Techie Rambles

Thoughts, tips, tricks and fixes for the IT person in you
https://www.techierambles.com/community/

Unifi Firewall Rules

https://www.techierambles.com/community/viewtopic.php?t=10

Page 1 of 1

Unifi Firewall Rules

Posted: Sat Sep 21, 2024 4:54 pm
by Kailey
Posting here for referencing when working with Ubiquiti firewalls.

WAN Network
  • WAN Local Applies to IPv4 traffic that is destined for the UDM/USG itself on the WAN network (default drop).
  • WAN In Applies to IPv4 traffic that enters the WAN (ingress), destined for other networks (default drop).
  • WAN Out Applies to IPv4 traffic that exists the WAN (egress), destined for other networks (default accept).
  • WAN v6 Local Applies to IPv6 traffic that is destined for the UDM/USG itself on the WAN network (default drop).
  • WAN v6 In Applies to IPv6 traffic that enters the WAN (ingress), destined for other networks (default drop).
  • WAN v6 Out Applies to IPv6 traffic that exists the WAN (egress), destined for other networks (default accept).
LAN Network
  • LAN Local Applies to IPv4 traffic that is destined for the UDM/USG itself on the LAN network (default accept).
  • LAN In Applies to IPv4 traffic that enters the LAN (ingress), destined for other networks (default accept).
  • LAN Out Applies to IPv4 traffic that exists the LAN (egress), destined for this network (default accept).
  • LAN v6 Local Applies to IPv6 traffic that is destined for the UDM/USG itself on the LAN network (default accept).
  • LAN v6 In Applies to IPv6 traffic that enters the LAN (ingress), destined for other networks (default accept).
  • LAN v6 Out Applies to IPv6 traffic that exists the LAN (egress), destined for this network (default accept).
Guest Network
  • Guest Local Applies to IPv4 traffic that is destined for the UDM/USG itself on the Guest network (default drop). Allows certain services/such as DNS and DHCP.
  • Guest In Applies to IPv4 traffic that enters the Guest network (ingress), destined for other networks (default accept). Drops traffic to other LAN (Corporate) networks.
  • Guest Out Applies to IPv4 traffic that exists the Guest network (egress), destined for this network (default accept).
  • Guest v6 Local Applies to IPv6 traffic that is destined for the UDM/USG itself on the Guest network (default drop). Allows certain services/such as DNS and DHCP.
  • Guest v6 In Applies to IPv6 traffic that enters the Guest network (ingress), destined for other networks (default accept). Drops traffic to other LAN (Corporate) networks.
  • Guest v6 Out Applies to IPv6 traffic that exists the Guest network (egress), destined for this network (default accept).
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited