How to bypass traffic from filtering

Bypass rules have three great functions:

  1. Prevent traffic from being scanned by the Application Layer-7 filtering provided by modules such as Web Filter, SSL Inspector, Application Control, etc.
  2. Excluding devices from using a license/seat; managing what devices are being filtered/license entitled
  3. Troubleshooting

Bypass rules are located in Config > Network > Bypass Rules tab. By default there are some example rules already created. We always recommend that the rule for port 53 DNS traffic is enabled. It is also highly recommended to created custom rules for any VoIP ports in addition to the template rules for ports 5060 and 4569.

mceclip0.png

 

Bypassing traffic by source

This is the most common method of bypassing traffic. In the example below, all traffic originating from 10.15.0.10 will be bypassed, so this device will not be filtered or counted against your license count.

src_bypass.png

 

Bypassing traffic by destination

This is a common use case for traffic which is sent to a specific destination server, such as a web-hosted VoIP service or external backup platform.

In this example, any traffic which is sent to the server at 3.14.15.92 will be bypassed.

mceclip0.png

 

Additional documentation:

Bypass Rules Wiki - https://wiki.untangle.com/index.php/Bypass_Rules

NG Firewall Rule Creation - https://wiki.untangle.com/index.php/Rules

NG Firewall Rule Syntax - https://wiki.untangle.com/index.php/Untangle_Rule_Syntax

 

 

 

 

 

Follow
Was this article helpful?
5 out of 7 found this helpful
Have more questions? Submit a request

Comments

2 comments

Please sign in to leave a comment.

  • Avatar
    Mahir Maluhar

    Do we need to bypass with IP address or we can bypass with MAC address?

  • Avatar
    MFED ICT

    Are these bypass work both in untangle bridge and router mode?

Powered by Zendesk