It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SecureEdge

Bridging

  • Last updated on

Bridging lets you expand your local network. Bridges are created by adding interfaces to a bridging group. Multiple bridges can be created. You can create a switch bridge for Private Edge services and sites. Inline bridges are available only for stand-alone sites (HA and non-HA). Using bridges, you can define site-network criteria for the following: ACL Sources/Destinations, Explicit Web Filter Sources, ATP Sources/Destinations, SSL Inspection Sources/Destinations, and IPS Sources/Destinations.

Both Inline and Switch bridges remove VLAN tags from packets if no VLAN is configured on the underlying interfaces. Therefore, to successfully propagate VLAN.x through the bridge, the user must configure VLAN.x on the corresponding underlying interfaces. For example, if a Switch/Inline bridge is set up between interfaces p3 and p4, the firewall will discard all VLAN information for traffic passing through this bridge. For instance, when a DHCP server issues leases on VLAN 100, these leases will not be transmitted across the bridge unless the corresponding interface is explicitly configured for VLAN 100.

Bridge – Used as a Switch

The Barracuda SecureEdge Manager allows you to create a bridge that can act as a switch. You can configure this type of bridge on Private Edge services and sites. The following figures illustrate the configuration of a network with and without a switch bridge on the SecureEdge appliance.

Configuration Without a Switch Bridge

withoutSWBridge_.png

Configuration With a Switch Bridge

se_deployment_switch.png

Note that you must configure the client's IP address in the same network segment.

For more information, see How to Create a Switch Bridge.

Inline Bridging

You can create inline bridges that are available only for stand-alone sites, which includes both HA and non-HA pairs. The following figures illustrate the configuration of an inline bridge with and without a SecureEdge appliance.

Requirements and Limitations 
  • You can have only one inline bridge.

  • For inline bridges, the IP address and the gateway are private IPs.

  • You cannot use a virtual LAN as the WAN interface of an inline bridge.

  • You cannot have a DHCP service with an inline bridge.

  • Access rules for traffic across the bridge will not be exposed in the Cloud UI.

  • A port (such as P2, P3, etc.) can belong only in either a single WAN, LAN, or bridge.

  • Note that WWANs cannot be bridged.

  • Using the bootstrap configuration file, you can configure an inline bridge setup for your stand-alone sites (HA and non-HA). 

Configuration Without SecureEdge Appliance

br_no_se-01.png

Inline Bridge With SecureEdge Appliance

SE-Bridge Inline_01.png

For more information, see How to Create an Inline Bridge on an Existing Stand-Alone Site.

For more information, see How to Create an Inline Bridge on a Stand-Alone Site.