Focus
Focus
Table of Contents

Bypass Pair

Let us learn about bypass pairs.
Where Can I Use This?What Do I Need?
  • Prisma SD-WAN
  • Active Prisma SD-WAN license
A Bypass Pair is a pair of ports where one port is connected to a LAN network while the second port is connected to a WAN network. Bypass pairs can be configured only for branch ION devices.
Bypass pairs can be of the following types:
  • Hardware Bypass Pair—A pair of ports or ethernet interfaces that can be associated with each other with underlying support for a hardware bypass relay. Hardware Bypass Pairs have strict pairing rules where only certain ports can be paired together.
  • Virtual Bypass Pair—A pair of ports or ethernet interfaces that can be associated with each other without any hardware capabilities. A Virtual Interface (VI) cannot be created on a virtual bypass pair.
Both types of bypass pairs are not allowed on controller interfaces or interfaces that are part of another logical interface. You can break a bypass pair into two individual ports and use the individual ports for configuring sub-interfaces.
Bypass pairs can be configured as per the following:
  • Used for - Internet, Private WAN—One interface of the bypass pair is private WAN facing and can be assigned either a static or dynamic IP address. The other interface of the pair is connected to a LAN network.
  • Used for - Private L2—One interface of the bypass pair is private WAN facing and connects to one or more routers - Core Edge or Peer Edge, and is capable of acting as an Layer 2 interface only. The other interface of the pair is connected to a LAN network. Static or dynamic IP addresses cannot be assigned to this bypass pair.
  • Used for - LAN—The interface is LAN facing and can be connected only to a LAN network. A static or dynamic IP address can be assigned to this interface. The WAN part of the bypass pair is not used. This topology is used for configuring the branch ION device in a cluster for high availability.