FortiGate Traffic Shaping Configuration
Traffic shaping is a method of optimizing network traffic by prioritizing different types of traffic according to their importance. FortiGate firewall offers a traffic shaping feature that can be used to prioritize traffic, limit bandwidth usage, and control network congestion. In this blog post, we’ll discuss how to configure traffic shaping on FortiGate firewall.
1. Log in to the FortiGate Web Interface:
- Open a web browser and enter the IP address of your FortiGate firewall.
- Log in with the appropriate credentials.
2. Define Traffic Shaping Policy:
- Navigate to the “Policy & Objects” tab.
- Click on “Traffic Shaper” to access the Traffic Shaping policies.
3. Create a New Traffic Shaping Policy:
- Click the “+ Create New” button to create a new policy.
- Give your policy a name and optionally add a comment for reference.
4. Set Traffic Shaping Parameters:
- In the “Guaranteed Bandwidth” section, specify the minimum guaranteed bandwidth (in Kbps or Mbps) for the traffic you want to shape. This is the minimum speed that will be allocated to the traffic matching this policy.
- In the “Maximum Bandwidth” section, set the maximum bandwidth (in Kbps or Mbps) that the traffic can use.
- You can also configure a burst rate and burst time if needed. Burst rate allows traffic to exceed the defined limits for a short period if there’s available bandwidth.
5. Define Traffic Matching Criteria:
- In the “Matching Criteria” section, specify the criteria for matching traffic to this policy. You can configure this based on source and destination IP addresses, ports, services, etc.
- Click the “+” icon to add multiple conditions if necessary.
6. Enable the Policy:
- In the “Actions” section, set the action to “Apply Shaper” to enable traffic shaping for the matched traffic.
- Click “OK” to save the policy.
7. Apply Traffic Shaping Policy to Firewall Policy:
- After creating the traffic shaping policy, you need to apply it to a firewall policy.
- Go to the “Policy & Objects” tab and click on “Firewall Policy.”
- Edit an existing policy or create a new one, and in the “Traffic Shaping” section, select the traffic shaping policy you created earlier from the dropdown menu.
8. Monitor Traffic Shaping:
- You can monitor the traffic shaping policies in action by going to the “Monitor” tab and selecting “Traffic Shaping Monitor.” Here, you can see statistics and real-time information on the traffic matching your policies.
9. Test and Fine-Tune:
- After configuring traffic shaping, it’s essential to monitor network performance and adjust policies as needed to ensure your network operates efficiently and as intended.
10. Save and Apply Changes:
- Don’t forget to save your changes and apply the configuration for it to take effect.
Remember that traffic shaping should be used judiciously, as improper configuration can negatively impact network performance. It’s essential to understand your network’s traffic patterns and prioritize traffic accordingly to achieve your desired outcomes with traffic shaping on a FortiGate firewall.