The Lazy Networker

Tag: firewall

  • How to set a bandwidth restriction per individual user on Sophos Firewall (SFOS v19.5 or v20.x)

    Goal:

    Limit each user to:

    • Download: 2 Mbps
    • Upload: 512 Kbps

    (You can change numbers as needed.)

    🛠 Step-by-step

    Step 1: Create Traffic Shaping Policy

    1. Log in to Sophos Firewall web admin (https://<firewall-ip>:4444)
    2. Go to:
      Protect > Traffic Shaping
    3. Click Add
    4. Fill like this:
      | Field | Example |
      |——|———|
      | Name | Limit_2Mbps_per_user |
      | Policy Association | User |
      | Rule type | Individual |
      | Priority | 5 (lower is higher priority) |
      | Bandwidth usage type | Limit |
      | Guaranteed bandwidth | (leave empty) |
      | Maximum bandwidth (download) | 2048 Kbps |
      | Maximum bandwidth (upload) | 512 Kbps |

    Save

    Step 2: Apply to individual users

    1. Go to:
      Authentication > Users
    2. Click on the user you want to limit
    3. Under Traffic shaping policy, choose:
      Limit_2Mbps_per_user
    4. Save

    Repeat for each user you want to limit.

    Step 3: Confirm the firewall rule matches

    Bandwidth limit only applies to traffic that matches a firewall rule.

    1. Go to:
      Rules and Policies > Firewall Rules
    2. Confirm you have a rule like:
    • Source zone: LAN
    • Destination zone: WAN
    • User/Network: Any or specific users
    1. If you already have a firewall rule for internet access, you don’t need to change it.
    2. If you want to create a dedicated rule:
    • Click Add Firewall Rule > New User/Network Rule
    • Source zone: LAN
    • Destination zone: WAN
    • Source network: users you want to limit
    • Apply as needed

    Step 4: Test & Monitor

    Go to:
    Monitor & Analyze > Current Activities > Live Users

    Watch the bandwidth column to see usage stays around your limit.

    You can also see under:

    • Monitor & Analyze > Current Activities > Live Connections

    📝 Sample Traffic Shaping Policy Screenshot (for reference)

    NameLimit_2Mbps_per_user
    Policy associationUser
    Rule typeIndividual
    Priority5
    Guaranteed download(leave empty)
    Guaranteed upload(leave empty)
    Max download2048 Kbps
    Max upload512 Kbps

    Summary

    • Create a User-based, Individual traffic shaping policy
    • Apply it to each user under Authentication > Users
    • Make sure there’s a firewall rule that matches those users’ traffic
  • Deleting a Stuck Deployment Notification in Cisco FMC

    Deleting a Stuck Deployment Notification in Cisco FMC

    Its frustrating it can be when a Cisco Firepower Threat Defense (FTD) deployment gets stuck and keeps showing up in notifications. Let’s sort it out this issue:

    1. Deleting a Stuck Deployment Notification:
      • To remove a stuck deployment notification, follow these steps:
        1. Log in to the Firepower Management Center (FMC).
    2. Switch to the root user:
      • expert
      • sudo su –
    3. Use the OmniQuery.pl tool to query the database and find the running tasks:
      • OmniQuery.pl -db mdb -e “select status, category, hex(uuid), body from notification;” | grep ” \ 7\ “
    4. Identify the UUID of the running task.
    5. Delete the deployment notification using one of the following commands:
      • OmniQuery.pl -db mdb -e “delete from notification where uuid=unhex(‘YOUR_UUID_HERE’);”
    6. The notification should clear out after a 5-minute health check or can be manually cleared from the Health