a8b79c34393-image.png

      I have the limiters set in this firewall rule
      a60775e1-4b1f-401b-b0a5-e35195c8a0de-image.png

      And I also have limiters defined I think in a good way

      5f79126b-29b7-4114-82c7-e1ea78ffd90b-image.png

      9b607629-97c5-418a-ac64-d9e9e413d587-image.png
      daacc626-8d7c-4464-b7ea-3f60ffdf6102-image.png
      3fe7134a-48c6-4007-87d7-0767b1fe3daa-image.png
      9fae4182-5958-417f-a113-2457e3be2ad1-image.png
      d4fe738c-066d-45a9-8eb5-e15133d3c622-image.png

      C 1 Reply Last reply Reply Quote 0
      • C Offline
        Cloufish @Cloufish
        last edited by

        I've added Inverse Alias Matching Default Allow LAN
        And it works

        I still don't understand because:

        • If it was an issue with Client Devices not requesting WAN Traffic, then I wouldn't need to inverse match on Default Allow LAN

        There's probably a network protocol through which traffic went? I'm really a newbie in Networking...

        2ddeff0a-1c09-4b1d-a5ce-57c01ab94f23-image.png

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ Online
          johnpoz LAYER 8 Global Moderator @Cloufish
          last edited by

          @Cloufish there is a difference between traffic that would go out your wan interface to get somewhere, and wan address as your destination. It would rare that a client would actually ever try to go to your specific wan address.

          Your wan address is just that the IP address on your wan interface, say 1.2.3.4 if public. your wan net is just the network 1.2.3.0/24 that your wan is on.. Some client to go to an Ip on the internet say 5.6.7.8 or 8.8.8.8 would never have your wan address or wan network as the destination. The destination would be those 5.6.7.8 or 8.8.8.8 Ips

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.