How to bypass traffic from filtering

Bypass rules have three great functions:

  1. Prevent traffic from being scanned by the Application Layer-7 filtering provided by modules such as Web Filter, SSL Inspector, Application Control, etc.
  2. Excluding devices from using a license/seat; managing what devices are being filtered/license entitled
  3. Troubleshooting

Bypass rules are located in Config > Network > Bypass Rules tab. By default there are some example rules already created. We always recommend that the rule for port 53 DNS traffic is enabled. It is also highly recommended to created custom rules for any VoIP ports in addition to the template rules for ports 5060 and 4569.



Bypassing traffic by source

This is the most common method of bypassing traffic. In the example below, all traffic originating from will be bypassed, so this device will not be filtered or counted against your license count.



Bypassing traffic by destination

This is a common use case for traffic which is sent to a specific destination server, such as a web-hosted VoIP service or external backup platform.

In this example, any traffic which is sent to the server at will be bypassed.



Additional documentation:

Bypass Rules Wiki -

NG Firewall Rule Creation -

NG Firewall Rule Syntax -






Was this article helpful?
5 out of 7 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

  • Avatar
    Mahir Maluhar

    Do we need to bypass with IP address or we can bypass with MAC address?

  • Avatar

    Are these bypass work both in untangle bridge and router mode?

Powered by Zendesk