UniFi Gateway Consoles WiFi Switching Camera Security New Integrations Accessory Tech Identity
UISP
Support Dropdown arrow
Store Search
User
Help Center UniFi Help Articles UISP Help Articles Community UniFi Design Center UISP Design Center Contact Support Tech Specs
Sign Up UniFi Portal
Ubiquiti Logo Ubiquiti Logo
User User
Log In Sign Up UniFi Portal
UniFi Gateway Consoles WiFi Switching Cameras & Security New Integrations Accessory Tech Identity UISP Store Search

Support

Help Center UniFi Help Articles UISP Help Articles Community Contact Support Tech Specs

Social

Facebook Twitter Youtube Instagram

Company

Careers Contact Us Investors

Training

Courses Calendar Trainers Become a Trainer

Tools

WiFiman UniFi Design Center UISP Design Center
  1. Ubiquiti Support and Help Center
  2. UniFi
  3. Gateway & Routing
Help Center
Back to Top

UniFi Gateway - Traffic Rules

2023-09-22 20:36:13 UTC

Use Traffic Rules as a next-generation Firewall that is capable of advanced security filtering to Block, Allow, or Speed Limit specific traffic.

Common use cases for Traffic Rules are:

  • Parental Controls: Block specific apps / websites at specific times.
  • Speed Limit: Set download and upload limits for specific clients.
  • Domain Filtering: Prevent clients from accessing specific domains.
  • Network Isolation: Prevent clients on different LAN networks from communicating with each other.

Requirements

A Next-Gen UniFi gateway or UniFi Cloud Gateway

Available Options

Traffic Rules can be configured to:

  • Block, Allow or Speed Limit traffic.
  • Match an entire LAN network or a specific client device.
  • Match specific traffic categories such as an App or Domain.
  • Be always active or on a schedule.

Specific traffic can match on the following categories:

  • App
  • App Group
  • Domain Name
  • IP address + port
  • IP address range
  • Region
  • Internet
  • Local Network

Note: Domain matching requires the client devices to use the UniFi gateway as the DNS server.

Examples

Block Inter-VLAN Routing (Network Isolation)
Enhance security by preventing communication between your default corporate network and a guest network.
  • Action: Block
  • Category: Local Network
  • Local Network: Default
  • Traffic Direction: Traffic from all local networks
  • On: One or more virtual network(s)
  • Schedule: Always
Bandwidth Limit Devices
Prevent guest clients or large application updates from using too much network bandwidth.
  • Action: Speed Limit
  • Category: App
    • Select an app such as Windows Update
  • Download Limit: 10Mbps
  • Upload Limit: 10Mbps
  • On: PC
  • Schedule: Always
Scheduled Blocking & Parental Controls
Block certain websites or applications after bedtime.
  • Action: Block
  • Category: App
    • Select an app such as YouTube or Twitch
  • On: iPad
  • Schedule: Every week from Monday to Friday from 9:00PM to 8:00AM.

Frequently Asked Questions

1. How do Traffic Rules differ from Firewall Rules?

Firewall Rules are generally used to match on specific ports and IP addresses.
Traffic Rules can match on categories such as an App or Domain and allow you to filter traffic in an intuitive and streamlined way.

2. I want to block traffic between my LAN networks. Should I use Firewall or Traffic Rules?

It is recommended to use Traffic Rules for this purpose. Traditionally, several different Firewall Rules would be used to block or allow traffic between multiple networks. With Traffic Rules, this same configuration can be achieved in just a few clicks.
See the examples section for more information.

3. I want to block certain websites past my child's bedtime. Can I use Traffic Rules for this?

Yes. Traffic Rules allow you to configure schedules to block specific Apps.
See the examples section for more information.

4. A certain client is taking up all my bandwidth. Can I use Traffic Rules to limit this?

Yes. Either Speed Limit all Internet traffic from this client or match on specific App(s) that are taking up the most bandwidth.
See the examples section for more information.
Was this article helpful?
163 out of 543 found this helpful