Fonic Bypass

The 2530 / 2550 wired model has a FONIC (Fail Open Network Interface Card) bypass mechanism implemented between the WAN and LAN6 ports.

The Bypass mechanism has three options:

  1. BYPASS Disable - Always disable.

  2. BYPASS Enable - Always enable.

  3. Active Mode - Automatically activated when of these occurs:

    • Power to the appliance is down.

    • There is a critical software failure (using watchdog logic).

These are the three Bypass mechanism modes:

  • Active - The connection between WAN and LAN6 ports work as a normal system interface and drive data through the appliance, as long as the power is on and the software is valid. If the appliance power is off or the software has a critical problem that prevents it from maintaining a keep-alive mechanism, the Bypass circumvents the WAN and LAN6 port connection and traffic bypasses the appliance.

  • Force-bypass - "Bypass". The connection between the WAN and LAN6 port is forcibly bypassed and the traffic bypasses the appliance regardless of the software status.

  • Force-disable-bypass - "Bypass". The connections between the WAN and LAN6 port is over the switch.

To switch between Bypass-mechanism modes:

  • Use Clish or WebUI (see below for details).

    Or

  • Use the Bypass push button on the side of the 2530 / 2550 appliance.

    In Active mode, pressing the button for more than 5 seconds switches the mode to Force-Bypass.

    In Force-Bypass mode pressing the button for more than 5 seconds, switches the mode to Active.

The Bypass LED indicates the current bypass status when power is on. When the LED is on, Bypass is activated. If the LED is off, Bypass is off.

Note - When using the button to switch modes, the status will not be saved in the configuration and the mode will switch back to the UI configured mode after a reset or power down.

When the mode is set to Active: After power is restored or after a reset, the appliance reboots and the system maintains the bypass between the WAN/LAN6 ports until the Security Policy is activated. Once the Security Policy is activated, the system will set the Bypass to the mode configured by UI.

When the mode is set to Bypass: After power is restored or a hardware/software reset, the WAN-LAN6 port connection is still bypassed until you reconfigure the mode and the software system is valid.

When the mode is set to disable: Always disable between the WAN/LAN6 ports.

Even after reset, or power cycle.

Configuring Bypass mode in the WebUI

  1. Go to DeviceAdvanced Settings.

  2. In the search field, enter "fonic."

  3. The Fonic settings - Mode attribute appears. Double-click the attribute name.

  4. In the attribute window that opens, select or clear the checkbox to change the mode from Active to Bypass mode.

  5. Click Save.

Configuring Bypass mode in Gaia Clish

To display the current (Fonic) Bypass configured mode:

show fonic-settings advanced-settings

To switch between Active and Bypass mode:

set fonic-settings advanced-settings mode
      bypass   - Bypass
      disabled - Disabled
      active   - Active