Adding routes for IPS engines and Layer 2 Firewalls

Typically, only a default route through a Normal Interface is needed for IPS engines and Layer 2 Firewalls.

You might need to define a default route through a Normal Interface if Secure SD-WAN Manager components are not on a directly connected network or if the Engine opens connections to a network that is not directly connected. You might need to add additional routes if one or more Secure SD-WAN Manager components are not directly connected and cannot be reached through the default gateway. Capture Interfaces and Inline Interfaces on IPS engines and Layer 2 Firewalls do not have IP addresses. It is not possible to configure routing for these interfaces. You do not need to define routes if an IPS engine or Layer 2 Firewall communicates only in its local IP network.