How to bypass traffic from filtering

Bypass rules have three great functions:

Prevent traffic from being scanned by the Application Layer-7 filtering provided by modules such as Web Filter, SSL Inspector, Application Control, etc.
Excluding devices from using a license/seat; managing what devices are being filtered/license entitled
Troubleshooting

Bypass rules are located in Config > Network > Bypass Rules tab. By default there are some example rules already created. We always recommend that the rule for port 53 DNS traffic is enabled. It is also highly recommended to created custom rules for any VoIP ports in addition to the template rules for ports 5060 and 4569.

Bypassing traffic by source

This is the most common method of bypassing traffic. In the example below, all traffic originating from 10.15.0.10 will be bypassed, so this device will not be filtered or counted against your license count.

Bypassing traffic by destination

This is a common use case for traffic which is sent to a specific destination server, such as a web-hosted VoIP service or external backup platform.

In this example, any traffic which is sent to the server at 3.14.15.92 will be bypassed.

Additional documentation:

Bypass Rules Wiki - https://wiki.untangle.com/index.php/Bypass_Rules

NG Firewall Rule Creation - https://wiki.untangle.com/index.php/Rules

NG Firewall Rule Syntax - https://wiki.untangle.com/index.php/Untangle_Rule_Syntax

config_network_bypassrulestab.png (50 KB)
src_bypass.png (20 KB)
dst_bypass.png (20 KB)

Have more questions? Submit a request

Comments

2 comments

Please sign in to leave a comment.

Mahir Maluhar October 18, 2018 01:07

Do we need to bypass with IP address or we can bypass with MAC address?

Comment actions Permalink
MFED ICT November 06, 2018 22:05

Are these bypass work both in untangle bridge and router mode?

Comment actions Permalink