Guidelines and Limitations for Instances
General Guidelines
• A single management center must manage all instances on a chassis, as well as manage the chassis itself.
• For instances, the following features are not supported:
• TLS crypto acceleration
• Clustering
• Management Center UCAPL/CC mode
• Flow offload to hardware
• Primary management of the chassis by CDO cloud-delivered management center and separate
analytics-only management of the chassis by an on-prem management center is not supported. You can
however add CDO-managed instances to an analytics-only on-prem management center.
Management Interface
• No support for a data interface for chassis management; only the dedicated Management interface can
be used
• No DHCP addressing for the Management interface
VLAN Subinterfaces
• This document discusses chassis VLAN subinterfaces only. You can separately create subinterfaces
within the instance.
• If you assign a parent interface to an instance, it only passes untagged (non-VLAN) traffic. Do not assign
the parent interface unless you intend to pass untagged traffic.
• Subinterfaces are supported on Data or Data-sharing type interfaces.
• You can create up to 500 VLAN IDs.
• You cannot use subinterfaces for an inline set or as a passive interface.
• If you use a subinterface for the failover link, then all subinterfaces on that parent, and the parent itself,
are restricted for use as failover links. You cannot use some subinterfaces as failover links, and some as
regular data interfaces.
EtherChannels
• You can configure up to 48 EtherChannels, limited by the number of physical interfaces.
• The EtherChannel can have up to 8 active interfaces.
• All interfaces in the EtherChannel must be the same media type and speed capacity. The media type can
be either RJ-45 or SFP; SFPs of different types (copper and fiber) can be mixed. You cannot mix interface
capacities (for example 1GB and 10GB interfaces) by setting the speed to be lower on the larger-capacity
Multi-Instance Mode for the Secure Firewall 3100
16
Multi-Instance Mode for the Secure Firewall 3100
Guidelines and Limitations for Instances
To Next Page
Loading...
Need help?
General