[UPDATE 1] My attempt in configuring Application Control Traffic Shaping for Zoom Meetings in Fortigate 201F Firewall

Subject: [UPDATE 1] My attempt in configuring Application Control Traffic Shaping for Zoom Meetings in Fortigate 201F Firewall


Good day from Singapore,


Today 18 June 2021 Friday, our client wanted to prioritise the network traffic for Zoom meetings. They wanted no lag or latency for their Zoom video conferences. I proceeded to configure application control traffic shaping for Zoom meetings in their Fortigate 201F firewall. Fortigate firewall appliances are based on Linux.


These are the reference guides which I have followed:


[1] Configuring application control traffic shaping

Link: https://docs.fortinet.com/document/fortigate/6.0.0/handbook/204835/configuring-application-control-traffic-shaping#Applicat


[2] Application control shaping

Link: https://www.fortinetguru.com/2016/12/application-control-shaping/


[3] Traffic shaping for video calling

Link: https://forum.fortinet.com/tm.aspx?m=130650


[4] Traffic shaping

Link: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/297431/traffic-shaping


Now, login to Fortigate 201F firewall.


Turn on Traffic Shaping

=======================


Go to System > Feature Visibility. Under the section Additional Features, turn on Traffic Shaping.


Create New Traffic Shaper

=========================


Go to Policy & Objects > Traffic Shapers


Click "Create New"


Type: Shared

Name: Zoom Meeting


Under section "Quality of Service":


Traffic priority: High

Bandwidth unit: Mbps

Maximum bandwidth: 300 Mbps

Guaranteed bandwidth: 280 Mbps

DSCP: off


Click OK.


Please note that all the default traffic shapers are shared shapers.


Create New Traffic Shaping Policy

=================================


Go to Policy & Objects > Traffic Shaping Policy


Click "Create New"


Name: Zoom Meeting

Status: Enabled

Comments: leave empty


Under section "If Traffic Matches":


Source: all

Destination: all

Schedule: off

Service: ALL

Application: 

Zoom

Zoom_File.Download

Zoom_File.Upload

Zoom_Login

Zoom_Meeting

URL Category: Leave empty


Under section "Then":


Action: Apply Shaper

Outgoing interface: SD-WAN

Shared shaper: Zoom Meeting

Reverse shaper: Zoom Meeting

Per-IP shaper: off


Click OK.


Create/Edit Internet Access Policy

===================================


Go to Policy & Objects > IPv4 Policy


Click "Create New"


Name: Internet access

Incoming interface: lan

Outgoing interface: SD-WAN

Source: lan network

Destination: all

Schedule: always

Service: ALL

Action: ACCEPT

Inspection Mode: Flow-based


Under section "Firewall / Network Options":


NAT: Enabled

IP Pool Configuration: Use Outgoing Interface Address

Preserve Source Port: off

Protocol Options: PRX, default


Under section "Security Profiles":


AntiVirus: off

Web Filter: off

DNS Filter: off

Application Control: ON (APP, default profile)

SSL Inspection: SSL, certificate-inspection


Click OK.


Tags: QoS, Quality of Service, Traffic Shaping, Traffic Control


===END===


Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 19 June 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a System Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.





REFERENCES

==========


[1] https://marc.info/?l=lartc&m=162403549713474&w=2

Comments

Post a Comment

Popular posts from this blog

[24 Mar 2022 Thursday] Erectile Dysfunction and Viagra

Image
Subject: [24 Mar 2022 Thursday] Erectile Dysfunction and Viagra I have erectile dysfunction due to taking medications for mental illness (schizophrenia). Without Viagra, my penis is soft like jelly most of the time. There is no way I can penetrate a woman’s vagina due to erectile dysfunction. Today is the very 1st time I am taking Viagra. It allows my penis to remain hard and fully erected for 2 solid hours during sexual intercourse. Thanks Viagra! I can finally have sex! I am already 44 years old. What am I missing out in life?????? Do I still qualify to be a Japanese Adult Video (JAV) porn star actor???????? Link:  https://m.facebook.com/story.php?story_fbid=10158113552827735&id=646397734
Read more

Patching Linux Kernel 5.5.7 to Add Support for AUFS Filesystem

Subject of Hint: Patching Linux Kernel 5.5.7 to Add Support for AUFS Filesystem ORIGINAL AUTHOR: JIMMY ANDERSON ORIGINAL DATE: 2013-01-20 EDITED BY: TURRITOPSIS DOHRNII TEO EN MING, SINGAPORE EDIT DATE: 15 MAR 2020 SUNDAY MANDATORY PREREQUISITES ======================= You *MUST* follow the guide/hint here first (COMPULSORY): http://lists.linuxfromscratch.org/pipermail/hints/2020-March/003334.html HINT ==== To obtain the aufs5 kernel patches, do the following:   $ sudo apt install git #------------ Cut and Paste start cd $LFS/sources git clone git://github.com/sfjro/aufs5-standalone.git \ aufs5-standalone.git cd aufs5-standalone.git git checkout -b origin/aufs5.5 cp aufs5-*.patch .. rm -f include/uapi/linux/Kbuild tar cvfz $LFS/sources/aufs5.tar.gz Documentation fs include cd .. rm -rf aufs5-standalone.git #------------ Cut and Paste end Rebuilding your kernel ======================    Follow the instructions in the LFS/BLFS book and build your LF
Read more