Forum Discussion

ppltam_183867's avatar
Dec 19, 2016

Bandwidth Control within VPN tunnel

ear DevCentral,

 

Our company are using an APM to act as the VPN gateway to allow VPN client using apple IOS device to access the internal resource such as windows server and corresponding service. Meanwhile, the VPN client can access the Internet throught the VPN tunnel through the proxy server at the end of our internal network with no split tunnel is allowed.

 

Our question is we would like to see if it is possible to allow the APM to separate the VPN tunnel traffic such that if the traffic is going to the Internal servers it will route to a particular virtual server. If the traffic is going to the internet, it will then route to another virtual server or a LTM device sitting on the same network. The reason for this is that we would like to implement bandwidth control or traffic shaping "ONLY" for those tunnel traffic that is heading to the internet within the VPN tunnel.

 

Highly appreciate your great help in advance

 

Regards Patrick

 

1 Reply

  • This is the Client Traffic Classifier.

    Despite the documentation, it controls upload traffic only.

    So basically its useless. Not a bug, its always been this way. So why does it even have an option for source address in the classifier? No idea.

     

    Ask support about ID873017.

     

    In theory, you can do something with bandwidth controllers, with irules to set it up on the start of the tunnel traffic. It looks like a lot of work and I don't have example code.

    --John