Create DoS Bypass Rule

Applicable to Versions: 10.00 onwards

Cyberoam Appliance allows you to bypass DoS rules in case you are sure that a particular source is not a threat to your network. By default, VPN zone traffic is also subjected to DoS inspection. You can bypass DoS inspection of the traffic coming from certain hosts of VPN zone.

 

In this article, we will be creating a rule to bypass DoS inspection for traffic from DNS Server (192.178.1.2).

 

The configuration is to be done using Web Admin Console using “Administrator” profile.

 

To add a DoS Bypass Rule:

 

1.     Go to Firewall à DoS à Bypass Rules.
 

2.     Click ‘Add’. The following screen appears.
 
 
 

Parameters

Description

Source IP/Netmask

Specify IP/Netmask of Source

Specify * if you want to bypass entire network

Destination IP/Netmask

Specify IP/Netmask of Destination

Specify * if you want to bypass entire network

Protocol

Select protocol whose traffic is to be bypassed if generated from the specified source to destination.

 

For example, if you select TCP protocol then DoS rules will not be applied on the TCP traffic from the specified source to destination.

Source Port

Specify Port Number for Source.

Specify * if you want to bypass entire network

Destination Port

Specify Port Number for Destination.

Specify * if you want to bypass entire network
 
  
3.     Click OK to add a new DoS Bypass Rule.

                                                                                                                                                       Document version: 1.0- 22/08/2011