Create a Post
Showing results for 
Search instead for 
Did you mean: 

Application rule with bandwidth limiting not applied


So we've got issue with our Application rules, more specifically the bandwidth limiting feature. The later seems not to be applied on the traffic.

For instance we have this rule that should limit Apple Software Updates for some users within our organization :



Whoever, even though we see the traffic matches the rule (seen in logs), the BW limit doesn't work : a single user/IP can download like 15Gb of data in 15 minutes. We were able to notice that that's to our network monitoring solution.

We've tried to debug this using fw ctl zdebug +drop | grep APPI_LIMIT and fw ctl zdebug -m APPI all > dbg.txt, as discussed here, but nothing shows up. 

Are we missing something ? How can we make sure the limit applies here ?


Another case, still related to application rules, is for Youtube traffic that is not recognized as such. The rule we have : 



And a log that shows traffic to Youtube (monitoring shows also about 15Gb BW usage in 15 minutes), but not recognized, even though the Application & URL Filtering updates are done correctly :



For this one, how can we make sure the traffic is recognized as it should ?

Thanks in advance for your help, these issues with BW limiting are impacting one of our offices.



1 Reply

What precise version/JHF level?
Note that unless you are running R80.40, you will probably need HTTPS Inspection enabled to properly differentiate YouTube from Google due to usage of SNI.
For the bandwidth limit not working, a TAC case is probably in order.