Is there a way to create a vlan allow connected devices (via AP) bypass firewall?
My current SSID in Vlan has a different IP subnet from my home devices. There are times I want to connect devices that totally bypass home firewall. This setup doesn't work. Is there a way to do this?
Step 1You can create a LAN2WAN Firewall rule that matches the device, vlan/subnet you are targeting and just dont enable any of the policies on it, no web, app, ips, etc.
Step 2 (Optional if IP available…
Are you thinking 1:1 NAT for a wireless connected endpoint? Do you have static IPs you can assign? Is this is a home firewall at your residence behind residential internet service? Normally impossible to get a static IPv4, unless your are on a smaller ISP. Whats the use case for this setup?
Hi Matthew. Not sure what is 1:1 NAT. I basically want some devices to be able to bypass firewall for troubleshooting. I'm using home firewall. I only get a public IP address.
Step 2 (Optional if IP available) If you have a "spare" Public IP Address that you can split off and assign (as an alias interface on your WAN), you could NAT that IP completely to the wireless endpoints IP address, so any traffic to "PUBLICIPXX" is NAT'd to "WIRELESSENDPOINT1".
But if you just want to bypass firewall security, follow step 1. If this doesnt achieve what you want, let me know
Thanks Matthew. Will do step 1. I don't have extra public IP though.