How to bypass traffic from filtering

Bypass rules have three great functions:

  1. Prevent traffic from being scanned by the Application Layer-7 filtering provided by modules such as Web Filter, SSL Inspector, Application Control, etc.
  2. Excluding devices from using a license/seat; managing what devices are being filtered/license entitled
  3. Troubleshooting

Bypass rules are located in Config > Network > Bypass Rules tab. By default there are some example rules already created. We always recommend that the rule for port 53 DNS traffic is enabled. It is also highly recommended to created custom rules for any VoIP ports in addition to the template rules for ports 5060 and 4569.


To bypass one host completely from all filtering, two rules are required; one for traffic sourced from that host and another for the traffic destined to that host.

Bypass traffic sourced from


Bypass traffic destined to 


Additional documentation:

Bypass Rules Wiki -

Untangle Rule Creation -

Untangle Rule Syntax -






Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk