Support Center > Search Results > SecureKnowledge Details
Deploying a Security Gateway in Bridge mode over a Trunk link
Solution

Referring to the following example configuration:

Before:

[SWITCH A] ---------- trunk --------------------------------------------------- trunk ---------- [SWITCH B]

After:

[SWITCH A] ---------- trunk -------- (eth0) [ Security Gateway ] (eth1) ------- trunk ---------- [SWITCH B]

 

To deploy the Security Gateway in Bridge mode over the Trunk link, as in this example, you have to create a bridge on interface eth0 and interface eth1.


Important: Tag-based VLAN traffic through a bridge is supported from R77.20.60 for SMB Appliances. 

We recommend you disable Anti-Spoofing on bridge interfaces to prevent the need for manual configuration of the entire network per device. To disable Anti-Spoofing, set the global parameter fw_bridge_antispoofing to 0.

[Expert@Hostname]# fw ctl set int fw_bridge_antispoofing 0

Note: this configuration will be lost after the reboot. To set it to be permanent, run:

[Expert@Hostname]# echo "fw_bridge_antispoofing=0">> $FWDIR/modules/fwkern.conf

 


Refer to sk101371 - Bridge Mode on Gaia OS and SecurePlatform OS.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment