Bypassing all traffic except for designated hosts in NG Firewall

Overview

NG Firewall supports a bypass feature to enable you to configure rules which exclude certain types of traffic from content inspection. You can read more about bypass rules in this Wiki article. In some cases, you may prefer to bypass all traffic except for specific hosts that you define. You can achieve this with a few rules as described below. 

Configuration

The simplest configuration for this type of policy uses a catchall bypass rule with exceptions for specific hosts in a rule inserted above the catchall. To bypass devices from having their traffic inspected, navigate to your Bypass Rules by going to Config > Network > Bypass Rules. For this scenario, the rules should resemble these:

exclusive-bypass-policy.png

In short, the above rules are telling the NG Firewall to process the three source IP addresses listed ("bypass" is unchecked), while bypassing everything else on the network. This can help alleviate any licensing compliance issues, as well as reducing the load on your NG Firewall.

Follow
Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk