Engine Editor > General > Layer 2 Settings
Use this branch to configure settings for layer 2 physical interfaces on Single Engines, Engine Clusters, and Virtual Engines.
Option | Definition |
---|---|
Policy for Layer 2 Interfaces |
The Layer 2 Interface Policy that contains rules for traffic detected by layer 2 physical interfaces. All layer 2 physical interfaces on the Secure SD-WAN Engine use the same Layer 2 Interface Policy. If there are no layer 2 physical interfaces, this setting is ignored. |
Layer 2 Interface Settings section | Defines settings for connection tracking on layer 2 physical interfaces. |
Layer 2 Connection Tracking Mode |
When connection tracking is enabled, reply packets are allowed as part of the allowed connection without an explicit Access rule. You can override this engine-specific setting and configure connection tracking for TCP, UDP, and ICMP traffic in Access rules.
|
Inline IPS and Capture Interface Settings section | Defines advanced settings for Inline IPS Interfaces and Capture Interfaces. |
Bypass Traffic on Overload |
When selected, the Secure SD-WAN Engine dynamically reduces the number of inspected connections if the load is too high. Some traffic might pass through without any access control or inspection if this option is selected. Bypassed traffic is not counted when a possible license throughput limit is enforced. The bypass does not affect traffic subject to TLS Inspection. If this option is not selected, the Secure SD-WAN Engine inspects all connections. Some connections might not get through if the engine gets overloaded. |