poster responsive.635b5f29

Easily Manage Local Traffic in UniFi

By default, UniFi gateways allow traffic from anywhere to all. While this is easy for a basic setup, you may want to block certain networks from access other networks in your environment.

In my environment, I have my default LAN (trusted devices), IoT VLAN (smart cameras, TVs, smart bulbs) and Guest VLAN. I do not want the IoT and Guest VLANs to be able to get over to my LAN network in case of an exploited device.

There are a ton of videos out there showing how you can manage this sort of thing and more often that not, those videos are 20 minutes long and have a million unecessary steps. In this article, I’ll show you how to make this super easy.

In this instance, I am using a UDM Pro running UniFi OS 3.0.20.

Log into your UniFi gateway and head over to the Settings menu:


Click on Traffic Management to bring up the new “firewall rules”

image 2

Click on “Create New” under Rules

image 3

I am going to create a rule to block the IoT and Guest networks from accessing the LAN.

image 9

So in this case, we are saying the anything on the IoT and Guest networks is not allowed to go over to the LAN side at all times of the day.

The “Rules” under Traffic Management is really powerful, you can use domains, apps, networks, IPs and more as a way to manage traffic inside your network environment.

Similar Posts