This section explains how to use a previously configured IP group in a WAF Allowlist for making all requests from IPs in the IP group bypass WAF checks.

Prerequisites

An IP Group with the list of IP addresses that need to be bypassed by WAF must be created. For more information on creating an IP Group, see IP Group topic in the VMware Avi Load Balancer Configuration Guide.

Procedure

  1. Select the previously created IP group as the value for the Match option while creating a new Allowlist Rule.


  2. Select the desired action and save the WAF Allowlist, as shown below.


  3. The above screen shows an Allowlist Rule using IP group. Action is set to BYPASS for any client IP address that is part of the IP address group created in the previous step.