[AF] “Packet interception log and pass-through” failed to enable “A maximum of 16 IP Address can be specified”

Problem Description

When the "Packet Interception Log and Passthrough" function is enabled, a message appears stating "A maximum of 16 IP Address can be specified."

772825c0936ed2bce9.png (131.78 KB)

Root cause

When the "Packet Interception and Pass-through" function is enabled, when you enable pass-through for a specified IP through "Set Enable Conditions", a maximum of 16 rows are allowed.
① Take the operation path of the standard version AF7.3 as an example: You can view it in [Maintenance] – [Packet Interception Log and Direct Passthrough].

② Take the operation path example of the standard version AF7.4: You can view it in [System] – [Troubleshooting] – [Packet Interception Log and Direct Connection].

solution

The number of lines in "Direct Through Enable Condition" should not exceed 16, and the IP range should be written in the same IP segment.

Suggestions and Conclusion

When setting the conditions for enabling the pass-through function: do not set more than 16 lines. If there are indeed many addresses that need to be opened for direct access, you can fill Network Segment.

Original Link

https://support.sangfor.com.cn/cases/list?product_id=13&type=1&category_id=537&isOpen=true