faysalji Lv3Posted 26 Apr 2023 17:40
  
The bypass LED on your Sangfor NGAF 5100 indicates the status of the network interface card (NIC) bypass feature. When the bypass LED is on, it means that the NIC bypass feature is enabled, and network traffic can continue to flow even if the firewall is powered off or rebooting.

During the boot process, it's normal for the bypass LED to remain on until the firewall completes its initialization and begins processing network traffic. This should not cause any broadcast storms or other network issues, as long as the interfaces are properly configured and connected to your network.

Regarding your question about configuring two NGAF devices in HA mode, it's important to ensure that both devices are properly configured and synchronized before enabling HA mode. This includes configuring the network interfaces, setting up the synchronization interface, and verifying that the devices can communicate with each other.

During the boot process, one of the NGAF devices will become the active device, while the other remains in standby mode. If the active device experiences any issues during the boot process, the standby device will take over to ensure continuity of service. As long as both devices are properly configured and synchronized, the boot process should not cause any issues with the HA setup.
Zonger Lv5Posted 26 Apr 2023 17:44
  
The bypass LED on your Sangfor NGAF 5100 staying on until the system boots up is expected behavior. It indicates that the device is in bypass mode, meaning that the network traffic is allowed to pass through the device without being inspected by the NGAF's security functions. This is done to ensure that network connectivity is maintained even in the event of a power failure or other hardware failure on the NGAF.

Once the system is fully booted up and the bypass LED turns off, the NGAF will resume normal operation and begin inspecting network traffic for security threats.

Regarding your question about aggregating interfaces eth2 and eth3, the bypass mode should not affect this configuration. Aggregating the two interfaces should not create a broadcast storm, as long as the aggregation is configured properly and the network devices connected to the aggregated interface are also properly configured.

When setting up the two NGAFs in HA mode, it's important to ensure that both devices are fully operational before enabling HA mode. This will help to avoid any potential issues during the boot process, as well as ensure that the two devices are properly synchronized for HA failover.
Raza Islam Lv3Posted 27 Apr 2023 19:01
  
The bypass LED on your NGAF 5100 staying on until the whole system boots up is likely an indication that the device is going through a power-on self-test (POST) process. During this process, the device is checking all its components to make sure they are working correctly before fully booting up. Once the POST process is complete, the device will boot up and the bypass LED should turn off.

Regarding your question about aggregating the interface eth2 and eth3, it is unlikely that doing so would create a storm broadcast. Link aggregation, also known as NIC teaming, allows you to combine multiple network interfaces into a single logical interface. This can improve network performance and provide redundancy in case one interface fails. However, it is important to configure link aggregation properly to avoid network issues such as broadcast storms. If you are unsure about how to configure link aggregation on your  NGAF 5100, you should consult the device's documentation or seek the assistance of a qualified network administrator.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders