UniFi Gateway - Policy Based Routes

Policy Based Routes are a feature found in the Routing section of your Network application that allows you to send traffic to a specific destination such as a WAN port or a VPN Client interface. This feature may also be referred to as Traffic Routes or PBR.

Requirements

Available Options

Policy Based Routes can be configured to:

    • Match an entire LAN network or a specific client device.
    • Send traffic to the secondary WAN port.
    • Match either All or Specific client traffic, such as a geographical region.

Specific traffic can match on the following:

    • IP address + port
    • IP address range
    • Domain name
    • Region

Note: Domain matching requires the client devices to use the UniFi gateway as the DNS server.

Examples

If you want to send specific streaming traffic from your Apple TV to a VPN Client tunnel, create a Policy Based Route with the following options:

  • Type: Specific Traffic
  • Category: Domain Name
  • Domain Name: Add one or more domains used by the streaming service
  • Target: Apple TV
  • Interface: VPN Client

If you want to send all traffic from a Virtual Network to the secondary WAN port, then create a Policy Based Route with the following options:

  • Type: All Traffic
  • Target: Select the Virtual Network name
  • Interface: WAN2 

Frequently Asked Questions

1. I have a TV but it does not support VPNs. Can I use Policy Based Routes to send the TV's traffic over the VPN?
Yes. First configure a VPN Client to a provider of your choice and then add a Traffic Route matching the TV. See the examples section for more information.
2. I am using a secondary failover WAN. Can I use Policy Based Routes to send traffic to this WAN port?
Yes. See the examples section for more information.
Was this article helpful?
70 out of 171 found this helpful