Link Search Menu Expand Document

System Information

Administration > Software > Upgrade > System Information

You can manage system information with templates (except for Deployment Mode, which is an appliance-specific configuration). To change a Deployment Mode, navigate to Configuration > Networking > Deployment.

When you click the Edit icon next to a specific appliance, the following two screens are available:

System Summary

img

System Settings

img

The following table describes the properties and configuration options available in these templates.

Property KeyDescription
Active ReleaseSpecifies the software release the appliance is running.
Allow WAN to WAN routingRedirects inbound LAN traffic back to the WAN.
Always send pass-through traffic to original senderIf the tunnel goes down when using WCCP and PBR, traffic that was intended for the tunnel is sent back the way it came.
Appliance IDUnique identifier for the appliance.
Appliance KeyOrchestrator assigns and uses this key to identify the appliance.
Appliance ModelSpecific EC, EC-V, NX, VX, or VRX model.
Auto Flow Re-ClassifySpecifies how often to do a policy lookup.
BIOS VersionVersion of BIOS firmware that the appliance is using.
Bridge Loop TestOnly valid for virtual appliances. When enabled, the appliance can detect bridge loops. If it detects a loop, the appliance stops forwarding traffic and raises an alarm. Appliance alarms include recommended actions.
Configured Media TypeIs either ram and disk (VX) or ram only (VRX). Can be changed for special circumstances if recommended by Support.
Connection TypeMethod that Orchestrator uses to communicate with the appliance. Options are WEBSOCKET, PORTAL, and HTTP.
Contact EmailEmail address of the person to contact within your organization (optional).
Contact NameName of the person to contact within your organization (optional).
Discovery MethodSpecifies how Orchestrator discovered the appliance:

PORTAL: Orchestrator discovered the appliance through the portal account.

MANUAL: The appliance was added manually.

APPLIANCE: The Orchestrator IP address was added to the appliance. Portal was not involved.
Enable default DNS lookupAllows the appliance to snoop the DNS requests to map domains to IP addresses. This mapping then can be used in ACLs for traffic matching.
Enable Health checkActivates pinging of the next hop router.
Enable HTTP/HTTPS snoopingEnables a more granular application classification of HTTP/HTTPS traffic by inspection of the HTTP/HTTPS header, Host. This is enabled by default.
Enable IGMP snoopingIGMP snooping is a common Layer 2 LAN optimization that filters the transmit of multicast frames only to ports where multicast streams have been detected. Disabling this feature floods multicast packets to all ports. IGMP snooping is recommended and enabled by default.
Encrypt data on diskEnables encryption of all the cached data on the disks. Disabling this option is not recommended.
Excess flow policySpecifies what happens to flows when the appliance reaches its maximum capacity for optimizing flows. The default is to bypass flows. Or, you can choose to drop the packets.
Flows and tunnel failureIf there are parallel tunnels and one fails, Dynamic Path Control determines where to send the flows. There are three options:

fail-stick: When the failed tunnel comes back up, the flows do not return to the original tunnel. They stay where they are.

fail-back: When the failed tunnel comes back up, the flows return to the original tunnel.

disable: When the original tunnel fails, the flows are not routed to another tunnel.
Hold down countIf the link has been declared down, this specifies how many successful ICMP echoes are required before declaring that the link to the next hop router is up.
Hub Site?Specifies whether the appliance has been assigned the role, Hub, in Orchestrator.
IntervalSpecifies the number of seconds between each ICMP echo sent.
IP Directed BroadcastAllows an entire network to receive data that only the target subnet initially receives.
IP Id auto optimizationEnables any IP flow to automatically identify the outbound tunnel and gain optimization benefits. Enabling this option reduces the number of required static routing rules (route map policies).
IPSec UDP PortSpecifies the port that Orchestrator uses to build IPSec UDP tunnels. If the field is blank, Orchestrator uses the default.
LocationAppliance location, optionally specified during appliance setup.
Maintain end-to-end overlay mappingEnforces the same overlay to be used end-to-end when traffic is forwarded on multiple nodes.
Maximum TCP MSSMaximum Segment Size. The default value is 9000 bytes. This ensures that packets are not dropped for being too large. You can adjust the value (500 to 9000) to lower a packet’s MSS.
Media TypeDisplays the actual media being used.
ModeSpecifies the appliance’s deployment mode: Server, Router, or Bridge.
ModelSpecific EC, EC-V, NX, VX, or VRX model.
NAT-T keep alive timeIf a device is behind a NAT, this specifies the rate at which to send keep alive packets between hosts to keep the mappings in the NAT device intact.
Non-accelerated TCP Flow TimeoutSpecifies how long to keep the TCP session open after traffic stops flowing. The default is 1800 seconds (30 minutes).
PlatformUnderlying cloud platform on which the EdgeConnect appliance runs, such as Amazon EC2, Azure, Google Cloud, or VMware.
Quiescent tunnel keep alive timeSpecifies the rate at which to send keep alive packets after a tunnel has become idle (quiescent mode). The default is 60 seconds.
RegionUser-assigned name created for segmenting topologies and streamlining the number of tunnels created. When regions contain at least one hub, you can choose to connect regions through hubs only.
Retry countSpecifies the number of ICMP echoes to send without receiving a reply before declaring that the link to the WAN next hop router is down.
Serial / Serial NumberSerial number of the appliance.
Shell Access StatusSpecifies the current shell access policy for EdgeConnect appliances.

Open Shell Access: Full access granted to the underlying Linux operating system shell.

Secure Shell Access: Access denied to the shell, but Support can grant access. Contact Support for assistance. You cannot change this setting to Open Shell Access.

Disabled Shell Access: Access permanently denied to the shell. You cannot change this setting to Open Shell Access or Secure Shell Access.

This setting is managed on the Advanced Security Settings page (Configuration > Overlays & Security > Security > Advanced Security Settings). Changes to this setting affect all appliances in your network.
Site NameOrchestrator will not build tunnels between appliances with the same user-assigned site name.
SSL optimization for non-IPSec tunnelsSpecifies whether the appliance should perform SSL optimization when the outbound tunnel for SSL packets is not encrypted (for example, a GRE or UDP tunnel). To enable Network Memory for encrypted SSL-based applications, you must provision server certificates in Orchestrator. This activity can apply to the entire distributed network of EdgeConnect appliances or just to a specified group of appliances.
System BandwidthAppliance’s total outbound bandwidth, determined by appliance model or license.
TCP auto optimizationEnables any TCP flow to automatically identify the outbound tunnel and gain optimization benefits. Enabling this option reduces the number of required static routing rules (route map policies).
Tunnel Alarm Aggregation ThresholdSpecifies the number of alarms to allow before alerting the tunnel alarm.
UDP flow timeoutSpecifies how long to keep the UDP session open after traffic stops flowing. The default is 120 seconds (2 minutes).
UptimeTime elapsed since the appliance became operational and available.

Back to top

© Copyright 2022 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.