Create a Network Bridge Configuration
To use a network bridge on an XTMv virtual machine on ESXi, you must enable promiscuous mode on the attached virtual switch (vSwitch) in VMware. You cannot use a network bridge on an XTMv virtual machine on Hyper-V, because Hyper-V virtual switches do not support promiscuous mode.
Before You Begin
If you want to change the interface that you use to manage the device to a bridge, make sure the device has at least one other interface that you can use to connect to with the Web UI for management. If you want to use the web UI to change an interface to a bridge interface, you must connect to a different interface to make this change.
Do not change the interface that you are currently connected to with the web UI to a bridge interface. This causes you to immediately lose the management connection to the device.
Use these steps to change the trusted or optional interface you use for management to a bridge interface:
- Configure another trusted or optional interface to use as a temporary management interface.
- Connect the management computer to the new interface, and log in to the Web UI.
- Change the original management interface to a bridge interface, and configure a LAN bridge that includes this interface.
- Connect the management computer to the original management interface.
- Disable the temporary management interface.
Step 3 is described in more detail in the subsequent sections.
Configure a Bridge Interface
Before you can configure a bridge in the Web UI, you must set one or more physical or wireless interfaces to type Bridge.
To set a physical interface to type Bridge:
- Select Network > Bridge.
The Bridge page appears. Bridge interfaces are listed at the top of the page.
- To configure an interface as type Bridge, click Configure.
- The network Interfaces page appears.
- Select the interface you want to use as a bridged interface. We recommend that you select an interface not currently in use.
If you change the interface you used to connect to the Web UI to a bridge interface, you immediately lose your connection to the Web UI, and must use a different configured interface to reconnect.
- Click Configure.
- Set the Interface Type to Bridge.
- Repeat Steps 4 and 5 for each interface you want to bridge.
- Click Save.
Before you can add a wireless access point (Access Point 1, Access Point 2, or Access Point 3) to a bridge, you must first set the Interface Type in the wireless access point settings to Bridge. For more information, see Enable Wireless Connections (Fireware XTM OS v11.9.x and Higher).
Wireless interfaces are numbered ath1, ath2, and ath3. For more information about wireless interface numbers, see About Network Interface Setup.
Create the Bridge
After you configure at least one bridge interface, you can create the bridge.
- Select Network > Bridge.
The Bridge page appears.
- Click Add.
- On the Bridge Settings tab, type a Name and Description (optional) for the bridge configuration.
- Select a Security Zone from the drop-down list and type an IP Address in slash notation for the bridge.
The bridge is added to the alias of the security zone you specify.
- To add network interfaces, select the check box adjacent to each network interface you want to add to the bridge configuration.
- To configure DHCP settings, select the DHCP tab. From the DHCP Mode drop-down list, select DHCP Server or DHCP Relay.
For more information on DHCP configuration, see Configure IPv4 DHCP in Mixed Routing Mode or Configure DHCP Relay.
- If you want to add secondary networks to the bridge configuration, select the Secondary tab.
Type an IP address in slash notation and click Add.
For more information on secondary networks, see Add a Secondary Network IP Address.
- To configure a bridge to use IPv6, select the IPv6 tab.
For information about IPv6 settings, see Enable IPv6 for a Trusted or Optional Interface.
- Click Save.
About LAN Bridges
Assign a Network Interface to a Bridge