Per User Bandwidth Management for Wireless Networks

Hidden Attribute

Well-Known Member
Joined
Feb 27, 2013
Messages
142
Good evening everyone.

Can anyone please enlighten me as to how one can manage bandwidth allocation on a per user bases for wireless clients? Example: user A is limited up to 1Mbps, user B is limited to 2Mbps, and user C is limited to 512Kbps?

Limiting protocols on the network in general via QoS is straight-forward, it's the per user aspect that I need additional information on.



Thanks.
 

Hidden Attribute

Well-Known Member
Joined
Feb 27, 2013
Messages
142
What device?
No specific device - I was hoping this may be possible via ISA server, or Smoothwall, which would allow central control over each user/ user account, but clearly it doesn't. If it must be done on the device and device only, it would probably be running DD-WRT. Unless you have an alternate recommendation/ solution?
 

paul5186

Expert Member
Joined
May 21, 2007
Messages
1,271
You should be able to limit bandwidth on a mac address level, or if you are running static leases. Not sure on ISA or smoothwall. But I can do this from my Mikrotik or Ubiquiti Unifi.
 

Hidden Attribute

Well-Known Member
Joined
Feb 27, 2013
Messages
142
Can do this using Kerio Control. Not free though.
This is perfect! It can integrate with AD, or you can create users and groups on the OS itself, and manage it from there. Does anyone know of a free solution that can perform this?
 

Hidden Attribute

Well-Known Member
Joined
Feb 27, 2013
Messages
142
You should be able to limit bandwidth on a mac address level, or if you are running static leases. Not sure on ISA or smoothwall. But I can do this from my Mikrotik or Ubiquiti Unifi.
Mikrotik and Ubiquiti have some great solutions, but the issue with MAC and static IP based shaping policies is that it requires little to no skill to work around it. If a user knows for example, that IPs 192.168.0.1 - 192.168.0.100 are 1Mpbs, and IPs 192.168.0.101 - 192.168.0.200 are configured for 2Mbps, the user can easily just configure his/ her own static IP address to obtain the higher speeds. Also, as we know, MAC address spoofing is also extremely easy to perform, although it might take a bit more time to figure it out than simply specifying a static IP.
 

DrJohnZoidberg

Honorary Master
Joined
Jul 24, 2006
Messages
21,537
Also look at pfSense, you can add rate limiting per IP as well as having it on a schedule. If you want to have more control you can also install squid which does integrate with AD.
 
Top