Exclude one internal IP from all checks
little question, is there a simple solution to temporarily exclude one internal ip (one computer) to absolutely all cheks (packet rules, policy etc...)?
without having to create exceptions in each packet rules/proxy?
the idea would be to have a "rule" that I could activate on demand to bypass anything that might slow down or block outgoing traffic (for ALL protocols, not only TCP and UDP) , so I could run tests as if my computer were connected directly to the isp router, without going through the firebox.
(of course, the hardware limitations imposed by the firebox still remain).
for example, to test the "real" speed of the isp's box without the speed limitations caused by the firebox's antivirus scan, or testing VPN (GRE protocols & co).
I thought of something like putting an unused interface in dmz, and using a vlan to connect my pc to this dmz, but it's not the easiest thing to do
my main problem is that it's a remote site, and I'd like to avoid having to move every time I need to check that a problem isn't caused by a firebox setting by bypassing it.