UniFi Gateway - Traffic and Firewall Rules

UniFi Gateways offer a robust way of implementing security policies to control how traffic flows between local networks and the Internet.

Applying Traffic & Firewall Rules

To implement a Firewall Rule:

  1. Navigate to Settings > Security > Traffic & Firewall Rules.
  2. Determine if you need a Simple or Advanced rule.
    1. Simple rules are great for creating inter-VLAN traffic policies, application-based restrictions, and bandwidth limiting/QoS.
    2. Advanced rules are usually reserved only for situations when policies are specific to traffic using certain ports or protocols. For a detailed look at Advanced Rules, click here.
  3. Select the appropriate Source and Destination
  4. Once added, the rule will be applied and populate the table.

Example Rules

This section includes some examples of basic Traffic & Firewall Rules. For details on implementing network/VLAN and client isolation, such as for public guest networks, click here.

Block Inter-VLAN Routing (Network Isolation)
Enhance security by preventing communication between your default corporate network and any other VLAN you have created (i.e., a guest network).
  • Action: Block
  • Source: [Choose a network]
  • Destination: Local Network
    • Select some or all networks
  • Traffic Direction: Both Directions
  • Schedule: Always
Bandwidth Limit Devices
Prevent guest clients or large application updates from using too much network bandwidth.
  • Action: Speed Limit
  • Source: [Select some or all devices]
  • Destination: App
    • Select an app such as Windows Update
  • Download Limit: 10Mbps
  • Upload Limit: 10Mbps
  • Schedule: Always
Scheduled Application-Based Restrictions
Block certain websites or applications after bedtime.
  • Action: Block
  • Source: [Select a device]
  • Category: App
    • Select an app such as YouTube or Twitch
  • Schedule: Custom
    • Every week from Monday to Friday, 9:00PM to 8:00AM.
Was this article helpful?
332 out of 1064 found this helpful