UniFi Gateway - Traffic and Firewall Rules
UniFi Gateways offer a robust way of implementing security policies to control how traffic flows between local networks and the Internet.
Applying Traffic & Firewall Rules
To implement a Firewall Rule:
- Navigate to Settings > Security > Traffic & Firewall Rules.
- Determine if you need a Simple or Advanced rule.
- Simple rules are great for creating inter-VLAN traffic policies, application-based restrictions, and bandwidth limiting/QoS.
- Advanced rules are usually reserved only for situations when policies are specific to traffic using certain ports or protocols. For a detailed look at Advanced Rules, click here.
- Select the appropriate Source and Destination.
- Once added, the rule will be applied and populate the table.
Example Rules
This section includes some examples of basic Traffic & Firewall Rules. For details on implementing network/VLAN and client isolation, such as for public guest networks, click here.
Block Inter-VLAN Routing (Network Isolation)
Enhance security by preventing communication between your default corporate network and any other VLAN you have created (i.e., a guest network).
- Action: Block
- Source: [Choose a network]
-
Destination: Local Network
- Select some or all networks
- Traffic Direction: Both Directions
- Schedule: Always
Bandwidth Limit Devices
Prevent guest clients or large application updates from using too much network bandwidth.
- Action: Speed Limit
- Source: [Select some or all devices]
-
Destination: App
- Select an app such as Windows Update
- Download Limit: 10Mbps
- Upload Limit: 10Mbps
- Schedule: Always
Scheduled Application-Based Restrictions
Block certain websites or applications after bedtime.
- Action: Block
- Source: [Select a device]
-
Category: App
- Select an app such as YouTube or Twitch
-
Schedule: Custom
- Every week from Monday to Friday, 9:00PM to 8:00AM.