Bypass rules have three great functions:
- Prevent traffic from being scanned by the Application Layer-7 filtering provided by modules such as Web Filter, SSL Inspector, Application Control, etc.
- Excluding devices from using a license/seat; managing what devices are being filtered/license entitled
Bypass rules are located in Config > Network > Bypass Rules tab. By default there are some example rules already created. We always recommend that the rule for port 53 DNS traffic is enabled. It is also highly recommended to created custom rules for any VoIP ports in addition to the template rules for ports 5060 and 4569.
Bypassing traffic by source
This is the most common method of bypassing traffic. In the example below, all traffic originating from 10.15.0.10 will be bypassed, so this device will not be filtered or counted against your license count.
Bypassing traffic by destination
This is a common use case for traffic which is sent to a specific destination server, such as a web-hosted VoIP service or external backup platform.
In this example, any traffic which is sent to the server at 220.127.116.11 will be bypassed.
Bypass Rules Wiki - https://wiki.untangle.com/index.php/Bypass_Rules
NG Firewall Rule Creation - https://wiki.untangle.com/index.php/Rules
NG Firewall Rule Syntax - https://wiki.untangle.com/index.php/Untangle_Rule_Syntax