We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure Layer 2 Bridging

  • Last updated on

The firewall supports Layer 2 bridging of one or more network interfaces in order to create an aggregated network or to physically separate LAN segments in a flat network structure. Configure Layer 2 bridging to transparently connect two networks.

For example:

  • You can bridge a wireless network with one of your local networks.
  • If you have servers with external IP addresses, you can bridge that traffic with the ISP gateway.

You cannot create bridged groups containing dynamic interfaces like DHCP, PPPoE, PPTP, or WWAN.

After configuring your bridge, create an access rule to allow traffic between both networks. To help you configure the bridge, you can use the pre-installed bridge between ports p1 and p3 and the predefined firewall rule for the bridge.

Step 1. Configure the Bridge

Before you begin, verify that least one interface has a static route configured.

  1. Go to NETWORK > Bridging.
  2. Click Add Bridged Group.
  3. Enter a name for the bridge and add the interfaces to be bridged.
  4. Click Save .

Step 2. Create an Access Rule for the Bridge

Create an access rule to allow traffic between the bridged networks. For example, if you are bridging servers with external IP addresses with the ISP gateway, create a rule that allows traffic only on port 443 and port 80 to pass.

  1. Go to FIREWALL > Firewall Rules.
  2. Click ADD ACCESS RULE to create a new rule.
  3. Specify the settings according to your requirements (see below example: Port p1-Port p3 Bridge).
  4. Click Save.

Verify the order of the access rules. Because rules are processed from top to bottom in the ruleset, ensure that you arrange your rules in the correct order. Verify that your rules are placed above the BLOCKALL rule; otherwise, the rules are blocked. After ordering of rules in the ruleset via drag-and-drop, click Save Changes.

Port p1-Port p3 Bridge

To assist in evaluation and initial setup, the firewall has a pre-installed bridge between ports p1 and p3. You can see the bridge on the NETWORK > Bridging page. The firewall rule that allows all traffic to pass between ports P1 and P3 is called P1-P3-BRIDGE. That rule has the following settings:

Action Source Destination Service Bi-Directional Interface Group Connection
Allow Port-p1 Port-p3 Any Yes Matching (matches all interfaces) Original Source IP (the original source IP address is used)
Last updated on