thx for update. i already set the policy that u suggest. but the cpu still goes high. then i try to set traffic shaping like mehdi and john suggest and the result cpu not quite high,
btw i have another question. i only setup 2 interface with eth3 on v1-untrust and eth4 on v1-trust. i set maximum bandwidth to 5000kbps. and inject only FTP traffic. but why the FTP traffic only takes 1500kbps not 5000kbps ?
OK, I would try to enable "Counting" on the Policy as well. Then login to the WebUI during a transfer, go to the policy, and hit the hour glass icon. This should tell you how much Bandwidth is in use through the Firewall for that Policy.
-John
John Judge JNCIS-SEC, JNCIS-ENT, JNCIA-IDP, JNCIA-JUNOS
If this solves your problem, please mark this post as "Accepted Solution". Kudos are appreciated.
