Hi CheckMates,

Condition-based on topology (Single TE1000X, with 4-Port Bypass Interface & 1 LACP MTA port), please refer to below images :

1. All 3 switches are in L3 mode with OSPF equal cost, meaning traffic will be asymmetric. Cannot using link bonding.
2. Position of Anti Spam in DMZ, and mail server in DC.

I have 2 problems:
1. Regarding condition 1 above, when we put TE as bridging we found 3 (Three) log that we suspect causing network slow.
- TCP packet out of state First packet isn't Sync
- TCP segment out of maximum allowed sequenced. Packet dropped.
- ICMP reply does not match a previous request

2. Traffic from anti-spam to mail server already inspected by bridged interfaces instead of MTA.

Action :
1. I already disabled TCP packet out of state First packet isn't Sync on Global Properties and expert mode. Log already not show anymore after that.

2. I already allow TCP segment out of maximum allowed sequenced on inspection setting. But log still shows these messages.

3. We also already disabled ICMP reply does not match a previous request on Global Setting and expert mode but log still shows these messages too.

Could anybody please give me suggestion for :

1. How to deploy this TE with bridge mode with this condition?
2. How to bypass SMTP traffic from anti-spam to mail server on bridged mode because when there is double-checking Threat Emulation traffic will be drop. Or any best practice for this condition?

Thank you CheckMates.