It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda NextGen Firewall X
Overview Documentation Materials

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Configure a Bridge

  • Last updated on

The Barracuda NextGen Firewall X-Series supports layer 2 bridging of one or more network interfaces to create an aggregated network or to physically separate LAN segments in a flat network structure. Configure Layer 2 bridging to transparently connect two networks.

For example:

  • You can bridge a wireless network with one of your local networks.
  • If you have servers with external IP addresses, you can bridge that traffic with the ISP gateway.

You can not create bridged groups containing dynamic interfaces like DHCP, PPPoE, PPTP or 3G.

After configuring your bridge, create an access rule to allow traffic between both networks. To help you configure the bridge, you can use the pre-installed bridge between ports p1 and p3 and the predefined firewall rule for the bridge.

Step 1. Configure the bridge

Before you begin, verify that least one interface has a static route configured.

 To configure the bridge:

  1. Go to the NETWORK > Bridging page.
  2. Click Add Bridged Group.
  3. Enter a name for the bridge and add the interfaces to be bridged.
  4. Click Save.

Step 2. Create an access rule for the bridge

Create an access rule to allow traffic between the bridged networks. For example, if you are bridging servers with external IP addresses with the ISP gateway, create a rule that only allows traffic on port 443 and port 80 to pass.

  1. Go to FIREWALL > Firewall Rules page.
  2. Click ADD ACCESS RULE to create a new rule.
  3. Specify the settings according to your requirements (see below example: Port p1-Port p3 Bridge).
  4. Click Save.

Verify the order of the access rules. Because rules are processed from top to bottom in the rule set, ensure that you arrange your rules in the correct order. You must especially ensure that your rules are placed above the BLOCKALL rule; otherwise, the rules are blocked. After adjusting the order of rules in the rule set (use 'drag and drop'), click Save Changes.

Port p1-Port p3 bridge

To aid you in evaluation and initial setup, the X-Series Firewall has a pre-installed bridge between ports p1 and p3. You can see the bridge on the NETWORK > Bridging page. The firewall rule that allows all traffic to pass between ports P1 and P3 is called P1-P3-BRIDGE. That rule has the following settings:

ActionSourceDestinationServiceBi-directionalInterface GroupConnection
AllowPort-p1Port-p3AnyYesMatching (matches all interfaces)No SNAT (original source IP address is used)