Support Center > Search Results > SecureKnowledge Details
Deploying a Security Gateway in Bridge mode over a Trunk link Technical Level

Referring to the following example configuration:


[SWITCH A] ---------- trunk --------------------------------------------------- trunk ---------- [SWITCH B]


[SWITCH A] ---------- trunk -------- (eth0) [ Security Gateway ] (eth1) ------- trunk ---------- [SWITCH B]


To deploy the Security Gateway in Bridge mode over the Trunk link, as in this example, you have to create a bridge on interface eth0 and interface eth1.

Important: Tag-based VLAN traffic through a bridge is supported from R77.20.60 for SMB Appliances. 

We recommend you disable Anti-Spoofing on bridge interfaces to prevent the need for manual configuration of the entire network per device. To disable Anti-Spoofing, set the global parameter fw_bridge_antispoofing to 0.

[Expert@Hostname]# fw ctl set int fw_bridge_antispoofing 0

Note: this configuration will be lost after the reboot. To set it to be permanent, run:

[Expert@Hostname]# echo "fw_bridge_antispoofing=0">> $FWDIR/modules/fwkern.conf

Note:  fwkern key does not exist starting from R80.20 (the code works, by default) .

Refer to sk101371 - Bridge Mode on Gaia OS and SecurePlatform OS.

Give us Feedback
Please rate this document