Example of how to put an IP address in the allow list in UTM web protection. The following sections are covered:
Applies to the following Sophos products and versions Sophos UTM
Exceptions allow you to globally bypass selected web protection functions, such as authentication, or anti-virus scanning. It is possible to add an exception based on an IP address, but only when the URL is accessed via IP address.
For example, IP address exceptions work when the user visits http://184.108.40.206. However, IP address exceptions do not work when the user visits http://www.google.com.
To exclude a specified IP address, simply add the IP to the exceptions as follows:
It's not currently possible to exclude a range of IP addresses using CIDR format. However, you can exclude IP ranges by using regular expressions. For example, to exclude a /16 range:
For more information on using regular expressions in exclusions, please see this article:
Regular Expressions for Defining URL Patterns in Sophos UTM
If using transparent mode web filtering, you can use the skip list to completely bypass traffic from the proxy, using Network definitions. Network definitions can be based on IP addresses, network ranges, DNS hosts, etc.
For example, you can exclude a network definition containing the 220.127.116.11/16 range. This definition will be completely bypassed from the proxy, regardless of whether the user accesses it via hostname or IP address.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.