Stateful Firewall FAQ

What is the Aviatrix Stateful Firewall?

Aviatrix Stateful Firewall is a feature on the Aviatrix Gateway. It is a L4 stateful firewall that filters network CIDR, protocol, and port on the packet forwarding path.

The stateful firewall allows each individual rule to be defined as Allow, Deny and Force Drop, in addition to a base rule.


Aviatrix recommends that you not use the Stateful Firewall feature in HA pairs because the gateways do not synchronize the firewall state.

Is there a limitation on the number of tags?

There is no limitation on the number of tags.

How do I configure a stateful firewall?

Follow the instructions described here.