Routing and Bridge Interfaces
Security Gateways with a Bridge interface can support Layer 3 routing over non-bridged interfaces. If you configure a Bridge interface with an IP address on a Security Gateway (not on Cluster Members), the Bridge interface functions as a regular Layer 3 interface. It participates in IP routing decisions on the Security Gateway and supports Layer 3 routing.
- Cluster deployments do not support this configuration.
- You cannot configure the Bridge interface to be the nexthop gateway for a route.
- A Security Gateway can support multiple Bridge interfaces, but only one Bridge interface can have an IP address.
- A Security Gateway cannot filter or transmit packets that it inspected before on a Bridge interface (to avoid double-inspection).