Bypassing all traffic except for designated hosts in NG Firewall


NG Firewall supports a bypass feature to enable you to configure rules which exclude certain types of traffic from content inspection. You can read more about bypass rules in this Wiki article. In some cases, you may prefer to bypass all traffic except for specific hosts that you define. You can achieve this with a few rules as described below. 


The simplest configuration for this type of policy uses a catchall bypass rule with exceptions for specific hosts in a rule inserted above the catchall. To bypass devices from having their traffic inspected, navigate to your Bypass Rules by going to Config > Network > Bypass Rules. For this scenario, the rules should resemble these:


In short, the above rules are telling the NG Firewall to process the three source IP addresses listed ("bypass" is unchecked), while bypassing everything else on the network. This can help alleviate any licensing compliance issues, as well as reducing the load on your NG Firewall.

Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk